ospeng05
asked on
Stop / remove / prevent Net Boot - Image deployment (rootkit or virus)
I am unable to clean install any version of Windows or Linux. It appears that the operating system net boots / vlan boots ahead of any boot options available to me. Once an operating system is installed, it begins downloading and installing various packages (.Net, C++, Visual Runtime, Ect). Files and packages from Win XP through Win 10. It remotes the Registry, changes my administrator access to less than complete, and on and on, and on. I digress... For now I will be thrilled if anyone can help me with the Net Booting issue.
Pasting in uefi_vars for reference;
Boot variables are allowed on this system
***
Boot variables information:
***
---- 2 ----
Description: Hard Drive
Path: Unknown
GUID: Unknown
Partition number: Unknown
Begin: Unknown
Partition Size: Unknown
----------------
Additional data:
00041h 0004Dh 00047h 0004Fh 00041h 0004Dh 0004Eh 0004Fh 000B5h 00000h 00000h 00000h 00001h 00000h 00000h 00000h 0006Fh 00000h 00053h 00000h 00053h 00000h 00044h 00000h 00032h 00000h 00053h 00000h 00043h 00000h 00032h 00000h 00034h 00000h 00030h 00000h 00047h 00000h 00033h 00000h 0004Ch 00000h 00043h 00000h 00037h 00000h 00030h 00000h 00039h 00000h 00042h 00000h 00031h 00000h 00032h 00000h 00031h 00000h 0002Dh 00000h 00034h 00000h 00036h 00000h 00030h 00000h 00050h 00000h 00000h 00000h 00005h 00001h 00009h 00000h 00002h 00000h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00002h 00001h 0000Ch 00000h 000D0h 00041h 00003h 0000Ah 00000h 00000h 00000h 00000h 00001h 00001h 00006h 00000h 00000h 00011h 00003h 00012h 0000Ah 00000h 00000h 00000h 000FFh 000FFh 00000h 00000h 0007Fh 000FFh 00004h 00000h 00001h 00004h 0003Eh 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 0004Eh 00000h 00050h 00000h 00032h 00000h 00059h 00000h 00031h 00000h 00031h 00000h 00030h 00000h 00034h 00000h 00030h 00000h 00030h 00000h 00035h 00000h 00030h 00000h 00030h 00000h 00031h 00000h 00036h 00000h 00035h 00000h 00034h 00000h 00030h 00000h 00030h 00000h 00032h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh
***
---- 1 ----
Description: Windows Boot Manager
Path: \EFI\Microsoft\Boot\bootmg
GUID: 6172FEA2-70BA-4CC2-A166-29
Partition number: 1
Begin: 923648
Partition Size: 204800
----------------
Additional data:
00057h 00049h 0004Eh 00044h 0004Fh 00057h 00053h 00000h 00001h 00000h 00000h 00000h 00088h 00000h 00000h 00000h 00078h 00000h 00000h 00000h 00042h 00000h 00043h 00000h 00044h 00000h 0004Fh 00000h 00042h 00000h 0004Ah 00000h 00045h 00000h 00043h 00000h 00054h 00000h 0003Dh 00000h 0007Bh 00000h 00039h 00000h 00064h 00000h 00065h 00000h 00061h 00000h 00038h 00000h 00036h 00000h 00032h 00000h 00063h 00000h 0002Dh 00000h 00035h 00000h 00063h 00000h 00064h 00000h 00064h 00000h 0002Dh 00000h 00034h 00000h 00065h 00000h 00037h 00000h 00030h 00000h 0002Dh 00000h 00061h 00000h 00063h 00000h 00063h 00000h 00031h 00000h 0002Dh 00000h 00066h 00000h 00033h 00000h 00032h 00000h 00062h 00000h 00033h 00000h 00034h 00000h 00034h 00000h 00064h 00000h 00034h 00000h 00037h 00000h 00039h 00000h 00035h 00000h 0007Dh 00000h 00000h 00000h 00069h 00000h 00001h 00000h 00000h 00000h 00010h 00000h 00000h 00000h 00004h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h
***
---- 3 ----
Description: UEFI: HL-DT-STDVDRAM SP80NB60
Path: Unknown
GUID: Unknown
Partition number: Unknown
Begin: Unknown
Partition Size: Unknown
----------------
Additional data:
00001h 00004h 00044h 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00053h 00000h 00050h 00000h 00038h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00036h 00000h 00030h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh
***
---- 4 ----
Description: Removable Drive
Path: Unknown
GUID: Unknown
Partition number: Unknown
Begin: Unknown
Partition Size: Unknown
----------------
Additional data:
00041h 0004Dh 00047h 0004Fh 00041h 0004Dh 0004Eh 0004Fh 000B9h 00000h 00000h 00000h 00001h 00000h 00000h 00000h 00077h 00000h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00047h 00000h 00050h 00000h 00034h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00034h 00000h 00030h 00000h 00000h 00000h 00005h 00001h 00009h 00000h 00001h 00000h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00002h 00001h 0000Ch 00000h 000D0h 00041h 00003h 0000Ah 00000h 00000h 00000h 00000h 00001h 00001h 00006h 00000h 00002h 00015h 00001h 00001h 00006h 00000h 00000h 00000h 00003h 00005h 00006h 00000h 00003h 00000h 0007Fh 000FFh 00004h 00000h 00001h 00004h 00044h 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00047h 00000h 00050h 00000h 00034h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00034h 00000h 00030h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh 00041h 0004Dh 0004Eh 0004Fh 000B9h 00000h 00000h 00000h 00001h 00000h 00000h 00000h 00077h 00000h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00053h 00000h 00050h 00000h 00038h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00036h 00000h 00030h 00000h 00000h 00000h 00005h 00001h 00009h 00000h 00001h 00000h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00002h 00001h 0000Ch 00000h 000D0h 00041h 00003h 0000Ah 00000h 00000h 00000h 00000h 00001h 00001h 00006h 00000h 00002h 00015h 00001h 00001h 00006h 00000h 00000h 00000h 00003h 00005h 00006h 00000h 00004h 00000h 0007Fh 000FFh 00004h 00000h 00001h 00004h 00044h 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00053h 00000h 00050h 00000h 00038h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00036h 00000h 00030h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh
Boot variables in Boot Order:
***
1 3 2 4
***
Pasting in uefi_vars for reference;
Boot variables are allowed on this system
***
Boot variables information:
***
---- 2 ----
Description: Hard Drive
Path: Unknown
GUID: Unknown
Partition number: Unknown
Begin: Unknown
Partition Size: Unknown
----------------
Additional data:
00041h 0004Dh 00047h 0004Fh 00041h 0004Dh 0004Eh 0004Fh 000B5h 00000h 00000h 00000h 00001h 00000h 00000h 00000h 0006Fh 00000h 00053h 00000h 00053h 00000h 00044h 00000h 00032h 00000h 00053h 00000h 00043h 00000h 00032h 00000h 00034h 00000h 00030h 00000h 00047h 00000h 00033h 00000h 0004Ch 00000h 00043h 00000h 00037h 00000h 00030h 00000h 00039h 00000h 00042h 00000h 00031h 00000h 00032h 00000h 00031h 00000h 0002Dh 00000h 00034h 00000h 00036h 00000h 00030h 00000h 00050h 00000h 00000h 00000h 00005h 00001h 00009h 00000h 00002h 00000h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00002h 00001h 0000Ch 00000h 000D0h 00041h 00003h 0000Ah 00000h 00000h 00000h 00000h 00001h 00001h 00006h 00000h 00000h 00011h 00003h 00012h 0000Ah 00000h 00000h 00000h 000FFh 000FFh 00000h 00000h 0007Fh 000FFh 00004h 00000h 00001h 00004h 0003Eh 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 0004Eh 00000h 00050h 00000h 00032h 00000h 00059h 00000h 00031h 00000h 00031h 00000h 00030h 00000h 00034h 00000h 00030h 00000h 00030h 00000h 00035h 00000h 00030h 00000h 00030h 00000h 00031h 00000h 00036h 00000h 00035h 00000h 00034h 00000h 00030h 00000h 00030h 00000h 00032h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh
***
---- 1 ----
Description: Windows Boot Manager
Path: \EFI\Microsoft\Boot\bootmg
GUID: 6172FEA2-70BA-4CC2-A166-29
Partition number: 1
Begin: 923648
Partition Size: 204800
----------------
Additional data:
00057h 00049h 0004Eh 00044h 0004Fh 00057h 00053h 00000h 00001h 00000h 00000h 00000h 00088h 00000h 00000h 00000h 00078h 00000h 00000h 00000h 00042h 00000h 00043h 00000h 00044h 00000h 0004Fh 00000h 00042h 00000h 0004Ah 00000h 00045h 00000h 00043h 00000h 00054h 00000h 0003Dh 00000h 0007Bh 00000h 00039h 00000h 00064h 00000h 00065h 00000h 00061h 00000h 00038h 00000h 00036h 00000h 00032h 00000h 00063h 00000h 0002Dh 00000h 00035h 00000h 00063h 00000h 00064h 00000h 00064h 00000h 0002Dh 00000h 00034h 00000h 00065h 00000h 00037h 00000h 00030h 00000h 0002Dh 00000h 00061h 00000h 00063h 00000h 00063h 00000h 00031h 00000h 0002Dh 00000h 00066h 00000h 00033h 00000h 00032h 00000h 00062h 00000h 00033h 00000h 00034h 00000h 00034h 00000h 00064h 00000h 00034h 00000h 00037h 00000h 00039h 00000h 00035h 00000h 0007Dh 00000h 00000h 00000h 00069h 00000h 00001h 00000h 00000h 00000h 00010h 00000h 00000h 00000h 00004h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h
***
---- 3 ----
Description: UEFI: HL-DT-STDVDRAM SP80NB60
Path: Unknown
GUID: Unknown
Partition number: Unknown
Begin: Unknown
Partition Size: Unknown
----------------
Additional data:
00001h 00004h 00044h 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00053h 00000h 00050h 00000h 00038h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00036h 00000h 00030h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh
***
---- 4 ----
Description: Removable Drive
Path: Unknown
GUID: Unknown
Partition number: Unknown
Begin: Unknown
Partition Size: Unknown
----------------
Additional data:
00041h 0004Dh 00047h 0004Fh 00041h 0004Dh 0004Eh 0004Fh 000B9h 00000h 00000h 00000h 00001h 00000h 00000h 00000h 00077h 00000h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00047h 00000h 00050h 00000h 00034h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00034h 00000h 00030h 00000h 00000h 00000h 00005h 00001h 00009h 00000h 00001h 00000h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00002h 00001h 0000Ch 00000h 000D0h 00041h 00003h 0000Ah 00000h 00000h 00000h 00000h 00001h 00001h 00006h 00000h 00002h 00015h 00001h 00001h 00006h 00000h 00000h 00000h 00003h 00005h 00006h 00000h 00003h 00000h 0007Fh 000FFh 00004h 00000h 00001h 00004h 00044h 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00047h 00000h 00050h 00000h 00034h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00034h 00000h 00030h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh 00041h 0004Dh 0004Eh 0004Fh 000B9h 00000h 00000h 00000h 00001h 00000h 00000h 00000h 00077h 00000h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00053h 00000h 00050h 00000h 00038h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00036h 00000h 00030h 00000h 00000h 00000h 00005h 00001h 00009h 00000h 00001h 00000h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00002h 00001h 0000Ch 00000h 000D0h 00041h 00003h 0000Ah 00000h 00000h 00000h 00000h 00001h 00001h 00006h 00000h 00002h 00015h 00001h 00001h 00006h 00000h 00000h 00000h 00003h 00005h 00006h 00000h 00004h 00000h 0007Fh 000FFh 00004h 00000h 00001h 00004h 00044h 00000h 000EFh 00047h 00064h 0002Dh 000C9h 0003Bh 000A0h 00041h 000ACh 00019h 0004Dh 00051h 000D0h 0001Bh 0004Ch 000E6h 00048h 00000h 0004Ch 00000h 0002Dh 00000h 00044h 00000h 00054h 00000h 0002Dh 00000h 00053h 00000h 00054h 00000h 00044h 00000h 00056h 00000h 00044h 00000h 00052h 00000h 00041h 00000h 0004Dh 00000h 00020h 00000h 00053h 00000h 00050h 00000h 00038h 00000h 00030h 00000h 0004Eh 00000h 00042h 00000h 00036h 00000h 00030h 00000h 00000h 00000h 0007Fh 000FFh 00004h 00000h 00041h 0004Dh 00042h 0004Fh
Boot variables in Boot Order:
***
1 3 2 4
***
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Davy Paridaens
2 basic solutions to troubleshoot malware infection