Can't get rid of "AsusSetup.exe" startup nags (Older Win-based BIOStool) on startup. (M4A78T-E if th

Discussion in 'Asus' started by Nobody > (Revisited), Sep 30, 2011.

  1. It was my bad to start with, I installed this hoping to avoid coming up
    with a bootable USB BIOS updatete solution. I didn't research it well
    enough to find out that it won't run on Win 7.

    I found *that* out the hard way, so proceeded to work a little harder
    and did get a working DOS-boot USB BIOS setup and got the mobo bumped up
    to 3406.

    Meanwhile, I'm stuck with with 2 (?) consecutive "failed to install"
    startup nag balloons on every startup on an admin login, or "install
    as admin" balloons (which fail) for non-admin users.

    I can't get rid of these turds!

    None of the usual Windows tricks have helped.
    It's not in Startups.
    There are NO registry keys with "AsusSetup.exe" in them anywhere.
    I've searched every file/directory on this computer, even with various
    LiveCD-type bootable tools (including HiRen's and various Linux-based
    file utilities). No "AsusSetup.exe"!

    I d/l'ed this "AsusSetup.exe" directly from ASUS (don't remember if it
    was the US, TW or "Global" site) so it should be valid (if flawed).

    But having seen how messed up the ASUS support sites have been at times,
    I suspected that what I actually got was a root-kitting trojan. I've run
    numerous rootkit detector apps as well. (I do that anyway as
    preventative maintenance, bit once and learned the hard way!)

    It's not a major problem, just an irritant, but it bugs the crap out of me!

    Could I be "not seeing the forest for the trees" here and missed an
    obvious item or trick? (I do dat at times)

    Any ideas are welcome, even off-the wall ones. The only one unacceptable
    is the "Dan C >> Format C:" crapline.








    --
    "Shit this is it, all the pieces do fit.
    We're like that crazy old man jumping
    out of the alleyway with a baseball bat,
    saying, "Remember me motherfucker?"
    Jim “Dandy” Mangrum
     
    Nobody > (Revisited), Sep 30, 2011
    #1
    1. Advertising

  2. Nobody > (Revisited)

    BS Guest

    Re: Can't get rid of "AsusSetup.exe" startup nags (Older Win-basedBIOS tool) on startup. (M4A78T-E if that even matters?)

    On 09/30/2011 02:30 PM, Nobody > (Revisited) wrote:
    > It was my bad to start with, I installed this hoping to avoid coming up
    > with a bootable USB BIOS updatete solution. I didn't research it well
    > enough to find out that it won't run on Win 7.
    >
    > I found *that* out the hard way, so proceeded to work a little harder
    > and did get a working DOS-boot USB BIOS setup and got the mobo bumped up
    > to 3406.
    >
    > Meanwhile, I'm stuck with with 2 (?) consecutive "failed to install"
    > startup nag balloons on every startup on an admin login, or "install as
    > admin" balloons (which fail) for non-admin users.
    >
    > I can't get rid of these turds!
    >
    > None of the usual Windows tricks have helped.
    > It's not in Startups.
    > There are NO registry keys with "AsusSetup.exe" in them anywhere.
    > I've searched every file/directory on this computer, even with various
    > LiveCD-type bootable tools (including HiRen's and various Linux-based
    > file utilities). No "AsusSetup.exe"!
    >
    > I d/l'ed this "AsusSetup.exe" directly from ASUS (don't remember if it
    > was the US, TW or "Global" site) so it should be valid (if flawed).
    >
    > But having seen how messed up the ASUS support sites have been at times,
    > I suspected that what I actually got was a root-kitting trojan. I've run
    > numerous rootkit detector apps as well. (I do that anyway as
    > preventative maintenance, bit once and learned the hard way!)
    >
    > It's not a major problem, just an irritant, but it bugs the crap out of me!
    >
    > Could I be "not seeing the forest for the trees" here and missed an
    > obvious item or trick? (I do dat at times)
    >
    > Any ideas are welcome, even off-the wall ones. The only one unacceptable
    > is the "Dan C >> Format C:" crapline.
    >
    >
    >
    >
    >
    >
    >
    >

    If it is really that embedded then run HijackThis. It will find all
    entries of ASUSSETUP.EXE and perhaps any other suspicious processes. You
    have checked to see if you can un-install it from what is now called
    programs and features in the control panel?
    The program sounds half-installed but I don't think it's a rootkit.
    I have windows 7 (on the other harddrive, I'm in Linux at the moment)
    and the computer has an Asus motherboard and also starts up some program
    called AI manager that is supposed to run the four cores in the cpu more
    efficiently or something. There is also an asus update program included
    in the package but it has always failed to download any BIOS updates. It
    will, however, make it easier to install one but you must download it
    separately on your own, the download mirrors the program uses are no
    longer valid. I have installed one BIOS update for my motherboard since
    2009 when I got the computer. You may want to check out this page
    http://www.computerhope.com/forum/index.php?topic=94335.0



    Good Luck,
    BS
     
    BS, Sep 30, 2011
    #2
    1. Advertising

  3. Nobody > (Revisited)

    Paul Guest

    Re: Can't get rid of "AsusSetup.exe" startup nags (Older Win-basedBIOS tool) on startup. (M4A78T-E if that even matters?)

    Nobody > (Revisited) wrote:
    > It was my bad to start with, I installed this hoping to avoid coming up
    > with a bootable USB BIOS updatete solution. I didn't research it well
    > enough to find out that it won't run on Win 7.
    >
    > I found *that* out the hard way, so proceeded to work a little harder
    > and did get a working DOS-boot USB BIOS setup and got the mobo bumped up
    > to 3406.
    >
    > Meanwhile, I'm stuck with with 2 (?) consecutive "failed to install"
    > startup nag balloons on every startup on an admin login, or "install
    > as admin" balloons (which fail) for non-admin users.
    >
    > I can't get rid of these turds!
    >
    > None of the usual Windows tricks have helped.
    > It's not in Startups.
    > There are NO registry keys with "AsusSetup.exe" in them anywhere.
    > I've searched every file/directory on this computer, even with various
    > LiveCD-type bootable tools (including HiRen's and various Linux-based
    > file utilities). No "AsusSetup.exe"!
    >
    > I d/l'ed this "AsusSetup.exe" directly from ASUS (don't remember if it
    > was the US, TW or "Global" site) so it should be valid (if flawed).
    >
    > But having seen how messed up the ASUS support sites have been at times,
    > I suspected that what I actually got was a root-kitting trojan. I've run
    > numerous rootkit detector apps as well. (I do that anyway as
    > preventative maintenance, bit once and learned the hard way!)
    >
    > It's not a major problem, just an irritant, but it bugs the crap out of me!
    >
    > Could I be "not seeing the forest for the trees" here and missed an
    > obvious item or trick? (I do dat at times)
    >
    > Any ideas are welcome, even off-the wall ones. The only one unacceptable
    > is the "Dan C >> Format C:" crapline.


    If you downloaded these, is there a chance there is a record of the download
    in your browser ? I download using Firefox, and at some point, must have
    set the expiry to be a very long time. You might be able to figure it out
    that way. In the Firefox download dialog box, if I type in "asus.com" as a
    search term, it lists only the downloads from asus for me.

    You could also download all the packages for your board from the Asus site,
    until you find the one in question.

    An example is this one, which has an AsusSetup inside. Now, this uses
    InstallShield, so I can't look inside the two cab files.

    http://dlcdnet.asus.com/pub/ASUS/misc/utils/EPU_V10022_XPVistaWin7.zip

    There is nothing in what I can see of the installer, which suggests
    it's designed to lay in wait. That one loads some drivers (in plain sight),
    as well as having a utility (hidden in the cabs, don't know what's there).

    It could be, that some script is launching, and one line of that is
    calling AsusSetup.

    Or it could be, you have some storage device, which has an autorun, and
    the storage device looks like a CDROM, and the software on it launches each
    time the computer starts. So you may have to examine the *contents* of each
    file on the machine, looking for the AsusSetup.exe or AsusSetup string.

    Also note that, due to the invention of Unicode strings, you can
    easily miss the presence of such a string, inside an executable. In
    one experiment I did here, I had to search for the letters, but with
    0x00 intermingled ( 0x00 "A" 0x00 "s" 0x00 "u" 0x00 "s" ...), and that
    is caused by the usage of a double byte representation for ordinary
    ASCII character values. I actually wrote a piece of C code to look
    for sequences like that, and scanned a 10GB image of a file system,
    looking for it. It's now much more difficult to search for crap like
    that, due to the possibility it's in Unicode, buried in some other
    executable. Even the Registry does that - sometimes, you can see what
    looks like a binary sequence in a registry entry, when in fact it is
    a file path in Unicode.

    In some cases, I've run Ubuntu in a virtual machine, then used WINE
    to run some windows installer, and then examined the fake "C:" drive
    kept in .wine directory, to figure out what a package "drops" in the
    file system. But it can be tricky figuring out what has changed.
    The last one I tried, the installer didn't run to completion, but
    it did finish the file copying phase. The Registry updates partially
    ran, but then something failed and it didn't finish. WINE has "regedit",
    so you can look in the fake registry for changes.

    The Sysinternals "autoruns" program, provides a way to search for
    startup items, and you should also give that a try, to avoid any of
    the "more unlikely to succeed" research methods. You won't necessarily
    be looking for "AsusSetup", as it might be some other innocent sounding
    string like "setup.exe" which in turn calls AsusSetup. It'll require
    the process of elimination, as much as a direct frontal assault.

    Paul
     
    Paul, Sep 30, 2011
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    6
    Views:
    373
  2. ridergroov
    Replies:
    7
    Views:
    2,197
    Young Mandy
    Mar 9, 2007
  3. Alex
    Replies:
    1
    Views:
    208
    Russ Dumke
    Nov 3, 2005
  4. Mike Dee

    "Are You Sure" nags?

    Mike Dee, Jan 15, 2009, in forum: Apple
    Replies:
    20
    Views:
    344
    Mike Dee
    Jan 18, 2009
  5. Marc Heusser

    Re: "Are You Sure" nags?

    Marc Heusser, Jan 17, 2009, in forum: Apple
    Replies:
    18
    Views:
    254
    Mike Dee
    Jan 25, 2009
Loading...

Share This Page