So i spent this evening extracting a rootkit from my samsung nc10 - first i knew about it was when clicking on google search results, weird ad pages sprang up. Installed AVG wouldn't touch it. So i tried to install superantispyware, but it wouldn't install. then malwarebytes, which also wouldn't install. Both were blocked by the malware. AVG was also behaving strangely.
It was only RootRepeal that saved me, finding the hidden rootkit
>>Name: UACyxxtjwqc.sys
Image Path: C:\WINDOWS\system32\drivers\UACyxxtjwqc.sys
Address: 0xF70D3000 Size: 77824 File Visible: -
Status: Hidden from Windows API!
Wiping this then allowed malwarebytes to tackle the other 15 problems and get the machine back under control.
About three hours on this on top of an hour on the phone with Vodafone customer service as they managed to get my address wrong and i bounced around between various hapless contact centre people trying to claim for my phone lost in Brazil......
No comments:
Post a Comment
Would love to hear your comments, but i shall moderate out for profanity, abuse, extremism or being off topic