Radford Computing https://radfordcomputing.co.uk/ Computer Repairs Cardiff Sun, 11 Aug 2019 07:29:09 +0000 en-US hourly 1 ZeroAccess Rootkit https://radfordcomputing.co.uk/2012/04/18/zeroaccess-rootkit/ https://radfordcomputing.co.uk/2012/04/18/zeroaccess-rootkit/#comments Wed, 18 Apr 2012 10:10:27 +0000 https://radfordcomputing.co.uk/?p=607 It works by using and infected file from a package with a trusted certificate and then imbeds itself into system files such as svchost and loads the mimicked dll file instead of the original.
It is a Trojan Horse that opens a backdoor to download its own files.
This is one of the nastiest viruses around to date and can be extremely difficult ...]]>
ZeroAccess Rootkit was discovered in November 2011 and has been causing havoc ever since.

It works by using and infected file from a package with a trusted certificate and then imbeds itself into system files such as svchost and loads the mimicked dll file instead of the original.

It is a Trojan Horse that opens a backdoor to download its own files.

This is one of the nastiest viruses around to date and can be extremely difficult to remove.

I have tried Norton’s removal tool, McAfee’s removal tool, Combofix, TDSKiller, aswMBR 0.9.9 and Malwarebytes to try and rid a system of this little critter.

My recommendation is to use Combofix, this is likely to break your TCP/IP stack, I then ran a scan with TDSKILLER which found afd.sys to be infected in system32\drivers. It did a cure, rebooted and all working perfectly now.

Hope this helps.

Adrian

]]>
https://radfordcomputing.co.uk/2012/04/18/zeroaccess-rootkit/feed/ 0
Welcome https://radfordcomputing.co.uk/2012/02/10/welcome/ https://radfordcomputing.co.uk/2012/02/10/welcome/#comments Fri, 10 Feb 2012 00:11:45 +0000 https://radfordcomputing.co.uk/2012/02/10/welcome/ This is exciting, my first blog, written on the phone and sent directly to the blog on my website.
I’d just like to welcome you to the Radford Computing website and in particular to our blog, where I hope you’ll find the information here useful and interesting.
If you want to ask any questions, leave a comment or use the contact form if it’s private.
Many thanks
Adrian
]]>
Welcome
This is exciting, my first blog, written on the phone and sent directly to the blog on my website.

I’d just like to welcome you to the Radford Computing website and in particular to our blog, where I hope you’ll find the information here useful and interesting.

If you want to ask any questions, leave a comment or use the contact form if it’s private.

Many thanks

Adrian

]]>
https://radfordcomputing.co.uk/2012/02/10/welcome/feed/ 0