- Thread Author
- #1
I just saw in System Information that my Desktop Laptop Platform Role is Mobile. Turned on the other two laptops in the home network and they also are mobile. This is a newly reset computer with no connection with a mobile phone whatsoever. To confirm my suspicions, in autoruns I get multiple drivers some Intel, Realtek and a majority of Samsung Android USB port, Samsung Android Device, Samsung USB Mobile Logging Device Driver etc. even though my HP laptop is not connected in any way with Samsung.To be Mobile, Transient Multi Monitor(TMM) must be enabled, thereby increasing the likelihood of a remote trojan monitoring my device. Previous security incidents from the computer included a One Drive trojan as seen from this hash 08dd848ee20d671560f0db814368322387b2739be3b428484dd6a429338a9191 from VirusTotal/Antiy Labs which is deemed from experts as a false positive.
With powershell command Get-WIndowsDriver -Online I get around 60 Samsung Electronics Co. Ltd. drivers with command line like -
C:\Windows\System32\DriverStore\FileRepository\via_usb_modem.inf_amd64_2358dcbee0e9f747\via_usb_modem.inf
. Suspicious drivers also include Mobile Top- C:\Windows\System32\DriverStore\FileRepository\ssaebus.inf_amd64_52d5c961892b3d6b\ssaebus.inf and
Android USBdeviceClass - C:\Windows\System32\DriverStore\FileRepository\android_winusb.inf_amd64_8934a46ee8218e5f\android_win\usb.inf. These drivers are invisible in Device Manager even with hidden checked. Legitimate drivers like Mouse - Synaptics, Intel, Logitech are visible but very few.
Is this a possible Android phone malware in the likes of BlueBorne that has taken control of the laptop via those drivers via vulnerable android devices near me. Why would a Windows 10 laptop have mobile as its platform? The only mobile android files in my laptop are those ones in the driver files. Any idea on how to change the platform back to desktop? Are there any good driver removal tools available.
With powershell command Get-WIndowsDriver -Online I get around 60 Samsung Electronics Co. Ltd. drivers with command line like -
C:\Windows\System32\DriverStore\FileRepository\via_usb_modem.inf_amd64_2358dcbee0e9f747\via_usb_modem.inf
. Suspicious drivers also include Mobile Top- C:\Windows\System32\DriverStore\FileRepository\ssaebus.inf_amd64_52d5c961892b3d6b\ssaebus.inf and
Android USBdeviceClass - C:\Windows\System32\DriverStore\FileRepository\android_winusb.inf_amd64_8934a46ee8218e5f\android_win\usb.inf. These drivers are invisible in Device Manager even with hidden checked. Legitimate drivers like Mouse - Synaptics, Intel, Logitech are visible but very few.
Is this a possible Android phone malware in the likes of BlueBorne that has taken control of the laptop via those drivers via vulnerable android devices near me. Why would a Windows 10 laptop have mobile as its platform? The only mobile android files in my laptop are those ones in the driver files. Any idea on how to change the platform back to desktop? Are there any good driver removal tools available.