Prev: Best Free Security List
Next: best pc health components control center - anyone seen this??
From: Victek on 12 Nov 2009 23:01
>> Last, you can remove the hard disk from the laptop and put it in a USB
>> enclosure (very inexpensive) so you can scan it on another PC. That's
>> actually pretty easy and likely to succeed since the infected OS is
>> not being booted (as long as you're savvy with hardware). Hope some
>> of this helps you out.
>
> I managed to buy a cable from my local shop for �2.50 to link up the
> laptop sata drive to my PC.
>
> Scanning it with Avast and it's found and deleted Win32:Adloader-AC[trj]
> in "G:\pagefile.sys" file. (G being the drive letter my PC has assigned
> to the affected drive). I thought that might be me fixed but on seaching
> the net the opinion seems to be that this is usually a false alarm and
> that the pagefile.sys file isn't routinely scanned. I guess it got
> scanned on this occasion as it's now an extra drive.
>
> Now I'm sure that the computer was infected with something, just too many
> strange things going on with security settings and antivirus programs so
> I'm left wondering if there is something else it might have missed? It's
> had a full scan with Windows Defender. I haven't tried the malwarebytes
> site yet but it's currently undergoing a "Housecall".
>
> Anything else I should do or just slap it back in the laptop and see if
> it's behaving?
>
..
I don't know how effective the online "House Call" is. I would recommend
MBAM. If the drive comes up clean after a full scan with MBAM I would trust
it. I've used a number of different scanners in the field and MBAM has
consistently been the best followed closely by SuperAntiSpyware.

From: The Central Scrutinizer on 13 Nov 2009 00:49
Um... If you fond a virus in the pagefile, it was swapped out of memory.
Which is very bad. Avast finds these in the page file while others does
not.

So minimum it is a wipe and reinstall.

--



"Tim" <timdownie2003(a)obvious.yahoo.co.uk> wrote in message
news:7m2u1jF3g44rbU1(a)mid.individual.net...
> Victek wrote:
>
>>
>> Last, you can remove the hard disk from the laptop and put it in a USB
>> enclosure (very inexpensive) so you can scan it on another PC. That's
>> actually pretty easy and likely to succeed since the infected OS is
>> not being booted (as long as you're savvy with hardware). Hope some
>> of this helps you out.
>
> I managed to buy a cable from my local shop for �2.50 to link up the
> laptop sata drive to my PC.
>
> Scanning it with Avast and it's found and deleted Win32:Adloader-AC[trj]
> in "G:\pagefile.sys" file. (G being the drive letter my PC has assigned
> to the affected drive). I thought that might be me fixed but on seaching
> the net the opinion seems to be that this is usually a false alarm and
> that the pagefile.sys file isn't routinely scanned. I guess it got
> scanned on this occasion as it's now an extra drive.
>
> Now I'm sure that the computer was infected with something, just too many
> strange things going on with security settings and antivirus programs so
> I'm left wondering if there is something else it might have missed? It's
> had a full scan with Windows Defender. I haven't tried the malwarebytes
> site yet but it's currently undergoing a "Housecall".
>
> Anything else I should do or just slap it back in the laptop and see if
> it's behaving?
>
> Tim


From: Tim on 13 Nov 2009 12:42
Victek wrote:
>>> Last, you can remove the hard disk from the laptop and put it in a
>>> USB enclosure (very inexpensive) so you can scan it on another PC.
>>> That's actually pretty easy and likely to succeed since the
>>> infected OS is not being booted (as long as you're savvy with
>>> hardware). Hope some of this helps you out.
>>
>> I managed to buy a cable from my local shop for �2.50 to link up the
>> laptop sata drive to my PC.
>>
>> Scanning it with Avast and it's found and deleted
>> Win32:Adloader-AC[trj] in "G:\pagefile.sys" file. (G being the
>> drive letter my PC has assigned to the affected drive). I thought
>> that might be me fixed but on seaching the net the opinion seems to
>> be that this is usually a false alarm and that the pagefile.sys file
>> isn't routinely scanned. I guess it got scanned on this occasion as
>> it's now an extra drive. Now I'm sure that the computer was infected with
>> something, just too
>> many strange things going on with security settings and antivirus
>> programs so I'm left wondering if there is something else it might
>> have missed? It's had a full scan with Windows Defender. I haven't
>> tried the malwarebytes site yet but it's currently undergoing a
>> "Housecall". Anything else I should do or just slap it back in the laptop
>> and see
>> if it's behaving?
>>
> .
> I don't know how effective the online "House Call" is. I would
> recommend MBAM. If the drive comes up clean after a full scan with
> MBAM I would trust it. I've used a number of different scanners in
> the field and MBAM has consistently been the best followed closely by
> SuperAntiSpyware.

Thanks. I've scanned it and it seems to be okay. Certainly the laptop is
behaving normally and Windows Security centre, firewalls and antivirus
software seem to be working now.

Tim

First  |  Prev  | 
Pages: 1 2
Prev: Best Free Security List
Next: best pc health components control center - anyone seen this??