Vista home laptop trouble

[Tim]

My wife's laptop has picked up a world of trouble.

It's kept fully updated and runs Avast normally. It started crashing
randomly and turning off its own firewall & security centre. We haven't been
able to run a virus scan without it either locking up or otherwise crashing
before completion.

We've tried Kaspersky & Trencillin housecall in normal mode & safe mode but
they keep getting shut down.

All these problems may or may not be associated with a daughter home from
uni who has been using her external drive with this laptop.

I've got an Ubuntu disk I'm going to try but I'm open to other suggestions.

Tim

 

[Tim]

I've got an Ubuntu disk I'm going to try but I'm open to other
suggestions.

Um.. assume I'm an idiot. Darned if I can work out how to install Fprot
running in Live CD mode.

Tim

 

[Victek]

My wife's laptop has picked up a world of trouble.

It's kept fully updated and runs Avast normally. It started crashing
randomly and turning off its own firewall & security centre. We haven't
been able to run a virus scan without it either locking up or otherwise
crashing before completion.

We've tried Kaspersky & Trencillin housecall in normal mode & safe mode
but they keep getting shut down.

All these problems may or may not be associated with a daughter home from
uni who has been using her external drive with this laptop.

I've got an Ubuntu disk I'm going to try but I'm open to other
suggestions.

..
Try installing and running MalwareBytes AntiMalware (MBAM). If it will
install but won't run try renaming the executable - some malware targets the
executable by name. There is also SuperAntiSpyware. You could also try an
online scanner such as Hitman Pro (free trial ware).

If none of these work you can create a bootable CD with UBCD4WIN that will
include a number of antimalware apps.

Last, you can remove the hard disk from the laptop and put it in a USB
enclosure (very inexpensive) so you can scan it on another PC. That's
actually pretty easy and likely to succeed since the infected OS is not
being booted (as long as you're savvy with hardware). Hope some of this
helps you out.

 

[Tim]

Try installing and running MalwareBytes AntiMalware (MBAM). If it
will install but won't run try renaming the executable - some malware
targets the executable by name. There is also SuperAntiSpyware. You
could also try an online scanner such as Hitman Pro (free trial ware).

If none of these work you can create a bootable CD with UBCD4WIN that
will include a number of antimalware apps.

Last, you can remove the hard disk from the laptop and put it in a USB
enclosure (very inexpensive) so you can scan it on another PC. That's
actually pretty easy and likely to succeed since the infected OS is
not being booted (as long as you're savvy with hardware). Hope some
of this helps you out.

That last option sounds like it's worth trying. I used to have an enclosure
kicking about somewhere but I think it's been nicked by my daughters!

Thanks for all the other pointers too.

Tim

 

[Tim]

Last, you can remove the hard disk from the laptop and put it in a USB
enclosure (very inexpensive) so you can scan it on another PC. That's
actually pretty easy and likely to succeed since the infected OS is
not being booted (as long as you're savvy with hardware). Hope some
of this helps you out.

I managed to buy a cable from my local shop for £2.50 to link up the laptop
sata drive to my PC.

Scanning it with Avast and it's found and deleted Win32:Adloader-AC[trj] in
"G:\pagefile.sys" file. (G being the drive letter my PC has assigned to the
affected drive). I thought that might be me fixed but on seaching the net
the opinion seems to be that this is usually a false alarm and that the
pagefile.sys file isn't routinely scanned. I guess it got scanned on this
occasion as it's now an extra drive.

Now I'm sure that the computer was infected with something, just too many
strange things going on with security settings and antivirus programs so I'm
left wondering if there is something else it might have missed? It's had a
full scan with Windows Defender. I haven't tried the malwarebytes site yet
but it's currently undergoing a "Housecall".

Anything else I should do or just slap it back in the laptop and see if it's
behaving?

Tim

 

[Victek]

Last, you can remove the hard disk from the laptop and put it in a USB

enclosure (very inexpensive) so you can scan it on another PC. That's
actually pretty easy and likely to succeed since the infected OS is
not being booted (as long as you're savvy with hardware). Hope some
of this helps you out.

I managed to buy a cable from my local shop for £2.50 to link up the
laptop sata drive to my PC.

Scanning it with Avast and it's found and deleted Win32:Adloader-AC[trj]
in "G:\pagefile.sys" file. (G being the drive letter my PC has assigned
to the affected drive). I thought that might be me fixed but on seaching
the net the opinion seems to be that this is usually a false alarm and
that the pagefile.sys file isn't routinely scanned. I guess it got
scanned on this occasion as it's now an extra drive.

Now I'm sure that the computer was infected with something, just too many
strange things going on with security settings and antivirus programs so
I'm left wondering if there is something else it might have missed? It's
had a full scan with Windows Defender. I haven't tried the malwarebytes
site yet but it's currently undergoing a "Housecall".

Anything else I should do or just slap it back in the laptop and see if
it's behaving?

..
I don't know how effective the online "House Call" is. I would recommend
MBAM. If the drive comes up clean after a full scan with MBAM I would trust
it. I've used a number of different scanners in the field and MBAM has
consistently been the best followed closely by SuperAntiSpyware.

 

[The Central Scrutinizer]

Um... If you fond a virus in the pagefile, it was swapped out of memory.
Which is very bad. Avast finds these in the page file while others does
not.

So minimum it is a wipe and reinstall.

--

Last, you can remove the hard disk from the laptop and put it in a USB
enclosure (very inexpensive) so you can scan it on another PC. That's
actually pretty easy and likely to succeed since the infected OS is
not being booted (as long as you're savvy with hardware). Hope some
of this helps you out.

I managed to buy a cable from my local shop for £2.50 to link up the
laptop sata drive to my PC.

Scanning it with Avast and it's found and deleted Win32:Adloader-AC[trj]
in "G:\pagefile.sys" file. (G being the drive letter my PC has assigned
to the affected drive). I thought that might be me fixed but on seaching
the net the opinion seems to be that this is usually a false alarm and
that the pagefile.sys file isn't routinely scanned. I guess it got
scanned on this occasion as it's now an extra drive.

Now I'm sure that the computer was infected with something, just too many
strange things going on with security settings and antivirus programs so
I'm left wondering if there is something else it might have missed? It's
had a full scan with Windows Defender. I haven't tried the malwarebytes
site yet but it's currently undergoing a "Housecall".

Anything else I should do or just slap it back in the laptop and see if
it's behaving?

Tim

 

[Tim]

Last, you can remove the hard disk from the laptop and put it in a
USB enclosure (very inexpensive) so you can scan it on another PC.
That's actually pretty easy and likely to succeed since the
infected OS is not being booted (as long as you're savvy with
hardware). Hope some of this helps you out.

I managed to buy a cable from my local shop for £2.50 to link up the
laptop sata drive to my PC.

Scanning it with Avast and it's found and deleted
Win32:Adloader-AC[trj] in "G:\pagefile.sys" file. (G being the
drive letter my PC has assigned to the affected drive). I thought
that might be me fixed but on seaching the net the opinion seems to
be that this is usually a false alarm and that the pagefile.sys file
isn't routinely scanned. I guess it got scanned on this occasion as
it's now an extra drive. Now I'm sure that the computer was infected with
something, just too
many strange things going on with security settings and antivirus
programs so I'm left wondering if there is something else it might
have missed? It's had a full scan with Windows Defender. I haven't
tried the malwarebytes site yet but it's currently undergoing a
"Housecall". Anything else I should do or just slap it back in the laptop
and see
if it's behaving?

.
I don't know how effective the online "House Call" is. I would
recommend MBAM. If the drive comes up clean after a full scan with
MBAM I would trust it. I've used a number of different scanners in
the field and MBAM has consistently been the best followed closely by
SuperAntiSpyware.

Thanks. I've scanned it and it seems to be okay. Certainly the laptop is
behaving normally and Windows Security centre, firewalls and antivirus
software seem to be working now.

Tim