Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help - Windows pagefile infection


  • Please log in to reply
1 reply to this topic

#1 The Brush Geek

The Brush Geek

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brush, CO
  • Local time:01:14 PM

Posted 28 September 2016 - 01:23 PM

Good morning and thanks in advance to anyone who can help me with a problem I'm having.

 

I have a customers laptop from which I've pulled the hard drive so that I can scan it with Avast from my workbench machine. Avast shows a Beryllium infection in the pagefile. I've tried several methods within Avast to remove the infection but nothing is working.

 

Putting the drive back into the customers laptop, I proceeded to tell Windows to stop using the pagefile and then conducted a series of scans on the drive using various scanning software that I've seen suggested on this forum and have included as part of my anti-virusing process for some time now (RogueKiller, Adwcleaner, Eset, JRT, Malwarebytes, Sophos to be specific). Through this process I've scrubbed the drive about as clean as I can get it although nothing found the Beryllium infection. On completion of these scans, I then told Windows to start using a page file again. I gave it a much larger size and was hoping that it would relocate the file onto another (hopefully uninfected) place on the drive.

 

After all this I pulled the drive, put it back into my workbench machine and reran Avast. It still found the same infection.  :(

 

I'm at a loss as to how to get rid of this infection. Is anyone aware of any other scanning software that scans the hard drive itself instead of walking through the filesystem that might find and eradicate this?  :scratchhead:



BC AdBot (Login to Remove)

 


#2 The Brush Geek

The Brush Geek
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brush, CO
  • Local time:01:14 PM

Posted 03 October 2016 - 11:25 AM

Just to report back on this problem, I was never truly able to solve this to my satisfaction but had to get the customer's machine back to them.

I repeated the above process (e.g. delete the pagefile, scan in a separate computer, create the pagefile, scan in a separate computer) multiple times and this just wouldn't go away regardless of whether the pagefile was created manually or automatically.

 

My second best alternative was to utilize a Microsoft registry patch (https://support.microsoft.com/en-us/kb/314834) to clear the pagefile when the computer shuts down. Alas, this still does not seem to remove the reported virus but it was the best I could do under the time and $$ constraints I was working under.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users