ChatterBank3 mins ago
FAO: ChuckFikkens
I've been asked to check out a friends Advent laptop, with Windows7 installed. They stated that it was "blue screening" after 5 secs when switched on, I then switched it on , logging on as a guest account, with no problems. the machine stayed powered up!!, however, when logging in on the main user account (which is also the administrator account), I found that the "psecurity.exe" files were corrupt. They have various Trojan & worm viruses installed in the account, as such I - think - that using the guest account cannot resolve the infestations, and the only recourse is a full install. Am I correct?, or can I log in using a "runas" to get round this? Please can I have tour thoughts on this. Many thanks!
Answers
Best Answer
No best answer has yet been selected by Nibble. Once a best answer has been selected, it will be shown here.
For more on marking an answer as the "Best Answer", please visit our FAQ.Two options really.
Boot it into safe mode (with networking) and while in safe mode, disable system restore, install malwarebytes, let it update and then run a full scan and see if that gets rid of the problems (psecurity.exe is a rogue anti virus program BTW)
Or,
If you have the media and the owner has all personal files backed up, do a full reinstall. This will have the benefit of clearing the infections and getting rid of all the crap that is always installed on new laptops from the factory. If you do decide to do a reinstall then remember you'll also need to download all the latest drivers for all the hardware from advents website, make sure you install a decent anti-virus program and also run a full windows update at least 3 times (keep running it until it's got nothing else to install)
Personally I would go for the latter option, it's not the quickest or the easiest but the system would be left in a much cleaner state at the end of it.
Boot it into safe mode (with networking) and while in safe mode, disable system restore, install malwarebytes, let it update and then run a full scan and see if that gets rid of the problems (psecurity.exe is a rogue anti virus program BTW)
Or,
If you have the media and the owner has all personal files backed up, do a full reinstall. This will have the benefit of clearing the infections and getting rid of all the crap that is always installed on new laptops from the factory. If you do decide to do a reinstall then remember you'll also need to download all the latest drivers for all the hardware from advents website, make sure you install a decent anti-virus program and also run a full windows update at least 3 times (keep running it until it's got nothing else to install)
Personally I would go for the latter option, it's not the quickest or the easiest but the system would be left in a much cleaner state at the end of it.
Thanks for that Chuck, I did boot the OS into safe mode (with networking), with the problems as stated, and my initial thoughts were as you describe.. Unfortunatly, the owner has failed to run any backup/upgrades for th epast 6-8 months, and as such he doesn't know where his original media is. given the above I feel that the second option would as you say be the best resolution to his problem. Many thanks! I'll advise the owner as above - he'll have to bite the bullet and purchase a new CD to achieve a complete new clean install.
Try pressing F10 as soon as you see the advent logo on the screen.
Some advents have a recovery partition hidden on the hard drive that allows you to restore it back to factory state and F10 should allow you to get to this. Be warned though, a destructive restore will wipe all the users data off the hard drive.
Some advents have a recovery partition hidden on the hard drive that allows you to restore it back to factory state and F10 should allow you to get to this. Be warned though, a destructive restore will wipe all the users data off the hard drive.
Related Questions
Sorry, we can't find any related questions. Try using the search bar at the top of the page to search for some keywords, or choose a topic and submit your own question.