Author Topic: Pagefile.sys and HLLP-Vova 10.1-B ?  (Read 3740 times)

0 Members and 1 Guest are viewing this topic.

justnet

  • Guest
Pagefile.sys and HLLP-Vova 10.1-B ?
« on: November 11, 2006, 05:41:39 PM »
During the scanning Avast has found the following infected files :
First scanning
11/11/2006 13:47
Controllo di tutti i drives locali
File C:\Documents and Settings\uff_server\Impostazioni locali\Temporary Internet Files\Content.IE5\6PN8TSBA\10253-23[2].exe\[UPX] e infetto da Win32:Diamin-CT [Trj] , Cancellato
File C:\Documents and Settings\uff_server\Impostazioni locali\Temporary Internet Files\Content.IE5\6PN8TSBA\10253-23[3].exe\[UPX] e infetto da Win32:Diamin-CT [Trj] , Cancellato
File C:\Documents and Settings\uff_server\Impostazioni locali\Temporary Internet Files\Content.IE5\6PN8TSBA\10253-23[4].exe\[UPX] e infetto da Win32:Diamin-CT  [Trj], Cancellato
File C:\Documents and Settings\uff_server\Impostazioni locali\Temporary Internet Files\Content.IE5\6PN8TSBA\10253-23[5].exe\[UPX] e infetto da Win32:Diamin-CT  [Trj], Cancellato
File C:\Documents and Settings\uff_server\Impostazioni locali\Temporary Internet Files\Content.IE5\KLQN0LYV\10253-23[1].exe\[UPX] e infetto da Win32:Diamin-CT  [Trj], Cancellato
File C:\Documents and Settings\uff_server\Impostazioni locali\Temporary Internet Files\Content.IE5\T00NTDGX\10253-23[1].exe\[UPX] e infetto da Win32:Diamin-CT  [Trj], Cancellato
File C:\Documents and Settings\uff_server\Impostazioni locali\Temporary Internet Files\Content.IE5\T00NTDGX\10253-23[2].exe\[UPX] e infetto da Win32:Diamin-CT  [Trj], Cancellato
File C:\pagefile.sys e infetto da HLLP-Vova 10.1-B, Ripara: Errore 42060 {Il file non è stato riparato.}, Sposta nel Cestino: Errore 0xC000007F {Un'operazione è fallita perché il disco era pieno.}, Sposta nel Cestino: Errore 0xC000007F {Un'operazione è fallita perché il disco era pieno.}

Numero di cartelle cercate: 1010
Numero files controllati: 26760
Numero files infetti: 8
----------------------------------------

The last infected file (pagefile.sys) I cannot put in the basket because the basket is full. 
I've chosed to ignore it for the moment (to free the space),  and during the following scanning the infection of the pagefile.sys doesn't come in relief.


Second scanning

11/11/2006 14:14
Controllo di tutti i drives locali

Numero di cartelle cercate: 1010
Numero files controllati: 26516
Numero files infetti: 0
-----------------------------------------

Why the second time file pagefile.sys was not infected ?
Thanks

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Pagefile.sys and HLLP-Vova 10.1-B ?
« Reply #1 on: November 11, 2006, 06:05:21 PM »
Hi justnet,

The pagefile is just the computer's virtual memory. There must have been some malware in VM. The pagefile is not reloaded after a reboot, so if the viruses have been deleted, they won't be loaded into memory.

It would probably be a good idea to clean up your temp files- you could free up a lot of space that way. Do you have CCleaner?

http://www.ccleaner.com/

An alternative browser like Firefox or Opera would be a lot more secure than an older version of IE:

http://www.mozilla.com/en-US/firefox/

http://www.opera.com/

If you haven't done so already, a scan for spyware would be a good idea. These scanners are free:

a-Squared free:

http://www.emsisoft.com/en/software/free/

Ad-Aware:

http://www.download.com/3000-2144-10045910.html

Spybot Search & Destroy:

http://www.safer-networking.org/

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88744
  • No support PMs thanks
Re: Pagefile.sys and HLLP-Vova 10.1-B ?
« Reply #2 on: November 11, 2006, 06:10:28 PM »
Pagefile.sys is huge (can be gigabytes in size unless you restrict it) and you wouldn't want to move that to the chest. I though pagefile.sys was excluded from scans it is by default in Standard Shield, Advanced, so you might consider adding it to the program setings, exclusions, use the wildcard ? so it applies to all drives that have a pagefile.sys file (I have mine split over two drives), e.g. ?:\pagefile.sys. By all accounts it is a limited risk doing this as the contents don't carry over after reboot.

Clear your Internet Temp files.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.1.6099 (build 24.1.8821.762) UI 1.0.796/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

justnet

  • Guest
Re: Pagefile.sys and HLLP-Vova 10.1-B ?
« Reply #3 on: November 11, 2006, 06:20:39 PM »
I have already made the cleanings of the temporary folder and internet temporary file.
Now it is everything ok  :)
 
Thanks for the explanation.