« previous next »
Pages: [1]   Go Down

Author Topic: Not Full Scan  (Read 2861 times)

0 Members and 1 Guest are viewing this topic.

canorro

  • Guest
Not Full Scan
« on: April 07, 2008, 10:16:02 AM »
 OK so i knew i had a virus because my explorer.exe was appearing and disappearing then it terminate by its self so i scan with my other OS (ubunto) using avast Win32:Virtumonde-GN [AWR] appear i have virtumonde before but this one appear at hiberfil.sys i don't know if thats save to remove.Then in pagefile.sys i found win32:VB-EIJ.
After a while avast for Linux crash.Then i started win xp and scheduled a boot scan they seem pretty useful but..
So here are some bad news for us Avast user even after waiting a few hours for they boot scan in windows it didn't detected no even one thing nothing, Nada, zero viruses.

So what should i do about hiberfil.sys and pagefile.sys.Also pagefile is use as RAM so my memory could also be infected even though every time you turn of you PC the memory is deleted right.

So windows editions are not scanning some files right>?
MAybe to protect because they are system files but how will you fix a virus that cant be detected.
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: Not Full Scan
« Reply #1 on: April 07, 2008, 02:56:10 PM »
hiberfil.sys is the hibernation file... it's safe to be deleted.
pagefile.sys is renewed each boot... does avast still report it as being infected?
Logged
The best things in life are free.

canorro

  • Guest
Re: Not Full Scan
« Reply #2 on: April 07, 2008, 10:27:29 PM »
Quote from: Tech on April 07, 2008, 02:56:10 PM
hiberfil.sys is the hibernation file... it's safe to be deleted.
pagefile.sys is renewed each boot... does avast still report it as being infected?
I know pagefile.sys is suppose to be renewed but it didn't because i could find it after rebooting with linux.
Avast didnt finished but i guest i could run another scan it probably crash because im using hardy heron(beta) if you tell me were the linux report file is i could post it here.Also i also found some virtumonde entries that avast didn't found with malwarebytes anti-malware how can i post them to avast.

Update: ok so every time i scan my windows disk it avastgui crash at a point but in the log viewer i found this
2008-04-06 20:30:47   Found virus 'Win32:Virtumonde-GN [Adw]' in file '/media/disk-6/hiberfil.sys'.
2008-04-06 20:55:09   Found virus 'Win32:VB-EIJ [trj]' in file '/media/disk-6/pagefile.sys'.
2008-04-07 19:23:31   Found virus 'Win32:Virtumonde-GN [Adw]' in file '/media/disk-7/hiberfil.sys'.
2008-04-07 20:00:15   Found virus 'Win32:VB-EIJ [trj]' in file '/media/disk-7/pagefile.sys'.
they are the same entry only since today i didnt mount my external hdd its disk-7
the report file isnt been created because of the crashes in avast
« Last Edit: April 08, 2008, 02:40:00 AM by canorro »
Logged
Pages: [1]   Go Up
« previous next »