| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 80771 | 2007-07-04 17:20:00 | Win 32:Delf-XQ (trojan downloader) | Jax (12511) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 565799 | 2007-07-04 17:20:00 | Hi, I'm using Windows XP and Ubuntu on my laptop. When I scan Windows witth Nod32, Ad-aware and Spydoctor, my system comes up virus and malware clean. However, when I boot via Linux and run a virus scan using Avast, it alerts me to the Win 32: Delf-XQ [TR] virus in pagefile.sys. I googled it and I think it's a trojan downloader. I think the scanner scans all the windows files too, even though I'm in Linux. Avast asks if I want to remove the virus and I delete it each time, yet it comes back. I had the same problem with a virus in the hiberfil.sys folder, but after I disabled hibernation, that warning disappeared. Please help me remove this trojan downloader, and whether I can delete pagefile.sys. Thanks a ton. |
Jax (12511) | ||
| 565800 | 2007-07-04 21:08:00 | I'd say its a false positive. | pctek (84) | ||
| 565801 | 2007-07-05 03:08:00 | Please help me remove this trojan downloader, and whether I can delete pagefile.sys. Disable the page file, reboot then enable it again: Control Panel > System > Advanced > Performance settings > Advanced > Change > select No paging file (take note of current size) > Set > click OK all the way > Reboot. To enable, repeat above but enter the size settings you took note of. |
FoxyMX (5) | ||
| 565802 | 2007-07-05 03:14:00 | Thanks to both of you for responding so quick. Is it safe to clean out pagefile? And will clearing it, remove this alleged trojan downloader? Basically. are there any downsides to wiping out pagefile? Thanks again |
Jax (12511) | ||
| 565803 | 2007-07-05 03:21:00 | It is safe and I don't know of any downsides. I have done it myself many a time. Your computer won't blow up or anything bad like that. As for removing the alleged trojan downloader, it might get rid of it but there are no guarantees. Try it and see. :) |
FoxyMX (5) | ||
| 565804 | 2007-07-05 04:22:00 | Thanks FoxyMX:) | Jax (12511) | ||
| 565805 | 2007-07-05 05:33:00 | Easier way may be to tell windows to clear the pagefile on shutdown: support.microsoft.com |
Agent_24 (57) | ||
| 565806 | 2007-07-05 06:20:00 | Easier way may be to tell windows to clear the pagefile on shutdown: support.microsoft.com Whilst that may be useful information for some of the more experienced PC users I really don't think it's a good idea for the original poster of this thread to try that one. |
FoxyMX (5) | ||
| 565807 | 2007-07-05 06:23:00 | Thank you | Jax (12511) | ||
| 565808 | 2007-07-09 04:36:00 | Jax, I received your email but was unable to reply as you have disabled receiving emails so I'll reply here . Your email message was as follows: So I wiped out the pagefile and reset it in Windows as you suggested . I then scanned the computer with Avast having booted into Ubuntu . I got a virus warning again . It was in the pagefile . sys folder, but it wasn't the Win 32:Delf-XQ (trojan downloader), it was some other Win:32 trojan downloader . I don't know if these are just false positives . When I look at the host file directory in Linux (where are all the windows files and directories are) I see a pagefile folder . Should I delete that? Any help would be great . Thanks They are possibly false positives but to put your mind at rest I would suggest that you ask at the Avast forums (http://forum . avast . com/) . They might have better advice . Good luck and let us know how you get on . :) |
FoxyMX (5) | ||
| 1 2 | |||||