republican-creole
Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Infected file
Uniqs:
355		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Apple patches a pile of flaws »
« SCW download for 2003 Server SP1???  

jbryan

join:2004-11-30
White, PA
·Verizon BroadbandA..

Infected file

I got the following message from my CA Anti Virus real time scanner progrm today. I ran a full system scan and CA does not find it. I tried searching for this on c drive and cannot find it anywhere. Any suggestions?

3/23/2008 13:39:23 PM File infection: \Device\HarddiskVolumeShadowCopy6\PAGEFILE.SYS is infected with JS/Lame.A virus.
permalink · 2008-03-23 17:07:51 · Reply to this

anon101

@cox.net

Re: Infected file

Maybe CA AV removed it initially. Thats why you did not find it again on the scan. I dont have this product so cant offer much more help. Are there any logs/quarantines/etc to look at?
permalink · 2008-03-23 17:31:46 · Reply to this
Kiwi
Premium
join:2003-05-26
USA
·Comcast
·Aristotle Internet

Re: Infected file

Apparently is not a false positive...

"The malware determines the location of the current Windows folder by querying the operating system. The default installation location for the Windows directory for Windows 2000 and NT is C:\Winnt; for 95,98 and ME is C:\Windows; and for XP is C:\Windows.
%Temp% is a variable location and refers to the directory designated for temporary files. The malware determines the location of the current Temp folder by querying the operating system. A typical path is "C:\Documents and Settings\\Local Settings\Temp", or "C:\WINDOWS\TEMP".
If the current day is the 9th, it adds the following text to the infected file:

"This file is infected by Html.Lame!"
"What a virus! "

Cheers
permalink · 2008-03-23 17:39:14 · Print · Reply to this
Forums » Up and Running » Security » SecurityApple patches a pile of flaws »
« SCW download for 2003 Server SP1???  

Saturday, 05-Dec 03:58:23 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [145] Avast Antivirus Has Gone Mad
· [126] Comcast Makes NBC Universal Acquisition Official
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [89] The Bandwidth Hog Does Not Exist
· [83] FCC Ponders Moving From PSTN To IP Voice
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [74] Sprint Defuses GPS Privacy Media Bomb
· [70] Baltimore To Ban Lazy Cable Installs
Most people now reading
· False positive in Avast! or is it real? [Security]
· Windows 7 boot manager editing questions [Microsoft Help]
· DNS options, what are YOU using? [TekSavvy]
· Evading throttling with uTP / uTorrent 1.9a [TekSavvy]
· Maximizing Rogue DPS for 3.1 [World of Warcraft]
· What to use while demonoid is down? [Filesharing Software]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· UPS - What do you people think happened? [General Questions]
· Farewell [Bell Canada]
· [Wireless] Linksys WMP54g v4.1 and Windows 7 x64 [Linksys]