Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Infected file
Search Topic:
Uniqs:
353		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Apple patches a pile of flaws »
« SCW download for 2003 Server SP1???  
AuthorAll Replies

Kiwi
Premium
join:2003-05-26
USA
·Comcast
·Aristotle Internet

reply to anon101
Re: Infected file

Apparently is not a false positive...

"The malware determines the location of the current Windows folder by querying the operating system. The default installation location for the Windows directory for Windows 2000 and NT is C:\Winnt; for 95,98 and ME is C:\Windows; and for XP is C:\Windows.
%Temp% is a variable location and refers to the directory designated for temporary files. The malware determines the location of the current Temp folder by querying the operating system. A typical path is "C:\Documents and Settings\\Local Settings\Temp", or "C:\WINDOWS\TEMP".
If the current day is the 9th, it adds the following text to the infected file:

"This file is infected by Html.Lame!"
"What a virus! "

Cheers
to forum · permalink · · 2008-03-23 17:39:14 · Reply to this


anon101

@cox.net		reply to jbryan
Maybe CA AV removed it initially. Thats why you did not find it again on the scan. I dont have this product so cant offer much more help. Are there any logs/quarantines/etc to look at?
to forum · permalink · 2008-03-23 17:31:46 · Reply to this


jbryan

join:2004-11-30
White, PA
·Verizon BroadbandA..

 I got the following message from my CA Anti Virus real time scanner progrm today. I ran a full system scan and CA does not find it. I tried searching for this on c drive and cannot find it anywhere. Any suggestions?

3/23/2008 13:39:23 PM File infection: \Device\HarddiskVolumeShadowCopy6\PAGEFILE.SYS is infected with JS/Lame.A virus.
to forum · permalink · · 2008-03-23 17:07:51 · Reply to this
Forums » Up and Running » Security » SecurityApple patches a pile of flaws »
« SCW download for 2003 Server SP1???  

Friday, 04-Dec 19:46:25 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [145] Avast Antivirus Has Gone Mad
· [125] Comcast Makes NBC Universal Acquisition Official
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [82] FCC Ponders Moving From PSTN To IP Voice
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [74] Sprint Defuses GPS Privacy Media Bomb
· [70] Baltimore To Ban Lazy Cable Installs
· [64] Broadband Killed The Game Console
Most people now reading
· False positive in Avast! or is it real? [Security]
· Farewell [Bell Canada]
· ZR1 VS The USN Blue Angels! [56k Lookout (Broadband Heavy)]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· DNS options, what are YOU using? [TekSavvy]
· [Scam] Cruise line mail? [Spam, Scam and Phishbusters]
· Evading throttling with uTP / uTorrent 1.9a [TekSavvy]
· Soo I wanna get a tattoo. [Canadian Chat]
· [Rant] Disrespect of PTO [Rants, Raves, and Praise]
· Linux is terrorist - according to MS... [All Things Unix]