republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Infected file
Search Topic:
Uniqs:
335		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Apple patches a pile of flaws »
« SCW download for 2003 Server SP1???  
AuthorAll Replies


jbryan

join:2004-11-30
White, PA
·Verizon BroadbandA..

Infected file

I got the following message from my CA Anti Virus real time scanner progrm today. I ran a full system scan and CA does not find it. I tried searching for this on c drive and cannot find it anywhere. Any suggestions?

3/23/2008 13:39:23 PM File infection: \Device\HarddiskVolumeShadowCopy6\PAGEFILE.SYS is infected with JS/Lame.A virus.
to forum · permalink · · 2008-03-23 17:07:51 · Reply to this


anon101

@cox.net		 Maybe CA AV removed it initially. Thats why you did not find it again on the scan. I dont have this product so cant offer much more help. Are there any logs/quarantines/etc to look at?
to forum · permalink · 2008-03-23 17:31:46 · Reply to this

Kiwi
Premium
join:2003-05-26
USA
·Comcast
·Aristotle Internet

 Apparently is not a false positive...

"The malware determines the location of the current Windows folder by querying the operating system. The default installation location for the Windows directory for Windows 2000 and NT is C:\Winnt; for 95,98 and ME is C:\Windows; and for XP is C:\Windows.
%Temp% is a variable location and refers to the directory designated for temporary files. The malware determines the location of the current Temp folder by querying the operating system. A typical path is "C:\Documents and Settings\\Local Settings\Temp", or "C:\WINDOWS\TEMP".
If the current day is the 9th, it adds the following text to the infected file:

"This file is infected by Html.Lame!"
"What a virus! "

Cheers
to forum · permalink · · 2008-03-23 17:39:14 · Reply to this
Forums » Up and Running » Security » SecurityApple patches a pile of flaws »
« SCW download for 2003 Server SP1???  

Sunday, 05-Jul 05:15:31 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 9.5 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [146] Biden Unveils Broadband Stimulus
· [95] AT&T: 65,000 SMS Sent Per SECOND
· [91] Compuserve Classic Says Goodnight
· [83] Thomas To Appeal Huge RIAA Fines
· [77] Obama Using NSA, AT&T For New Snooping Project
· [73] Fourth Of July Open Thread
· [71] iPhone 3GS Already Jailbroken
· [67] Verizon: Cut Your Landline To Save Money
· [61] Cable Carriers Miss Tru2Way Deadline
· [60] The Pirate Bay Gets Sold
Most people now reading
· TekSavvy Down [TekSavvy]
· 6 firetrucks at 151 [TekSavvy]
· [ Professions] Northrend Herbalism and Mining Tracks [World of Warcraft]
· Looks like the announcement is announced... [Verizon Fiber Optics]
· Canada's slipping position on net access cost & speed [TekSavvy]
· Uverse DSL With Static IPS WORST ISP EVER! [AT&T U-verse]
· Best free email accounts? [General Questions]
· [Unlock] TUTORIAL: VONAGE WRTP54G/RTP300 WITH 5.01.04 [VOIP Tech Chat]
· Weird Tomato DHCP Issue [TekSavvy]
· [Free] SnagIt 7.2.5 Full Version Free Download with key [Software]