Register
FaceBook Twitter

[CLOSED] JS/Sality.AO in Panda pav.tmp

Container for RESOLVED incidents, queries SOLVED by the experts, EXPIRED topics or those that have been CLOSED by the users.
Registered user
Posts: 9
Joined: Wed, 16 May 2012, 04:17

[CLOSED] JS/Sality.AO in Panda pav.tmp

Postby redcryptic » Sun, 09 Sep 2012, 13:57

Just ran a Panda scan and had it catch the JS/Sality.AO virus in one of Panda's pav.tmp files as well as several pagefile.sys. Now the Panda pav didn't get disinfected, it just says Notified and this is what's listed on the last pagefile as well.

I haven't yet done the remove from Restore steps yet, that's my next step.

Is there any reason to be concerned that this bug is in a Panda's file?

Registered user
Posts: 9
Joined: Wed, 16 May 2012, 04:17

Re: JS/Sality.AO in Panda pav.tmp

Postby redcryptic » Sun, 09 Sep 2012, 17:07

Bugger. Did the Disable System Restore, Restart, Re-enable, and then scanned again, and the JS/Sality.AO is still in /psktemp/pav6.tmp.

What am i doing wrong, or forgetting to do?

Registered user
User avatar
Posts: 517
Joined: Wed, 11 Apr 2012, 12:39
Location: Sofia, Bulgaria

Re: JS/Sality.AO in Panda pav.tmp

Postby rmadzharov » Mon, 10 Sep 2012, 09:33

Hello,

Thank you for your post.

Please be so kind as to attach your scan report here so that we can take a look.

Thank you.

Best regards,
Radko
The postings on this site are solely my own and do not represent or constitute Panda Security's positions, views, strategies or opinions.

Official moderator
User avatar
Posts: 3199
Joined: Mon, 02 Apr 2012, 17:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Postby VirusBuster » Mon, 10 Sep 2012, 12:00

Try running a scan with Panda SafeDisk
You can find it in the Disinfection tools subforum
Regards,

Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them

Registered user
Posts: 9
Joined: Wed, 16 May 2012, 04:17

Re: JS/Sality.AO in Panda pav.tmp

Postby redcryptic » Mon, 10 Sep 2012, 17:31

What exactly is the pav6.tmp file any way?

Official moderator
User avatar
Posts: 3199
Joined: Mon, 02 Apr 2012, 17:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Postby VirusBuster » Tue, 11 Sep 2012, 09:51

According to the path where it is stored, it is a temporary file related to the virus protection cache
Please run a scan with the SafeDisk as instructed to clean it
Regards,

Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them

Registered user
Posts: 9
Joined: Wed, 16 May 2012, 04:17

Re: JS/Sality.AO in Panda pav.tmp

Postby redcryptic » Wed, 12 Sep 2012, 15:20

Ok, I dled the Safedisk, put it to a CD, but I have no idea how to reboot from the disk. How do I do that?

Official moderator
User avatar
Posts: 3199
Joined: Mon, 02 Apr 2012, 17:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Postby VirusBuster » Wed, 12 Sep 2012, 15:34

Have you read the web help?
There is step saying:
NOTE: If you have problems upon rebooting from the CD-ROM drive, refer to How to boot from a CD-ROM.
Regards,

Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them

Registered user
Posts: 9
Joined: Wed, 16 May 2012, 04:17

Re: JS/Sality.AO in Panda pav.tmp

Postby redcryptic » Wed, 12 Sep 2012, 17:42

The link does not work, either in the article or the one you just linked me to. How ever i did just find the info. Problem is it looks like my computer is set up to check the CD drive first, but the thing isn't realizing the disk is in the drive when I start up.

I'm on a Dell GX620 running XP.
Start the computer, hit F2 to enter the Set up.
I go to the Boot order list.
The order is:
Onboard or USB CD Rom
Onboard/usb Floppy
SATA Hard Drive
IDE Hard Drive
Network Connection
USB


Why can't I just delete the Pav6.tmp file?

Official moderator
User avatar
Posts: 3199
Joined: Mon, 02 Apr 2012, 17:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Postby VirusBuster » Thu, 13 Sep 2012, 09:56

Sorry, the link is pointing to a different site, the correct one is this:
How to boot from a CD-ROM

redcryptic wrote:Problem is it looks like my computer is set up to check the CD drive first, but the thing isn't realizing the disk is in the drive when I start up.

How did you burn the ISO file?
What is the content of the CD? The ISO file or are there many files?

If you have problems booting from the CD, try following the instructions to boot from a USB stick instead
Regards,

Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them

Next

Return to Virus - Archive Issues

Who is online

Users browsing this forum: No registered users and 0 guests