[CLOSED] JS/Sality.AO in Panda pav.tmp

Container for RESOLVED incidents, queries SOLVED by the experts, EXPIRED topics or those that have been CLOSED by the users.
redcryptic
Registered user
Registered user
Posts: 9
Joined: Wed, 16 May 2012, 05:17

[CLOSED] JS/Sality.AO in Panda pav.tmp

Post by redcryptic »

Just ran a Panda scan and had it catch the JS/Sality.AO virus in one of Panda's pav.tmp files as well as several pagefile.sys. Now the Panda pav didn't get disinfected, it just says Notified and this is what's listed on the last pagefile as well.

I haven't yet done the remove from Restore steps yet, that's my next step.

Is there any reason to be concerned that this bug is in a Panda's file?
redcryptic
Registered user
Registered user
Posts: 9
Joined: Wed, 16 May 2012, 05:17

Re: JS/Sality.AO in Panda pav.tmp

Post by redcryptic »

Bugger. Did the Disable System Restore, Restart, Re-enable, and then scanned again, and the JS/Sality.AO is still in /psktemp/pav6.tmp.

What am i doing wrong, or forgetting to do?
User avatar
rmadzharov
Registered user
Registered user
Posts: 516
Joined: Wed, 11 Apr 2012, 13:39
Location: Sofia, Bulgaria

Re: JS/Sality.AO in Panda pav.tmp

Post by rmadzharov »

Hello,

Thank you for your post.

Please be so kind as to attach your scan report here so that we can take a look.

Thank you.

Best regards,
Radko
The postings on this site are solely my own and do not represent or constitute Panda Security's positions, views, strategies or opinions.
User avatar
VirusBuster
Official moderator
Official moderator
Posts: 7595
Joined: Mon, 02 Apr 2012, 18:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Post by VirusBuster »

Try running a scan with Panda SafeDisk
You can find it in the Disinfection tools subforum
Regards,

Image
Jorge Torre
TechSupport Department - Panda Security

I don't reply to private messages unless I have previously requested them
redcryptic
Registered user
Registered user
Posts: 9
Joined: Wed, 16 May 2012, 05:17

Re: JS/Sality.AO in Panda pav.tmp

Post by redcryptic »

What exactly is the pav6.tmp file any way?
User avatar
VirusBuster
Official moderator
Official moderator
Posts: 7595
Joined: Mon, 02 Apr 2012, 18:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Post by VirusBuster »

According to the path where it is stored, it is a temporary file related to the virus protection cache
Please run a scan with the SafeDisk as instructed to clean it
Regards,

Image
Jorge Torre
TechSupport Department - Panda Security

I don't reply to private messages unless I have previously requested them
redcryptic
Registered user
Registered user
Posts: 9
Joined: Wed, 16 May 2012, 05:17

Re: JS/Sality.AO in Panda pav.tmp

Post by redcryptic »

Ok, I dled the Safedisk, put it to a CD, but I have no idea how to reboot from the disk. How do I do that?
User avatar
VirusBuster
Official moderator
Official moderator
Posts: 7595
Joined: Mon, 02 Apr 2012, 18:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Post by VirusBuster »

Have you read the web help?
There is step saying:
NOTE: If you have problems upon rebooting from the CD-ROM drive, refer to How to boot from a CD-ROM.
Regards,

Image
Jorge Torre
TechSupport Department - Panda Security

I don't reply to private messages unless I have previously requested them
redcryptic
Registered user
Registered user
Posts: 9
Joined: Wed, 16 May 2012, 05:17

Re: JS/Sality.AO in Panda pav.tmp

Post by redcryptic »

The link does not work, either in the article or the one you just linked me to. How ever i did just find the info. Problem is it looks like my computer is set up to check the CD drive first, but the thing isn't realizing the disk is in the drive when I start up.

I'm on a Dell GX620 running XP.
Start the computer, hit F2 to enter the Set up.
I go to the Boot order list.
The order is:
Onboard or USB CD Rom
Onboard/usb Floppy
SATA Hard Drive
IDE Hard Drive
Network Connection
USB


Why can't I just delete the Pav6.tmp file?
User avatar
VirusBuster
Official moderator
Official moderator
Posts: 7595
Joined: Mon, 02 Apr 2012, 18:53
Location: Panda HQ - Bilbao

Re: JS/Sality.AO in Panda pav.tmp

Post by VirusBuster »

Sorry, the link is pointing to a different site, the correct one is this:
How to boot from a CD-ROM
redcryptic wrote:Problem is it looks like my computer is set up to check the CD drive first, but the thing isn't realizing the disk is in the drive when I start up.
How did you burn the ISO file?
What is the content of the CD? The ISO file or are there many files?

If you have problems booting from the CD, try following the instructions to boot from a USB stick instead
Regards,

Image
Jorge Torre
TechSupport Department - Panda Security

I don't reply to private messages unless I have previously requested them
Locked

Return to “Virus - Archive Issues”