Malware in MEMORY.DMP

Toggle sidebar Toggle sidebar
Stg-Flame

Stg-Flame

Diamond Member
Mar 10, 2007
3,660
602
126
I ran Avast before I went to work and I came home to find that there is Malware in my MEMORY.DMP file. I turned off System Restore when I first built this computer, but to my surprise when I just re-checked it, Vista re-activated it. Now I have another reason to hate Vista even more.

Anyways, Avast recommends I Move To Chest, but it says that it cannot process the request when I attempt it. So should I try to delete the file or Move/Rename it? I cannot possibly see how continuing on with the scan without doing something to fix this virus can be good, but if there is another solution, I am all ears.

Any help is greatly appreciated.
 
mechBgon

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
If you have software that can burn a .ISO to a CD, then download and burn F-Secure's Rescue CD: http://www.f-secure.com/linux-...escue-cd-300-released/

Boot the system from the CD and let it scan. Make sure the system has a wired network connection so it can fetch the latest antivirus definitions during the scan.

Avast is not too hot on malware detection, so getting a second opinion from a top-notch product (for free) is a good move. This could also be a "false positive," where Avast is making a mistake on a harmless file.
 
lxskllr

lxskllr

No Lifer
Nov 30, 2004
59,415
9,936
126
Just delete the file. It's created after a BSOD for debugging purposes.
 
Stg-Flame

Stg-Flame

Diamond Member
Mar 10, 2007
3,660
602
126
Originally posted by: mechBgon
If you have software that can burn a .ISO to a CD, then download and burn F-Secure's Rescue CD: http://www.f-secure.com/linux-...escue-cd-300-released/

Boot the system from the CD and let it scan. Make sure the system has a wired network connection so it can fetch the latest antivirus definitions during the scan.

Avast is not too hot on malware detection, so getting a second opinion from a top-notch product (for free) is a good move. This could also be a "false positive," where Avast is making a mistake on a harmless file.
Click to expand...

Thanks, I'll give it a try.

Originally posted by: lxskllr
Just delete the file. It's created after a BSOD for debugging purposes.
Click to expand...

The file is 467MB. Quite large for just a recovery file after a BSOD, or so it seems.

Thanks again.
 
lxskllr

lxskllr

No Lifer
Nov 30, 2004
59,415
9,936
126
It's everything that could be recovered from memory. That could be quite extensive, especially on systems with large amounts of ram.
 
Billb2

Billb2

Diamond Member
Mar 25, 2005
3,035
70
86
The real question is how did the malware originally get loaded into memory?

Deleting the memory dump file just cures the symptom not the disease.


 
gsellis

gsellis

Diamond Member
Dec 4, 2003
6,061
0
0
Originally posted by: Billb2
The real question is how did the malware originally get loaded into memory?

Deleting the memory dump file just cures the symptom not the disease.
Click to expand...

Bill, the hint may be in his other post. His scans were hitting a system/boot drive from an old system. This may be the case for the memory.dmp file. Or... the dump was gen'ed from AV chocking on the dmp file creating a dmp. Or, as you say.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom