Hi DavidR et al,
I finally found the culprit, it is: File name C:\Windows\MEMORY.DMP Malware name Win32:VB-gen2 [Wrm] Virus/Worm
Actually my sis found it first & once she found it I knew I had it but it has taken me til now to find it, running avast. So now I want to move it to the vault but can’t as it says I don’t have enough disk space I have 160 gb’s free
Following is description
Malware type: Trojan
Aliases: Trojan-Downloader.Win32.VB.aod (Kaspersky), Trojan Horse (Symantec), TR/Dldr.VB.aod (Avira), Mal/Behav-225 (Sophos),
In the wild: Yes
Destructive: No
Language: English
Platform: Windows 95, 98, ME, NT, 2000, XP
Encrypted: No
Overall risk rating:
Low
Reported infections:
Low
Damage potential:
Medium
Distribution potential:
Low
Description:
This Trojan downloads and executes the file, MSNMSG.EXE, into the root folder (usually C:) from the following link:
http://www.zk{BLOCKED}c31.nl/spaw
Trend Micro detects this file as TSPY_BANCOS.AKI.
Tech details:
File type: PE
Memory resident: No
Size of malware: 29,384 Bytes (compressed); 33,792 Bytes (uncompressed)
Initial samples received on: Jun 19, 2005
Compression type: Petite
Related to: TSPY_BANCOS.AKI
I do know that RUbotted is BETA and unsupported by TrendMicro but looks like it did find this first!
Not sure what to do if I can’t move it to vault, would I move it & then rename it for now
nanajana
nanajana