Hello. I have been experiencing computer shutdowns and Bluescreens all pointing to mem.dmp. I updated and ran Avast Boot Scan and it showed clean. After yet another crash I booted into safe mode and ran A-Squared Scanner. It found Win32.HacDef.IB!IK in my mem.dmp. I quarantined it, and rebooted.
1-Why did Avast not find this in Boot Scan.
2-Should I re-format my computer?
3-I surf no porn or questionable websites with this particular computer so where the heck did I get this rootkit?
Thank for any help. This Virus/Trojan/Rootkit stuff is getting depressing.
Maybe it’s not on the avast signatures yet…
Maybe it’s a false positive from a-squared… although the blue screens are problematic…
Which is this file (memory dump) size?
1-I wondered about a possible FP, but have had Zero crashes since A-Squared quarantined the MEMORY.DMP file. So, it does appear that something was wrong inside that file. I did switch out a USB Wireless Keyboard/Mouse at the same time. I will add that variable back into the mix by using the USB Keyboard/Mouse tonight.
As to the size of the file, it is in Quarantine inside A-Squared, and I cannot see how to find the size of the file.
2-OK, I really don’t want to have to Format right now. ;D
3-I have only used USB Hard Drives that give me no troubles before, and I recently bought a USB MP3 player from K-Mart. It only has files installed from factory and from my own music collection that has never caused problems before.
A memory.dmp file is created at the time of a crash and contains the contents of memory (depending on your settings it could be equal to the sum of your RAM), so it is entirely possible there was a virus in memory, which could subsequently detected.
The memory.dmp file is effectively redundant as if it is there and you have a further crash it would be overwritten if no copy then it would be created. So removal is a bit of a win, win, situation.
Thanks guys - I just got home and my system locked up again, on a email this time. Looks like time for another safe mode scan. I haven’t reinstalled the USB Keyboard so I know it isn’t that causing the problem now,
