Author Topic: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]  (Read 8990 times)

0 Members and 1 Guest are viewing this topic.

Offline wvrick1958

  • Jr. Member
  • **
  • Posts: 26
I scanned last night and Avast found this:
Avast Search and got the following file as being infected.
C:\WINDOWS\MEMORY.DMP  - Win32.Small-XK [trj]
Avast recommended moving to chest, I tryed and it said file too large?  So I deleted the file. I was thinking this is a dump file and ok? I really just need confirmation?

Thanks

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31102
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #1 on: January 17, 2009, 05:47:39 PM »
If you have set Windows to do a complete memory dump, then yes it was a dump file.
More information about Windows dump files can be found HERE

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67212
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #2 on: January 17, 2009, 06:01:44 PM »
Yes, it's a memory dump (crash).
It could be a false positive or the malware could have been active in the crash moment.
I suggest a full avast scanning, maybe at boot time.
The best things in life are free.

Offline wvrick1958

  • Jr. Member
  • **
  • Posts: 26
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #3 on: January 17, 2009, 06:05:23 PM »
Thanks, I was worryed that a virus was displaying this message to make the user delete his/her own OS.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 87436
  • No support PMs thanks
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #4 on: January 17, 2009, 06:07:03 PM »
This file is created on a system crash, it will be quite large depending on your settings, possibly as large as your memory size. Depending on why the crash occurred it could be possible that a virus was in memory and not that is being detected.

This file is only of use to those with the tools and experience to analyse the memory.dmp file (to try to find the cause of the crash), so unless you have someone you know with the tools and experience then this file is worth very little. The older the file is again its worth is diminished further.

If that file existed when you had another system crash it would be overwritten, if it wasn't there a new one would be created, so it is a win, win situation, with no real downside having deleted it.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 23.1.6049 (build 23.1.7883.774) UI 1.0.746/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline wvrick1958

  • Jr. Member
  • **
  • Posts: 26
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #5 on: January 17, 2009, 10:00:45 PM »
Thanks, I was have lots of crashes/restarts last month but I've played around with different AV's and firewalls. I was running a older ver of ZA and after coming back to Avast and Sunbelt PFW thing are smooth again.

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11819
    • AVAST Software
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #6 on: January 17, 2009, 10:04:31 PM »
It's also possible that the crash occurred when another AV was running - and it's decrypted virus signatures got dumped from memory to disk.
In any case, it's safe to delete the file.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 87436
  • No support PMs thanks
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #7 on: January 17, 2009, 10:12:12 PM »
Thanks, I was have lots of crashes/restarts last month but I've played around with different AV's and firewalls. I was running a older ver of ZA and after coming back to Avast and Sunbelt PFW thing are smooth again.

You're welcome.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 23.1.6049 (build 23.1.7883.774) UI 1.0.746/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline wvrick1958

  • Jr. Member
  • **
  • Posts: 26
Re: 4.8 Home scan shows C:\WINDOWS\MEMORY.DMP - Win32.Small-XK [trj]
« Reply #8 on: January 18, 2009, 12:40:12 AM »
 :D

Thanks to everyone here for responding.
~R