A little scare

[Ink]

My Downloads folder is located on the D:\ drive, so I'm not sure how this got there... who knows?

 

[Jack]

did you do the "nasty" in the past... :diablo:: ?...played with MDL on your system?
That yourbot.exe is usually a zeus trojan

 

[Ink]

:lol: I never play with MDL contents on my host.

Glad Avast caught it though, I was going to use NoVirusThanks Uploader to see what it was.

 

[bogdan]

It got identified as a dropper so you should check if windows settings are ok, you can access TaskManager, regedit, Windows updates are still on, etc. Check autorun entries and hosts file. (more info).

 

[Ink]

I can access Task Manager, regedit and Windows Updates (just recently updated to SP1).

MBAM : clean
Avast : still scanning
Hitman Pro : Shows Explorer.exe : Malware (Medium Risk Malware) Prevx : Quarantine. -Edit: WPF replaced Explorer, I think it's because I used a custom start orb.

Could it be because I use Custom Themes and Start Orb?

Also before avast! detected the file, it was dated 15th Feb (from within Windows Explorer).

 

[bogdan]

Could it be because I use Custom Themes and Start Orb?

It could be. That's why I hate them so much . You could try uploading the explorer.exe hitman detects to virustotal and check the results.

 

[Chiron]

If you're not sure of a file then investigate it with the methods I discuss here.

 

[MetalShaun]

So did Avast catch it as it was downloaded or was it just sat there on your drive untill Avast had a Sig for it??

 

[jamescv7]

Seems the file is suspicious as long avast detected and clean it no worries.

 

[techgeek88]

I'd run a MBAM, HMP, and SAS scan to be sure...

 

[Ink]

All is clear and fine.

 

[Ink]

Hey, just figured out how the file got there.

Since I use NoVirusThanks Uploader it downloads the file there before uploading it to their servers for scanning.