Yesterday I downloaded the most recent version of the Virus Removal Tool and it picked up a file with the pathname "C:\System.sav\util\RESBETA\RESDETECT.EXE" and said that it was "Trojan-Downloader.Win32.Banload.bmso". I searched for the file in my system and RESDETECT.exe has a nvidia logo, and it was created and last modified 11/14/2007, and it was last accessed 2/24/2008 at 6 a.m., when I don't think my PC was even on since I am rarely on my PC in the morning.
So what should I do? Should I delete the file, or ignore it? I don't want to delete anything from the System.sav folder without knowing that I must, and based on context clues, it seems like it is an auto resolution detecting program. Help as soon as possible is appreciated, as I want to use this computer as little as I can until I know it is safe.
EDIT: Upon further reflection, I didn't even have this PC until November of 2008, so this file hasn't been (apparently) accessed or modified while I have had this computer. Could trojans alter the access date so that it can mask when it altered the file?
Edited by mpg317, 02 August 2011 - 11:32 AM.