Jimi

Member
  • Content Count

    7
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Jimi

  • Rank
    New Member
  1. I'm not sure if the EAM logfile got attached to my last reply, so here it is again.
  2. I just ran the quick Scan with EAM (we just have the 30 day trial right now) since we do have some large-ish drives on this PC. Our F-prot is also a free version, as is AVG. I guess I will need to discuss with our IT guy as to which we should keep, and I'll certainly put in a good word for EAM, as I appreciate your assistance today. Attached is the log file form the Quick scan -- looks to be clean. I can run the deep scan overnight, if that is advised. Acrobat reader and Java have been updated. Anything else at this point? Thanks!
  3. So, are you saying I should remove AVG completely? I'm asking becuase I think it was the main anti-virus program that we have running on this system. If we remove AVG, what should we be using in its place? I will have to discuss this with our IT consultant first before we remove AVG completely, if that's what you are proposing. I'll update the Acrobat and Java now. I will run the EAM deep scan once I hear back from you. Thanks.
  4. OK, I ran Combofix and the logfile is attached. I will touch base with our IT guy and we'll look into re-installing the OS, etc. I was hoping to avoid that, but if it needs to be done, we'll do it. We do use this computer for our on-line banking and other sensitive stuff, so I guess we'll need to look into changing those passwords as needed. We have our accounting software (Quickbooks) on it as well, although the data is on our network. Let me know if any further items for attention based on the Combofix log. Thanks!
  5. OK, I followed those instructions and it looks like a "Rootkit.Boot.Pihar.c" was found and cured, and some other files were quarantined. The log file is attached. Interestingly, it looks like there was a similar log file (from the same program) from October 2011 on the C drive, so one of my colleagues must have had to disinfect the same (ir similar) thing back in October. Anyway, hopefully this has been fixed. Let me know if there's any other steps I need to take. Thanks!
  6. Hi Elise, OK, thanks for the reply. I am attaching the info you have requested. Please keep me posted on next steps. Thanks!
  7. Hello, I ran Emsisoft Anti-Malware earlier and had quanrantined some stuff (I'll attach that initial log, which is named "a2scan_120705-212634.txt"), and then when it found a possible Rootkit infection, I went through all of the Emsisoft Emergency Kit steps, so I'll include those text files as well. Seperately, I have run Malwarebytes Anti-Malware and other stuff, and although they have found things too, it doesn't seem as though the underlying cause (possibly the Rootkit infection) has been removed. Also worth noting, when I tried to run the browser-based (IE) Trojan scan (I think Emsisoft provides it) at "windowssecurity.com/trojanscan" it would always crap out and close the browser unexpectedly after a few minutes, but I managed to grab a screen shot which mentions that it found "Trojan.Win32.Tracur!IK" before it closed the browser one time. I will attach that screen shot (trojan_scan.jpg) as well, if this forum lets me. Btw, I was running the scan on the infected PC via a VPN connection at the time (so you'll see a desktop within a desktop), but I have also tried running the browser-based scan tool directly on the PC, also to no avail. In addition to the attachments that you request from folloing the steps of the Emsisoft Emergency Kit, I will also include an attachment (text file) from a Malwarebytes Anti-Malware scan that I ran today, and I can also send some log files from other scans I have run recently. I think this PC got infected about a two weeks ago or so, and we're not sure where/how. Anyway, I would appreciate any insights that can help me solve this issue before I end up contacting one of my IT support guys, since I figured I would give it a shot first, having solved this kind of stuff in the past, even if with some help and pointers from experts and forums like you. I will be happy to spread to good word about you guys if you're able to help me out, and appreciate any advice in any case. I can be reached at email address removed to avoid spamming (yes, I'm a guitar head when I'm not geeking out on the computer, ha-ha)... Thanks!