« previous next »
Pages: [1]   Go Down

Author Topic: Rootkit On Computer  (Read 2385 times)

0 Members and 1 Guest are viewing this topic.

Offline Jobber

  • Jr. Member
  • **
  • Posts: 88
Rootkit On Computer
« on: May 25, 2013, 07:03:41 PM »
Did a Full System Scan with Avast! today and found:

File Name: C:\Windows\...\tmp.edb

Severity: High

Status: Threat: Rootkit: hidden file


Tried to Move to Chest but got an Error message:


Error: The Request is not supported.


1) I didn't do a Bootscan as I was prompted to by Avast!

Should I do a Bootscan????

2) Should I do a scan with Malewarebytes Anti-Malware?


3) Need to get rid of the Rootkit; please help me get rid of it.


Thanks.


Recently, I've been getting a lot of pop up market research "surveys" for websites when I visit them, so maybe this is causing that to happen.
 
« Last Edit: May 25, 2013, 07:06:20 PM by Jobber »
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37534
  • Not a avast user
Re: Rootkit On Computer
« Reply #1 on: May 25, 2013, 07:36:16 PM »
Logged

Offline Jobber

  • Jr. Member
  • **
  • Posts: 88
Re: Rootkit On Computer
« Reply #2 on: May 25, 2013, 09:03:18 PM »
Didn't see the Extras.Txt file log after run scanning OTL.  ???



I can't think of anything I did incorrectly but only the OTL.Txt appeared.



Should  I now continue with th aswMBR.exe?

Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Rootkit On Computer
« Reply #3 on: May 25, 2013, 09:09:39 PM »
edb files are legitimate and are transient  they come and go fairly fast

Quote
Windows security database files ('.edb') may be scanned as part of behavior monitoring or in scenarios where the on-access scanner needs to verify the file type is as the filename suffix states. This can occur irrespective of the on-access scanned extensions list.

These files can contain a structure that the on-access scanner may interpret as malicious whilst the file is in transitional state.


Otherwise the logs look clean
Logged

Offline Jobber

  • Jr. Member
  • **
  • Posts: 88
Re: Rootkit On Computer
« Reply #4 on: May 25, 2013, 09:22:53 PM »
Quote from: essexboy on May 25, 2013, 09:09:39 PM
edb files are legitimate and are transient  they come and go fairly fast

Quote
Windows security database files ('.edb') may be scanned as part of behavior monitoring or in scenarios where the on-access scanner needs to verify the file type is as the filename suffix states. This can occur irrespective of the on-access scanned extensions list.

These files can contain a structure that the on-access scanner may interpret as malicious whilst the file is in transitional state.


Otherwise the logs look clean


Should I continue and download aswMBR.exe as outlined in the Cleaning Malware info thread??
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Rootkit On Computer
« Reply #5 on: May 25, 2013, 11:56:40 PM »
You can if you wish to double check :)
Logged
Pages: [1]   Go Up
« previous next »