06-15-2009 06:40 PM
I have a Theory
First I need 3 logs
Please run RootRepeal as in this post http://community.norton.com/norton/board/message?b
Pastebay does have a Character limit so please make sure that the whole gets posted
I would also like a DDS log
You will have to go offline and disable auto-protect and the firewall to run it when it is finished it will produce a log. then you can enable everything again and go back online
When I have the 3 logs I will cross reference
06-16-2009 04:40 AM
The name of the security threat is packed.generic233.
Norton does not list it on the history file at least not with that name. which is the same thing it was doing with misleadapp.
malwarebytes does not pick it up, adaware did not see it... meanwhile all web browsing is hijacked if you use a web link.
very challenging little bugger this one is...
thanks to all for the help.
06-16-2009 01:54 PM
As well as doing the Logs for Quads, could you also try the Removal Intructions for Packed.Generic.233.
Removal Instructions for Packed.Generic.233: http://www.symantec.com/en/uk/security_response/wr
06-17-2009 09:41 PM
If you have Spybot S&D, please uninstall.
Please go here and Download Avenger to your Desktop, http://community.norton.com/norton/board/message?b
With Vista remember to right click, Avenger and select "Run as Administator" from the Menu.
Now when you get to number 3. use the script below not the one on the other post, SO
3. In the "Input script here:" copy and paste the script between the lines
Drivers to disable:
Drivers to delete:
Files to delete:
Registry keys to delete:
Then carry on with the other post from Screenshot and below.
06-18-2009 04:29 AM
It appears as if the problem has been solved I have scanned the system with avenger, gmer and no rootkits found.
Norton is now running again, and the previous threats are now removed.
Web browsing is back to normal, and even performance levels are up.
My knee jerk reaction was to re install, but the whole experience has been educational! I don't wish this on anyone, but I learned an awful lot!
Thanks Again Quads!
and thanks to all the people that contributed on the forum.
06-18-2009 08:42 AM
Glad everything is working well for you. There should be a .zip file in the Avenger folder. Please upload it here http://rapidshare.com/index.html
Use your name as you did with the others.