United States
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Norton Internet Security / Norton AntiVirus

Reply
Topic Options
poorronny
Visitor
poorronny
Posts: 6
Registered: ‎06-15-2009
Accepted Solution

Please help SKYNET gotme

Options

‎06-16-2009 01:03 PM

My Nortons will not do a complete scan, and PC shuts down if I click on the modem. Problem started after I got what I thought to be a windows update, I just let it install when I shut down my PC. When I restarted the next day I immediately got a popup which I thought was from my Nortons program stating that bloodhound.sonar1 had detected a serious problem and I needed to immediately shut down and restart, and that brings me here. I have posted logfiles from GMER and hijack this to pastebay under the name poorronny. Thanks for any help in advance
Report Inappropriate Content
Message 1 of 12 (7,462 Views)
0 Kudos
dbrisendine
Posts: 5,562
Kudos: 1,282
Solutions: 263
Registered: ‎10-06-2008

Re: Please help SKYNET gotme

Options

‎06-16-2009 01:06 PM

Please also post a RootRepeal log on pastebay.

 

1. Download to your Desktop "RootRepeal.exe" from http://homepages.slingshot.co.nz/~crutches/RootRepel

2. Start it, Click on the "Report" Tab

3. Select (tick) in the box that appears "Drivers", "Stealth Objects" and "Hidden Services" and click OK

4. After it scans click "Save Report" and save the txt file the use notepad to copy the info.

Thanks.

Report Inappropriate Content
Message 2 of 12 (7,439 Views)
0 Kudos
poorronny
Visitor
poorronny
Posts: 6
Registered: ‎06-15-2009

Re: Please help SKYNET gotme

Options

‎06-16-2009 01:37 PM

OK Rootrepeal log file has been posted
Report Inappropriate Content
Message 3 of 12 (7,425 Views)
0 Kudos
Quads
Bot Obliterator
Quads
Posts: 13,253
Registered: ‎07-21-2008

Re: Please help SKYNET gotme

Options

‎06-16-2009 01:39 PM

Hi 

 

I have the rootrepeal log, I need your GMER log, it's not on Pastebay

 

Quads 

Report Inappropriate Content
Message 4 of 12 (7,425 Views)
0 Kudos
poorronny
Visitor
poorronny
Posts: 6
Registered: ‎06-15-2009

Re: Please help SKYNET gotme

Options

‎06-16-2009 01:52 PM

I must have done it wrong, anyway it should be there now. thanks
Report Inappropriate Content
Message 5 of 12 (7,419 Views)
0 Kudos
poorronny
Visitor
poorronny
Posts: 6
Registered: ‎06-15-2009

Re: Please help SKYNET gotme

Options

‎06-16-2009 02:22 PM

http://pastebay.com/22538  GMER     http://pastebay.com/22535  ROOTREPEAL     http://pastebay.com/22541    Hijackthis

Report Inappropriate Content
Message 6 of 12 (7,405 Views)
0 Kudos
Quads
Bot Obliterator
Quads
Posts: 13,253
Registered: ‎07-21-2008

Re: Please help SKYNET gotme

Options

‎06-16-2009 02:47 PM

Hi

 

Please read from this message onwards on how myself and anothe poster used a CFScript to tartget files So you understand about coping into Notepad naming it  and drag and dropping.

 

http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=55277#M55277 

 

I will post the script soon, just making sure it is correct.

 

Quads 

 

 

Report Inappropriate Content
Message 7 of 12 (7,396 Views)
0 Kudos
Quads
Bot Obliterator
Quads
Posts: 13,253
Registered: ‎07-21-2008

Re: Please help SKYNET gotme

Options

‎06-16-2009 03:36 PM

Hi

 

Now

 

1.  Download Combofix  to your Desktop, http://www.bleepingcomputer.com/combofix/how-to-use-combofix

 

Don't use yet.

 

2. I have Personal Messaged you the script between the lines, look for the yellow envelope at the upper right hand side.   Copy the Script.

 

3.  Open Notepad and paste it in to notepad with the first line being killall::

 

4. Save the script as "CFScript.txt"       CFScript.txt is what you see on your desktop after saving.

 

5. Disable Nortons Auto-Protect and Firewall.

 

6.  Drag and drop CFScript.txt on top of Combofix.exe, like when you drop files into the recycle bin.

 

7. Combofix will start,  When it is scanning don't move the mouse cursor inside the box, can cause freezing.

 

Quads 

Report Inappropriate Content
Message 8 of 12 (7,382 Views)
0 Kudos
poorronny
Visitor
poorronny
Posts: 6
Registered: ‎06-15-2009

Re: Please help SKYNET gotme

Options

‎06-16-2009 04:51 PM

Got this message "This machine does not have Microsoft Windows Recovery Console installed. Without it Combofixshall not attempt the fixing of some serious infections" click yes to have combofix download/install it. Note this requires an active internet connection. Had to click no as I could not use modem. combofix began running again, told me to write down some file names, ran another minute then rebooted my pc then started running and deleteing files. Rebooted a second time and created a log report    http://pastebay.com/22565    I think this took care of my problem, thank you so much
Report Inappropriate Content
Message 9 of 12 (7,369 Views)
0 Kudos
Quads
Bot Obliterator
Quads
Posts: 13,253
Registered: ‎07-21-2008

Re: Please help SKYNET gotme

Options

‎06-16-2009 05:01 PM

Hi

 

Is it Running nicely now??

 

2 files I don't like but I don't know what the .sys file or .tmp file is for.

 

Quads 

Report Inappropriate Content
Message 10 of 12 (7,364 Views)

Products

Services

Support

Norton on Facebook
Norton on Twitter
Norton's YouTube Channel
Symantec on Linked In
Norton on Google+