Well I seem to have a similar problem as many of the other people here. I get a warning from Norton 360 about “packed.generic.238” and it fails to remove it. I have done a SysProt scan and I am attaching the log to this post. Put me on the list to be helped…please
Im not so sure thats a rootkit, but hey my experience is 12 hours old! Do you get any symptoms?
On the SysProt log the rootkit is called: geyekrrqoxubqh.
Philthyg17:
You have a geyekr(random) rootkit that will need to be removed. Quads is the only member of the forum that is trained and qualified for this sort of remediation. He will provide you with tools and instructions that will need to be followed carefully to prevent damage to your system. Please do nothing further yourself.
Hi
1. Download Combofix to your Desktop, http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Don't use yet.
2. I have Personal Messaged you the script between the lines, look for the yellow envelope at the upper right hand side. Copy the Script.
3. Open Notepad and paste it in to notepad with the first line being killall::
4. Save the script as "CFScript.txt" CFScript.txt is what you see on your desktop after saving.
5. Disable Nortons Auto-Protect and Firewall.
6. Drag and drop CFScript.txt on top of Combofix.exe, like when you drop files into the recycle bin.
7. Combofix will start, When it is scanning don't move the mouse cursor inside the box, can cause freezing.
Combofix will create a log at the finish
Quads
Well I seem to have a similar problem as many of the other people here. I get a warning from Norton 360 about “packed.generic.238” and it fails to remove it. I have done a SysProt scan and I am attaching the log to this post. Put me on the list to be helped…please
You guys are the absolute best ever! I ran the script through ComboFix and it got rid of all the infected files and the rootkit. I ran another SysProt scan and that came back clean (I attached the log.) I can finally use my laptop again!!!