packed.generic.200 virus cannot remove

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by nicole_computer, Jun 1, 2009.

  1. nicole_computer

    nicole_computer Private E-2

    Hello, I have a computer with the packed.generic.200 virus & have followed all the XP instructions to delete it. I am attaching all logs. I have run Malwarebytes & Spybot in safe mode & nothing was detected. I rebooted in normal mode & within minutes Norton is popping up with the virus & that the file was not deleted. Please help.

    I appreciate your assistance.
     

    Attached Files:

    nicole_computer, Jun 1, 2009
    #1
  2. Michael York

    Michael York Norton Authorized Support Team

    Hi nicole,

    This is Mike from the Norton Authorized Support Team.

    What Norton product and version do you currently have installed? Please let me know, as you may be eligible for a free update.

    This particular infection has been included in the definition files since November of 2008. If you have not already done so, open your Norton product and manually run LiveUpdate to ensure that you have the latest definition files applied. If any updates are installed, restart your computer and then manually run LiveUpdate again. Restart a second time if any more updates are installed.

    The infected files may be present in one of your restore points, so carefully follow the instructions in the following document to temporarily disable System Restore and configure your Norton product to do a "Full System Scan."

    Removal instructions for Packed.Generic.200

    You also mention that you have Spybot installed, and while Spybot will work fine alongside a Norton product, you need to make sure that both the "Tea Timer and SDHelper" functions in Spybot are disabled, as they can cause a conflict with Norton. You can access and disable these functions by opening Spybot, click on the "Mode" menu and then choose "Advanced mode." Next, select "Tools" on the left side, choose "Resident" and make sure that both boxes are unchecked.

    Please try this process and let me know which Norton product you are using and also the outcome after you follow the instructions for the removal of the infection.

    Thank you,
    Mike
     
    Michael York, Jun 2, 2009
    #2
  3. nicole_computer

    nicole_computer Private E-2

    It is Norton 2009 & I did use live update to ensure the latest virus definitions were installed. I also did not install the TeaTimer portion of the Spybot product based on your online instructions. I have another laptop which prompted me that a free upgrade was available but I have not seen that message pop up on this laptop with the virus. I will check with Norton to ensure I am completely up to date. Seems (based on Symantec's instructions) that it was an easy one to get rid of - that is what was puzzling me. Thank you so much for the reply & I will let you know what I find out.
    Nikki
     
    nicole_computer, Jun 2, 2009
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Actually it looks like the cleaning procedure had removed the remaining pieces of your infection. Wejust have some minor cleanup to do and I will have you run one rootkit scan just as a precaution.

    Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    Uninstall the below old versions of software:
    Java(TM) 6 Update 11
    Java(TM) 6 Update 5


    After a reboot, please install the current version of Sun Java from: Sun Java Runtime Environment

    Also delete all files and subfolders in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
    C:\WINDOWS\Temp
    C:\Documents and Settings\Dr. Smith\Local Settings\Temp


    Now run this: Trend Micro RootkitBuster

    Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

    Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

    Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )


    Now attach the below logs:
    • the log from TrendMicro RootkitBuster
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Jun 3, 2009
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds