Packed Rolex

By iSkirmish ยท 9 replies
Jun 21, 2009
  1. Yes, another victim of this wonderful surprise. ;3 AVG found it. Got a highjackthis log. If you need anything else from me please do tell. ;3

    Thanks for the support. ;)

    This was before I followed the 8 step guide. I will repost the highjackthis log and all of the other logs once the scans are complete. ;3
  2. mflynn

    mflynn TS Rookie Posts: 2,655

    Run HJT Scan only select and Fix all lines ending in (file missing) and (no file)

    Get the other logs and we will begin!

  3. iSkirmish

    iSkirmish TS Rookie Topic Starter

    It won't let me fix the first no file error. It says something about a BHO file? I close all my windows explorer and internet things open but it just like restarts highjackthis and does not get rid of the file.

    Here is the updated highjackthis log, and the malware bytes log. SUPERAntiSpyware is scanning atm.

    Attached Files:

  4. mflynn

    mflynn TS Rookie Posts: 2,655


    We will deal with the HJT log after the below!

    After you post the SAS log run MBAM again to confirm it finds no more. We need to see a clean log.

  5. iSkirmish

    iSkirmish TS Rookie Topic Starter

    Removed the above high jack this errors.SAS and updated high jack this log attactched. Re-running MBAM Scan atm.
  6. iSkirmish

    iSkirmish TS Rookie Topic Starter

    Clean scan. What's next?

    Does it matter that I do the scans in safe mode? They ussually crash when I don't. I am trying once again to run them all in normal mode. I didnt know if it affected the scans a lot so Im doing this just in case.
  7. mflynn

    mflynn TS Rookie Posts: 2,655

    Well yes it matters but sometimes that is all that works, but it can miss things.that only run in full mode.

    Boot to Safe Mode and do the following.

    Left Drag mouse and Copy for Pasting all text in the box below.
    Make sure the slider bar goes to bottom from the @ to the end of the second exit.
    Then paste to the black screen of an open command prompt.
    @echo off
    attrib -h -s -r /s c:\SKYNET*.*
    del /f /q /s c:\SKYNET*.*
    Then boot back to normal

    In full/normal mode do the below.

    SAS had findings so run it again Quick Scan. We need to see a clean log!


    Download ComboFix

    Get it here:
    Or here:

    Double click combofix.exe follow the prompts.

    Install Recovery Console if connected to the Internet!

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall.

  8. iSkirmish

    iSkirmish TS Rookie Topic Starter

    Sorry I havnt replied in awhile. I tried the cmd thing and it said file not found. =\ So what should I do about that?
  9. mflynn

    mflynn TS Rookie Posts: 2,655

    Nothing but let me know!

    Then finish the post beginning right were it says
    But in addition to that run another SAS Quick scan, as the last one had findings and we need a clean log.

    Looks like we may be finished but I need to see these logs.

  10. iSkirmish

    iSkirmish TS Rookie Topic Starter

    I am not able to to run the scans till an hourish. AVG keeps picking up the packed rolex though. =/ Ill post logs when I have a chance to run the scans.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...