Packed.Generic.200

[MrRadio]

Symantec Endpoint Protection describes this virus as a low threat level and easy to remove. It was discovered in MasterRadio's machine after a routine scan and it was flagged as "cleaned by deletion" by Symantec. A further scan after reboot detected it again and again flagged it "cleaned by deletion" and so on and so on. It seems that immediately after deletion it installs itself again. Symantec recommends to scan in safe mode if this happens but in safe mode the scan doesn't detect the virus. It seems to be resident in the boot area and is found in the dying seconds of the quick scan (scan of memory and system load points) when something resembling an IP addy (69.93.33.159) is being scanned.

Has anyone had any experience with this one, would appreciate help to rid the machine of this curse once and for all.

Edit: Many hours of reading and several malware and trojan removers later .. still no closer to removing this easy to remove mongrel.

[Philquad]

run malwarebytes.org ?
check start\run\hcky local machine\software\microsoft\windows\current version\run < wats in there?
get hijackthis, run a scan and post up the log file.

[MrRadio]

Trojan Remover 678 did the trick ... didn't exactly remove it but altered its protection along with 2 other trojans and several copies or other parts of itself to enable Symantec to successfully delete them on the next scan. I'm pleased to say that at this time the machine is clean. Iit seems that MasterRadio hadn't bothered to inform me that his Nortons had expired some months ago. Now protected by S E P which I find is excellent ... it takes no prisoners. Just executes them with extreme prejudice.