?
Solved

Norton 360 Email Error - multiple pop-up windows - unable to get rid of them

Posted on 2010-08-31
8
Medium Priority
?
1,682 Views
Last Modified: 2013-12-09
Windows XP - Media Center Edition - Version 2002 - Service Pack 3
Norton 360 - Version 4.2.0.12

Getting relentless pop-ups that say Norton 360 - Email Error (see attached Word document) with a From, To, and Subject.  Sometimes Subject is sexually graphic.  

Ran full scan of computer with Norton 360.  Unresolved Security Risks exist, all High, and all have instructions to manually remove (see attached Word document).

Ran Malwarebytes - Anti-Malware version 1.46 but it didn't stop the pop-ups.  

Can someone tell me how to get rid of the virus\viruses\pop-ups?

Thanks. Norton-360-Email-Error.doc Norton-360-Unresolved-Risks.doc
0
Comment
Question by:DoubleStroke
  • 3
  • 3
7 Comments
 
LVL 22

Assisted Solution

by:optoma
optoma earned 2000 total points
ID: 33571954
Hi. Try these
Run TdssKiller and Hitmanpro.
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro

If still having issue run Combofix and post log here
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

>If they still dont run, redownload them but rename them prior to saving them
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 33572531
Hi,

It is a new variant of rootkit TDSS, so as suggested above my Optoma run the TDSSKiller and that would fix the problem.
Also make sure that you clean your system of any temporary files after the virus is cleaned. You could use CCleaner to do that:

http://www.piriform.com/ccleaner/download

I hope that would help

Sudeep
0
 

Author Comment

by:DoubleStroke
ID: 33582797
Hello, Optoma,
I ran all of the above programs that you mentioned in your posting, and I believe a Backdoor.Tidserv.Inf virus still exists on the machine, though the incessant Norton 360 - Email Error pop-ups appear to have gone away.  Also after running the Combofix program, the machine is no longer able to get a wireless connection to the internet (I have another laptop that was able to successfully connect to the internet through the same home network wireless internet connection).  

Allow me to give you the step-by-step actions that I took, and the corresponding results.

1. Ran tdssKiller.  It didn't appear to find any viruses (see attached log file).  An interesting note is that, upon finishing that program (by way of clicking the Close button), it abruptly took Windows right down and rebooted the machine (ungracefully).

2.
TDSSKiller.2.4.1.4-01.09.2010-09.txt
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 

Author Comment

by:DoubleStroke
ID: 33582882
(continued)
2. Ran HitmanPro.  This did appear to find a virus and take corrective action (see attached log file).  After running HitmanPro, the Norton 360 - Email Error pop-ups did stop.  

3. Ran a Quick Scan with Norton 360 and it still found a Backdoor.Tidserv.Inf virus (see attached screen shot of Norton 360 window).

4. Ran Combofix (see attached log file).

5. After running Combofix, I could not connect to the internet.  When I right-clicked on the View Wireless Connections icon in the lower-right system tray, it did not find any wireless connections.  I went to Device Manager - Network Connections and saw many exclamation points next to device references (see attached screen shot).  Of the many network devices listed, I am not sure which one is the actual device.  I right-clicked and displayed the Properties of the first device that has an exclamation point, and it mentions something about the registry information being corrupt and it can't start properly.

Soooo ... do I still have the virus?  And how do I get my wireless internet connection back?  Help!!

Thank you.
HitManPro-log.xml
Norton-360-Virus-Detected-After-.doc
ComboFixLog.txt
Device-Manager-Network-Adapters.doc
0
 
LVL 22

Expert Comment

by:optoma
ID: 33585213
Hi.
There is some viruses/rootkits which when detected and removed cause that error in device manager with network adapters, and can be tough to rectify :(

      ..............................................................................................................

Q>
Do you have your XP Pro installation cd?

   ....................................................................................................................

You also have AVG installed alongside Norton
Remove it using its removal tool
http://www.avg.com/us-en/download-tools

   ....................................................................................................................
There are a few files showing in Combofix's logfile which look bad so i'll message Rpggamergirl to have a look at it :)

   Back soon :)
0
 

Accepted Solution

by:
DoubleStroke earned 0 total points
ID: 33613346
Hello,
Due to the length of time that has elapsed since the last posting, I have decided to seek an alternate solution by bringing the PC to an expert outside of Experts Exchange.  However, I do appreciate the help from Optoma and will award some points accordingly.  Thank you.
0
 
LVL 22

Expert Comment

by:optoma
ID: 33613476
No worries :)
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question