Solved

Norton 360 Email Error - multiple pop-up windows - unable to get rid of them

Posted on 2010-08-31
8
1,639 Views
Last Modified: 2013-12-09
Windows XP - Media Center Edition - Version 2002 - Service Pack 3
Norton 360 - Version 4.2.0.12

Getting relentless pop-ups that say Norton 360 - Email Error (see attached Word document) with a From, To, and Subject.  Sometimes Subject is sexually graphic.  

Ran full scan of computer with Norton 360.  Unresolved Security Risks exist, all High, and all have instructions to manually remove (see attached Word document).

Ran Malwarebytes - Anti-Malware version 1.46 but it didn't stop the pop-ups.  

Can someone tell me how to get rid of the virus\viruses\pop-ups?

Thanks. Norton-360-Email-Error.doc Norton-360-Unresolved-Risks.doc
0
Comment
Question by:DoubleStroke
  • 3
  • 3
8 Comments
 
LVL 22

Assisted Solution

by:optoma
optoma earned 500 total points
Comment Utility
Hi. Try these
Run TdssKiller and Hitmanpro.
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro

If still having issue run Combofix and post log here
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

>If they still dont run, redownload them but rename them prior to saving them
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
Comment Utility
Hi,

It is a new variant of rootkit TDSS, so as suggested above my Optoma run the TDSSKiller and that would fix the problem.
Also make sure that you clean your system of any temporary files after the virus is cleaned. You could use CCleaner to do that:

http://www.piriform.com/ccleaner/download

I hope that would help

Sudeep
0
 

Author Comment

by:DoubleStroke
Comment Utility
Hello, Optoma,
I ran all of the above programs that you mentioned in your posting, and I believe a Backdoor.Tidserv.Inf virus still exists on the machine, though the incessant Norton 360 - Email Error pop-ups appear to have gone away.  Also after running the Combofix program, the machine is no longer able to get a wireless connection to the internet (I have another laptop that was able to successfully connect to the internet through the same home network wireless internet connection).  

Allow me to give you the step-by-step actions that I took, and the corresponding results.

1. Ran tdssKiller.  It didn't appear to find any viruses (see attached log file).  An interesting note is that, upon finishing that program (by way of clicking the Close button), it abruptly took Windows right down and rebooted the machine (ungracefully).

2.
TDSSKiller.2.4.1.4-01.09.2010-09.txt
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:DoubleStroke
Comment Utility
(continued)
2. Ran HitmanPro.  This did appear to find a virus and take corrective action (see attached log file).  After running HitmanPro, the Norton 360 - Email Error pop-ups did stop.  

3. Ran a Quick Scan with Norton 360 and it still found a Backdoor.Tidserv.Inf virus (see attached screen shot of Norton 360 window).

4. Ran Combofix (see attached log file).

5. After running Combofix, I could not connect to the internet.  When I right-clicked on the View Wireless Connections icon in the lower-right system tray, it did not find any wireless connections.  I went to Device Manager - Network Connections and saw many exclamation points next to device references (see attached screen shot).  Of the many network devices listed, I am not sure which one is the actual device.  I right-clicked and displayed the Properties of the first device that has an exclamation point, and it mentions something about the registry information being corrupt and it can't start properly.

Soooo ... do I still have the virus?  And how do I get my wireless internet connection back?  Help!!

Thank you.
HitManPro-log.xml
Norton-360-Virus-Detected-After-.doc
ComboFixLog.txt
Device-Manager-Network-Adapters.doc
0
 
LVL 22

Expert Comment

by:optoma
Comment Utility
Hi.
There is some viruses/rootkits which when detected and removed cause that error in device manager with network adapters, and can be tough to rectify :(

      ..............................................................................................................

Q>
Do you have your XP Pro installation cd?

   ....................................................................................................................

You also have AVG installed alongside Norton
Remove it using its removal tool
http://www.avg.com/us-en/download-tools

   ....................................................................................................................
There are a few files showing in Combofix's logfile which look bad so i'll message Rpggamergirl to have a look at it :)

   Back soon :)
0
 

Accepted Solution

by:
DoubleStroke earned 0 total points
Comment Utility
Hello,
Due to the length of time that has elapsed since the last posting, I have decided to seek an alternate solution by bringing the PC to an expert outside of Experts Exchange.  However, I do appreciate the help from Optoma and will award some points accordingly.  Thank you.
0
 
LVL 22

Expert Comment

by:optoma
Comment Utility
No worries :)
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now