BleepingComputer.com: Norton Corp realtime v 7.6 disabled in Win XP

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Norton Corp realtime v 7.6 disabled in Win XP Overwhelmed with symptoms and terminology

#1 User is offline   techengr 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 19-April 11

Posted 01 May 2011 - 10:58 AM

Thanks in advance. I have 2 infected computers with roughly the same behavior so I am totally confused. Fairly sure I have the Google redirect virus but not sure. Been fighting them for a week so have all of the newest tools. Just found out here that Combofix is "Not a Toy" but it seems the only tool that will clean to the point that I can boot outside of safe mode. That being said, it is probably the reason Norton realtime will not enable. I have gotten the computer "clean" according to the following tools on several occasions but then out of nowhere, I will be redirected or the XP Security Center scare software will pop up and I start scanning. Although nothing reported, on reboot under normal mode, still have the Norton problem and explorer loads but priority is set to Above Normal and does not show on the screen. Sometimes I can set to normal and it will show but most of the time I have to kill it and start a new task. Even though I have come to rely on Combofix, I use it as a last resort and NEVER delete anything that I am not 90% sure it shouldn't be there. The tools that report NO problem (in the usual order I run them) TDSSKiller - Never found anything so quit using it except every now and then. Same with Microsoft MRT...it found a minor things on the first run but nothing after that. RootRepeal - Used to find a Hidden Service called PEVSystemStart but I think that is from Combofix. Now, if I come up in normal mode and scan on hidden services, I get a BSOD. It also reports dump_iastore_sys as hidden driver that cannot be removed. When I run RKUnhooker service release 2 it gives me the detected parasite inside itself warning and says that it fixes it but keeps coming back. It reports a ton of entries in SSDS having to do with ntkrnlpa.exe but none are hooked and anything to do with kernel or MBR and I don't try to repair because I don't understand "hooking" and it seems dangerous to mess with those areas. It reports 31 code hooks but have done nothing with them. Just got Malwarebytes tool and it found a total of 17 items but only 2 Trojans and 1 "hijackStartMenuItemInternet" that had not been quarantined by combobox. And finally Gmer which I have run but It reports a lot of valid items and I can't differentiate between good and bad (plus I am saturated with information) I need guidance with a logical path to eradicate rather than going in circles as I have been. Thanks!!

This post has been edited by techengr: 01 May 2011 - 11:44 AM

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users