United States
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Norton 360

Reply
Topic Options
aleksgva
Visitor
aleksgva
Posts: 5
Registered: ‎07-18-2009
Accepted Solution

Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-18-2009 07:45 AM

Hi!

 

I've got a problem with my computer same as some other people on this forum. I saw that it's needed a tailored script to repair it.

 

Someone can help me with this problem? Please find in attachement the GMER log file.

 

Thanks in advance for your help.

 

Aleks

 

 

Attachment GMER.log ‏24 KB
Report Inappropriate Content
Message 1 of 10 (10,566 Views)
0 Kudos
delphinium
Posts: 9,680
Kudos: 2,855
Solutions: 282
Registered: ‎11-21-2008

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-18-2009 03:47 PM

Thanks aleksgva:

 

What version of Norton do you have on your system?  NIS/NAV or N360, or some other.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain
Report Inappropriate Content
Message 2 of 10 (10,537 Views)
0 Kudos
aleksgva
Visitor
aleksgva
Posts: 5
Registered: ‎07-18-2009

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-18-2009 05:59 PM

I've got Norton 360.

Report Inappropriate Content
Message 3 of 10 (10,528 Views)
0 Kudos
delphinium
Posts: 9,680
Kudos: 2,855
Solutions: 282
Registered: ‎11-21-2008

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-18-2009 06:48 PM

You will find a version number under help and support...about.  If you have the latest version v3, you may be able to rid yourself of the rootkit yourself.  You would need to go into the computer pane...settings and turn advanced heuristic protection to aggressive, early load to on, make certain that rootkits and stealth items is set to on.

 

Download the latest updates from Intelligent updater

 

http://service1.symantec.com/SUPPORT/nav.nsf/docid/1998082013035306?OpenDocument&src=sec_doc_nam

 

 

Once that is done, reboot into safe mode and right click on Norton to run a full system scan.  This has succeeded on MSIVX rootkits already.  It is worth a try, as Quads has quite a few rootkits ahead of you that won't come out this way.

 

Let us know if you have no luck and we will add you to the list.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain
Report Inappropriate Content
Message 4 of 10 (10,524 Views)
0 Kudos
aleksgva
Visitor
aleksgva
Posts: 5
Registered: ‎07-18-2009

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-19-2009 04:15 AM

Hi!

 

At first I'd like thank you Delphinium for your help.

 

I've followed your method and at first scan Norton found something. When I've rebooted the computer and opened Internet, the problem stil on the machine. So I've tried again one safe mode scan, and nothing happened, keep on status "starting", no scanning. :-(

 

FYI, a part the problem with the internet, I cannot update my Vista to SP2, and impossible to restore the computer with System Restor.

 

 

Thanks again for your help.

 

Aleks

Report Inappropriate Content
Message 5 of 10 (10,498 Views)
0 Kudos
delphinium
Posts: 9,680
Kudos: 2,855
Solutions: 282
Registered: ‎11-21-2008

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-19-2009 10:52 AM

Okay Aleksgva:

 

We will pluck it out the hard way.  Please see if you can run a GMER scan for us, all boxes checked.  If you have trouble, you can run the scan in safe mode, or try doing it in two separate scans with half the boxes checked each time.  Scan only, damage can be done to your system if it tries to repair.

 

http://www.gmer.net/

 

Also you can give us a Rootrepeal log. Go to reports, or log tab and make sure all areas are checked.

 

http://homepages.slingshot.co.nz/~crutches/RootRepel/

 

 

You will be able to attach the logs using the "add attachments" link just below the post button.  Quads has managed to get through quite a few of these remediations in the last two days, but it does take some time.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain
Report Inappropriate Content
Message 6 of 10 (10,473 Views)
0 Kudos
aleksgva
Visitor
aleksgva
Posts: 5
Registered: ‎07-18-2009

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-19-2009 11:50 AM

Hi!

 

Please find in attachement requested log files.

 

Again thanks in advance for all your help

 

Aleks

Attachment gmer.log ‏30 KB
Attachment RootRepeal.txt ‏46 KB
Report Inappropriate Content
Message 7 of 10 (10,461 Views)
0 Kudos
delphinium
Posts: 9,680
Kudos: 2,855
Solutions: 282
Registered: ‎11-21-2008

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-19-2009 11:56 AM

Thanks Aleksgva:

 

Looks like nice logs.  Quads will be along later in the day due to time zone differences.  I will let him know your logs are up.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain
Report Inappropriate Content
Message 8 of 10 (10,455 Views)
0 Kudos
Quads
Bot Obliterator
Krazy Kiwi (Norton Users Discussion Forum)
Quads
Posts: 13,238
Registered: ‎07-21-2008

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-19-2009 08:00 PM

Hi

 

Now  (read carefully) If you have Spybot S&D uninstall it.

 

Also during the restarts with Avenger if Your PC has a Startup repair center like with HP and Toshiba tell it to start Normally if it kicks in.

 

1. Download Avenger to your desktop,

 

Unzipped version http://homepages.slingshot.co.nz/~crutches/Avenger/

Creators website http://swandog46.geekstogo.com/avenger2/avenger2.html with zipped version to the unzip to desktop 

 

2. Click to run "Avenger.exe"  (right click "Run as Administrator" if using Vista)

 

3. In the "Input script here:" copy and paste the script between the lines

 

Drivers to disable:

MSIVXserv.sys

 

Drivers to delete:

MSIVXserv.sys

 

Files to delete:

C:\Autorun.inf

D:\Autorun.inf

C:\WINDOWS\System32\drivers\MSIVXrcxsxjiiwwcpuwynrnmpimcxetmxjqtb.sys

C:\WINDOWS\System32\MSIVXdfuuujdrsgrifpbpudvnginnkithabqi.dll

C:\WINDOWS\System32\MSIVXsbiyvcexkbevbvknqsyqwudtvwwpdcat.dll 

C:\WINDOWS\System32\MSIVXcount

 

Registry keys to delete:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\MSIVXserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\MSIVXserv.sys 

HKEY_LOCAL_MACHINE\SOFTWARE\MSIVX 

 

Here is a screenshot (script updated since shot)

 

Avenger.jpg

 

Make sure the "Automatically disable any rootkits found" is NOT selected

 

4. Click "Execute"

 

You will be asked to restart the PC click "Yes", when the PC restarts the load screen will takes slightly longer, then when it looks as though windows is loading the PC will restart again.

Then when Windows fully loads the Avenger log will be loaded, showing files it could or could not find.  C:\Avenger.txt

 

5. Restart the PC again, then see if you can install  Update and run Malwarebytes http://www.filehippo.com/download_malwarebytes_anti_malware/

 

Quads 

Report Inappropriate Content
Message 9 of 10 (10,425 Views)
aleksgva
Visitor
aleksgva
Posts: 5
Registered: ‎07-18-2009

Re: Problem with globalroot\systemroot\system32\MSIVX.dll when starting intenet explorer or firefox.

Options

‎07-20-2009 09:07 AM

Thanks guys for all your help, it worked perfectly!

 

I've updated Vista to SP2, I can run Norton scan also, great.

 

Still have some problems with Vista updates, but looks easy to resolve.

 

Thanks again

 

Aleks

Report Inappropriate Content
Message 10 of 10 (10,389 Views)
0 Kudos

Products

Services

Support

Norton on Facebook
Norton on Twitter
Norton's YouTube Channel
Symantec on Linked In
Norton on Google+