critical system errors

By master0
Dec 15, 2006
Topic Status:
Not open for further replies.
  1. i have a critical systems error bug in my system tray. i followed the initial instruction from other posts and most of the malware was removed but the flashing critical error in the system tray is still there. How can I clean it out? Attached is the HJT log.
  2. Rik

    Rik Banned Posts: 4,985

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.


    This thread is for the use of master0 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. master0

    master0 Newcomer, in training Topic Starter

    I followed the instructions in the thread. The critical system error bug is gone and things seem to be working well. Please check out my HJT log and let me know if there are still some malicious entries. Thank you so much for your help!
  4. Rik

    Rik Banned Posts: 4,985

    Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://136.204.124.62/cgi-bin/kxhcm10.ocx
    O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://bosmail1.porternovelli.com/iNotes6W.cab
    O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,37
    O20 - Winlogon Notify: winouw32 - winouw32.dll (file missing)

    Click on the fix checked button.

    Close HJT.

    That should mean that your pc is the clean, but as a precaution i would like you to reboot then post a fresh HJT log so that i can check that i got everything.

    I am still learning about HJT so i cannot guarantee that what i have suggested will get everything first time.


    This thread is for the use of master0 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  5. master0

    master0 Newcomer, in training Topic Starter

    Rik,

    I removed the entries and attached is my HTJ log. Everything seems to be gone. Please confirm. You saved me from a weekend of reformatting!! Thank you!
  6. Rik

    Rik Banned Posts: 4,985

    The only entry remaining that may not be good is -

    O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,37

    Use the method from my previous post and that should be it done.

    Im glad i could help:)

    [EDIT]

    The other thing i would recommend is getting rid of that norton crapware. It is entirely up to you but in my opinion it is a resource hog and is bad at keeping the spyware at bay.

    Here are instructions on removing it incase you decide to -

    Download either the free AVG or Avast antivirus programmes and either the free Zonealarm or Kerio firewall programmes from within this link - http://www.techspot.com/vb/topic58138.html

    Then, disconnect from the net and completely uninstall Symantec/Norton. If you have any problems in uninstalling the programme, take a look at this thread - http://www.techspot.com/vb/topic57112.html

    Once you`ve completely uninstalled Symantec/Norton, reboot your system and install whichever firewall programme you chose, followed by whichever antivirus programme you chose. Reboot your system the required number of times and reconnect to the net. Run the antivirus updates.
    This thread is for the use of master0 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  7. master0

    master0 Newcomer, in training Topic Starter

    Rik:

    The entry "O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/c...cab?v=1,0,0,37
    " is for sony imagestaion, I intentionaly left it out becasue I use the service to print my digital images. If you think it's a threat I'll remove it.

    I'm very pleased with the job AVG did at locating and removing spyware and viruses. Frankly, I was surprised that Norton didn't identify the spyware at all - even after the trojan horse hit and I updated the virus definition files. My service is up next month so I'll remove it and keep AVG as my primary.

    Many thanks!!
  8. Rik

    Rik Banned Posts: 4,985

    If you say that enrty in fine then your pc is clean!!:)

    I totally agree with you about norton, i absolutely hate it and would never even think of putting it on my own pc!!


    This thread is for the use of master0 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.