Hello, I have created this thread because I have the same problem as Xtreme did earlier with the "System Alert" message popping up and staying on my system. I have followed the standard 11 step process for removing bad spyware and the such, but still no luck in getting rid of it. I read through Xtremes topic but did not want to go any farther due to us maybe having it under different circumstances. Anyway, any help would be appreciated. Lemme know if you want a HJT log and a AVG Antispyware log since Ive already done the normal 11 steps before posting this.
System Alert Part 2!
- Thread starter Savin877
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Please post the HJT and AVG Antispyware logs as requested in this thread HERE.
Also, do the following.
Download the Autoruns programme from HERE. When the programme runs, click options and make sure the "Hide Microsoft Entries" is ticked. Click the file menu and select refresh. Click the save icon and save the Autoruns log to wherever you want.
Attach the Autoruns log here in addition to the other log files.
Regards Howard :wave: :wave:
This thread is for the use of Savin877 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Please post the HJT and AVG Antispyware logs as requested in this thread HERE.
Also, do the following.
Download the Autoruns programme from HERE. When the programme runs, click options and make sure the "Hide Microsoft Entries" is ticked. Click the file menu and select refresh. Click the save icon and save the Autoruns log to wherever you want.
Attach the Autoruns log here in addition to the other log files.
Regards Howard :wave: :wave:
This thread is for the use of Savin877 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
To start with, your AVG Antispyware log says all items have been ignored. This is due to you not setting AVG Antispyware to quarantine it`s results. Follow these instructions, then run AVG Antispyware again and take a look at this pictorial guide to using AVG Antispyware.
Post a fresh AVG Antispyware log in your next reply.
Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Go to add remove programmes in your control panel and uninstall anything to do with(if there).
Video Access ActiveX Object
ign
download manager
Close control panel.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O16 - DPF: vzTCPConfig - http://www2.verizon.net/help/fios_settings/include/vzTCPConfig.CAB
O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} (MabinogiWebAvatarRenderer Class) - http://avatar.mabinogi.jp/3drender/renderer/mabiweb_JP.2005.2.2.cab
O16 - DPF: {76CB493D-11F7-4236-BDE4-7A5851B03FA9} (Launcher Class) - http://www.cabalonline.net/Com/CabalWebLauncher.cab
O16 - DPF: {7A7BA269-2D21-4B33-B60A-8510A1865D5F} (IWS Photo Upload Tool) - http://public2.uploader.officelive.com/_layouts/1033/wh/ActiveX/MsnPUpld.cab
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\Program Files\Video Access ActiveX Object<Delete the entire folder.
d:\program files\ign<Delete the entire folder.
Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted. If your computer doesn`t automatically restart, restart it manually.
This is the filepath you need to enter into killbox.
c:\windows\system32\geplxss.dll
Once your system has rebooted, rehide your protected OS files.
Post fresh HJT and Autoruns logs as well as an new AVG Antispyware log.
Regards Howard
This thread is for the use of Savin877 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Post a fresh AVG Antispyware log in your next reply.
Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Go to add remove programmes in your control panel and uninstall anything to do with(if there).
Video Access ActiveX Object
ign
download manager
Close control panel.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O16 - DPF: vzTCPConfig - http://www2.verizon.net/help/fios_settings/include/vzTCPConfig.CAB
O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} (MabinogiWebAvatarRenderer Class) - http://avatar.mabinogi.jp/3drender/renderer/mabiweb_JP.2005.2.2.cab
O16 - DPF: {76CB493D-11F7-4236-BDE4-7A5851B03FA9} (Launcher Class) - http://www.cabalonline.net/Com/CabalWebLauncher.cab
O16 - DPF: {7A7BA269-2D21-4B33-B60A-8510A1865D5F} (IWS Photo Upload Tool) - http://public2.uploader.officelive.com/_layouts/1033/wh/ActiveX/MsnPUpld.cab
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\Program Files\Video Access ActiveX Object<Delete the entire folder.
d:\program files\ign<Delete the entire folder.
Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted. If your computer doesn`t automatically restart, restart it manually.
This is the filepath you need to enter into killbox.
c:\windows\system32\geplxss.dll
Once your system has rebooted, rehide your protected OS files.
Post fresh HJT and Autoruns logs as well as an new AVG Antispyware log.
Regards Howard
This thread is for the use of Savin877 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Success! It is no longer there. Thanks for all your help! I will post the logs anyway so you can see the info. Also for some reason in my AVG-AS scan, it would only let me quarantine the adaware and not the cookies, strange.
Alright here is all the updated scans and info so you can research it some more if you please. As this is 2 of the same problem in one day with completely different files, do you know exactly what this little bugger is that is causing so much trouble.
Alright here is all the updated scans and info so you can research it some more if you please. As this is 2 of the same problem in one day with completely different files, do you know exactly what this little bugger is that is causing so much trouble.
howard_hopkinso
Posts: 21,238 +17
Your HJT log is clean.
Delete all files in AVG Antispyware quarantine.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
Run the Ccleaner programme as per the instructins in this thread HERE.
I don`t have a clue what exactly the system alert popup programme is or where it came from. This is only the second time I`ve seen it. At least I now know how to deal with it quicker than when I first saw it in Xtr3m3`s thread. I`ve got a feeling I`ll be seeing much more of this bugger in the coming days and weeks lol.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of Savin877 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Delete all files in AVG Antispyware quarantine.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
Run the Ccleaner programme as per the instructins in this thread HERE.
I don`t have a clue what exactly the system alert popup programme is or where it came from. This is only the second time I`ve seen it. At least I now know how to deal with it quicker than when I first saw it in Xtr3m3`s thread. I`ve got a feeling I`ll be seeing much more of this bugger in the coming days and weeks lol.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of Savin877 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
The Best Handheld Gaming Consoles- Squid Surprise replied
