System Error!

By Rasmey
Apr 6, 2008
  1. Whever I click on something on my computer, this messege appears:
    System error! Your system was infected by zlob trojan.
    It's very dangerous for your system (critical data can be lost)!
    Click OK to download the antimalware application to clean your hard disk!

    Then it just stand by automatically.

    I've attached the log from Hijackthis. Please help me get rid of it.

  2. kritius

    kritius TS Guru Posts: 2,084

    Go to add/remove programs and unistall anything that looks like,

    Fix entries using HiJackThis
    • Launch HiJackThis
    • Click the Do a system scan only button
    • Put a check next to the entries listed below
    O2 - BHO: Media Codec - {8B580E40-6B46-44C8-9E80-A5AD6E1D1035} - C:\WINDOWS\kiasys.dll
    O4 - HKLM\..\Run: [Task Manager] C:\WINDOWS\system\svchost32.exe
    O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\System32\ctfmona.exe
    O4 - HKLM\..\Run: [WinIFixer] C:\Program Files\WinIFixer\WinIFixer.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O16 - DPF: {7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (CLoader Object) -

    • IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
    • Click the Fix checked button and close HiJackThis
    • Reboot HijackThis if necessary

    Delete Files and Folders
    • Right Click on the start button and chose explore
    • Show all hidden files and folders, see how HERE
    • Navigate to the following files and folders and delete them(if still present)
    C:\WINDOWS\system\svchost32.exe<---------This File NOTE THE SPELLING
    C:\WINDOWS\System32\ctfmona.exe<---------This File NOTE THE SPELLING
    C:\Program Files\WinIFixer<---------This Folder
    • Empty the recycle bin.

    If that does not work then repeat the process in safe mode. See how to boot into Safe mode HERE.

    I need you to follow all the steps HERE and then post back with the three requested logs as attachments
    • AVG antispyware
    • ComboFix
    • Hijackthis (step 15)

    Dont forget to make sure that AVG is set to quarantine the results, that HJT is the last step and to let us know the results of the antirootkit scan.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...