Recently I've also been getting the following message on screen after a slow startup...
A box with RUNDLL as the heading, a large red X and a message which states ...
"Error loading C:\WINDOWS\iyowazucocal.dll .The specified module could not be found. OK"
What on earth is this and does it have anything to do with the System Restore issue?
Thanks for any help!
The .dll is typical of the malware infection that you had or have. At the least it means your registry was not cleaned up from the infection or you've been reinfected as indcated from this in your other thread:http://www.bleepingcomputer.com/forums/ind...t&p=1559100
I've also got a warning from Norton that I have an unresolved security threat on my comp. It is called Backdoor.Tidserv.l!inf and requires manual removal.
Norton advises the following ...
Disable System Restore (Windows Me/XP).
Update the virus definitions.
Run a full system scan.
Im not sure if System Restore is enabled or disabled?
This infection may have denied you the ability to use System Restore (SR), otherwise it has nothing to do with it.
One of these issues (manual removal of a trojan) has yet to be resolved because Norton antivirus recommends that I turn off System Restore and restart to eliminate the trojan. Problem is, I cannot get a System Restore tab anywhere on my computer and I am an administrator!
Despite what Symantec says, disabling SR beforehand is not required for malware removal. You still need to delete all restore points because infecting files are usually backed up in Restore Points, but you can wait til after cleanup instead of doing it before. So i would concentrate on being sure you are cleaned up first then look at the SR issue.
But to give you some insight as to what is going on, this message you posted in the other thread is key:http://www.bleepingcomputer.com/forums/ind...t&p=1557556
...a window message box pops up telling me that "System Restore has been turned off by group policy. To turn on System Restore contact your domain Administrator".
The other method I had described previously also shows no System Restore Tab.
Strange. I am an administrator. When I try to access this under Safe Mode I can see my both my account - "Dave" and "Administrator" which are both admin accounts. Maybe something has switched this off?
This tells me that the Group Policy Editor in XP (probably XP Pro, is this what you're using?) has been used to deny you permission to control System Restore. It's not a matter of being turned on or off, you don't have access to those controls period--that's why you don't see the SR tab. Even any accounts with Administrator rights can be denied permission by group policy to do certain tasks. XP Pro was designed for a business environment and this feature gives a system administrator, who has control over not one, but a group of networked computers, a means of enforcing company policy for the computers its employees are using.
It is also possible that Norton has used the Group Policy Editor to deny permission to access SR as a means of self-protection. I suggest the first thing you do is go to the following page, follow the instructions for disabling the AutoProtect feature, then see if the SR tab re-appears:http://service1.symantec.com/SUPPORT/share...005113009323013
Let us know how it goes. Whether successful or not, my next step would be to go to the following page and follow all the relevant instructions:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
The Tidserv trojan is very difficult to remove completely--I would trust the manual removal done in the BC forums much more than instructions you get from Symantec. If you still have a problem with access to SR after cleanup, then ask your helper or come back to this thread for more assistance.