Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to stop bogus "Critical System Error!"

Posted on 2006-07-02
17
Medium Priority
?
42,649 Views
Last Modified: 2012-05-05
Hi!
Since I downloaded (later removed) freeware online, I begn to get a bogus "critical system error!", saying
"Please read this message carefully. Your PC is infected with spyware. . . Click 'OK' to get software and special offers on
antivirus software. Once I clicked 'OK', I am directed to a website (http://www.pesttrap.com/?advid=177).

The "critical system error" pops up constantly and frequently, which is very annoying to me.

I will truly appreciate if you may kindly show me how to stop it.

Thanks a lot!

duta

0
Comment
Question by:duta
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +2
17 Comments
 
LVL 27

Assisted Solution

by:Dabas
Dabas earned 800 total points
ID: 17027626
Try http:\\www.hijackthis.de

ON the website there is a link to download Hijacthis.exe

Run it and paste the contents of the log on the above website.

Follow the recommendations

Dabas
0
 
LVL 97

Assisted Solution

by:war1
war1 earned 600 total points
ID: 17027629
Greetings, duta !

When you downloaded the freeware, you downloaded the ad for installing the mailware remover, which in itself becomes mailware.

Download HijackThis

http://www.majorgeeks.com/download3155.html

Run the program and you will find many entries. Most are OK. Post the log at http://www.hijackthis.de/ and click Analyse, Save.  Post a link to the saved list here.

Best wishes!
0
 
LVL 30

Accepted Solution

by:
callrs earned 600 total points
ID: 17027682
The Hijack This site advises you to NOT to run their tool until you run an anti-malware program.
So try these steps first. If you want you can try the ***marked one first.
- Antivirus with updated defs (use free AVG from www.grisoft.com if you don't have antivirus)
- Anti-Spyware etc.: http://www.lavasoft.de/software/adaware/  http://forums.majorgeeks.com/showthread.php?t=35407 
- *** http://windowsxp.mvps.org/IEFIX.htm     IEFix - General purpose fix for Internet Explorer for Windows 98/ME/2000/XP
- http://noahdfear.geekstogo.com/         Dave's World - Desktop Hijackers - Trojan-Spy.HTML.Smitfraud.c malware
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:CyberneticsConnoisseur
ID: 17027694
Duta,
you have residues of possible malware/spyware on your system. As suggested by others here, Hijackthis is a good tool to identify infections in IE like unwanted BHO etc, registry errors and general system setting changes. http://www.hijackthis.de will help you download the tool, post the log online and check against their automatic recommendations how to correct. Remove all "nasties" reported online. Once cleaned through hijackthis, I also recommend using a spyware removal tool like spyware doctor or ad-aware and running a full scan of system. clean all reported problems through these tools. The registered versions of both these tools provide an active background protection against such spyware attacks. get one for yourself, its worth the money.

Carpe Diem.
0
 
LVL 27

Expert Comment

by:Dabas
ID: 17027732
Alternatively, you can try to restore your XP to a previous restore point.

I do recall that last week I had to deal with a computer with exactly the same symptoms as you describe, and there were two malware nasties that were defending each other (ending one of the processes just caused the other one to recreate it).

Restoring to a restore point  a week earlier took care of the problem

Dabas
0
 
LVL 30

Expert Comment

by:callrs
ID: 17027757
>>Once cleaned through hijackthis, I also recommend using a spyware removal tool
You have it reversed...run anti-spy first, then Hijack This. Read what the web site says...
0
 
LVL 97

Expert Comment

by:war1
ID: 17027769
callrs,

Different security experts have different ways of removing spyware.  Just because the website say to do it one way does not mean the other way does not work.  If a Security expert knows such mailware are not removed by an antispyware, then HijackThis goes first.
0
 
LVL 30

Expert Comment

by:callrs
ID: 17027923
Who better to ask then the tool's authors? Besides, malware often disappears just through the anti-spy progs. Anti-virus Anit-spy FIRST is the ideal way to go about removing malware, and this is not just me talking, but higher experts as well. And even direct from the greater experts who made the tool:

"You should have scanned your machine with anti-spyware, virus and trojan tools before using Hijack This. We have written a tutorial that helps remove
most known spyware, trojans or viruses, so please, take a minute to read the Basic Spyware, Trojan And Virus Removal tutorial."   (ref: www.majorgeeks.com/download3155.html)

>>such mailware
We do not know which. And if there's one, there may be more. So run the anti-vir anti-spy first, then we have less to analyze & worry about.
0
 
LVL 97

Expert Comment

by:war1
ID: 17028026
callrs,

That HijackThis author has to post general fixes, not specific fixes.  There is no problem for you to search the internet and post a stardard fix.  There is no problem for another expert to use a different way to fix the problem.

Duta,

You like have a variant of SmitFraud infection.  So SmtFradFix will remove the problem for you.
http://www.geekstogo.com/forum/index.php?showtopic=109268
OR
http://siri.geekstogo.com/SmitfraudFix.zip 
0
 
LVL 5

Expert Comment

by:CyberneticsConnoisseur
ID: 17028038
callrs,
I would agree with war1 here. I believe you need to read through the page you have provided yourself again. FYI, the first line of that same page says :

EditorsNote: Hijack This is for advanced users.
This is the reason why he recommends that "You should have scanned your machine with anti-spyware, virus and trojan tools before using Hijack This"

second thing for you to know is that the author of the tool is Merijn.
His own site is http://www.merijn.org/
mirrors of this site are :
http://www.spywareinfo.com/~merijn/
http://merijn.richardthelionhearted.com/
http://216.180.233.162/~merijn/index.html

Nowhere does he say that there are any pre-requisites before using this tool. That answers your point, "Who better to ask then the tool's authors?"

majorgeek.com or hijackthis.de are just sites that help you get the tool.

Lastly, if you are an expert in the registry, you do not need any anti-spyware tool for removing any spyware. these tools are designed for novice users who do not know what and where to change in the registry to correct things. these tools just automate the process.
Yes, I agree that it is adviced that we use these tools first, coz its the safest bet when the expertise of the end-user is unknown. You can recommend direct registry edits only to a person with advanced level expertise in system trouble-shooting.

Anyways, we are all here to help each other. Sharing your knowledge is always the best way to learn new things.

End objective here is that duta's problem gets resolved.

Carpe Diem.
0
 
LVL 5

Expert Comment

by:CyberneticsConnoisseur
ID: 17028055
duta,

"SmitRem" is a tool created by an MVP (Microsoft Most Valuable Professional) to remove the Trojan-Spy.HTML.Smitfraud.c malware infection and it’s variants, AntivirusGold, PSGuard Spyware Remover, SpySheriff, Spy Trooper, SpyAxe, Security Toolbar, WinHound and SpywareStrike. Its very good and effective.

Its currently at version 2.9 and can be downloaded here :

http://noahdfear.geekstogo.com/

Hope this works for you!
Do let me know the results or if you need further assistance...

Carpe Diem!
0
 
LVL 30

Expert Comment

by:callrs
ID: 17028069
>>There is no problem for another expert to use a different way
Actually, there is a problem when a certain way can work faster and/or better and/or with greater results...Good service comes from analysis toward the best methods, even if it means shattering our ingrained beliefs.


Hmm. Initially you say to do HijachThis first.

Now in a turn around you seem to have agreed with the makers of HT....to the point of recommending one of the same tools I've already advised on.

Well at least  you've agreed in practice    :)

0
 

Author Comment

by:duta
ID: 17028882
TO: all:

Thank you so much for your very kind, prompt response.

I downloaded and tried hijcthis.exe. It detected several unnecessary files, which I removed.

Before that, I ran Acronis True Image to restore image.

I would like to accept the first three tips to my question as acceptable tip, if you do not mind.

Thanks again!

duta
July 2, 2006
0
 

Author Comment

by:duta
ID: 17028889
TO: all:

I intended to accept Dabas' as accepted answer because he/she responded ahead of others. But for some reason, it was chosen (against my will) as assisted answer. I clicked split points and checked Dabas first, then war1 and callrs. I guess that the person who was checked last became the provider of accepted answer (am I right?).

Hope that Dabas may kindly understand.

Thanks all!

duta
0
 
LVL 27

Expert Comment

by:Dabas
ID: 17028892
duta:

No worries!
Anyhow I only beat war1 by a few seconds, and maybe their answers were a little better than mine

Dabas
0
 
LVL 30

Expert Comment

by:callrs
ID: 17028927
Duta. Do you have anti-virus (e.g. AVG) & anti-malware (e.g. Ewido or Adaware) running? That can prevent future problems...
Look on Google for these.
0
 

Author Comment

by:duta
ID: 17028949
TO: callrs:

Thank you so much for your kind advice.

Yes, I am running Symantec anti-virus, and I make sure to update virus definition to the most current and to run virus-scan daily.  On malware, I use ad-aware.

Thanks again!

0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are 2 things you must have in order to connect to the internet behind a router, The "Gateway IP" of the router, which is usually something like 192.168.xxx.1, I've seen routers with default values of: 192.168.0.1, 192.168.1.1, 192.168.11.1, …
Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question