Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Critical System Error


  • This topic is locked This topic is locked
3 replies to this topic

#1 crj17

crj17

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 18 March 2008 - 08:38 AM

This one’s lengthy and I hope not challenging for you guys. I am indebted for you previously getting me out of a fix with another computer of mine and am hoping you can help me with this problem.

I have and have run repeatedly Norton, AVG super anti spyware free edition, Ad Aware 2007, Ad Aware SE Personal, CW Shreder and Spybot S&D to no effect.

Here are, in great detail, the error messages I have been receiving:

A balloon pops up from the tray attached to the yellow emblem w/the exclamation point advising:

Your computer might be at risk
*Latest software updates not installed
*Incorrect files association
*System appears to hang
*Firewall has errors


Click balloon to fix the problem

Then another balloon from the tray attached to the red emblem with the x on it will pop up advising:

Tracking process is activated
**ADDRESS: 0x10A3007B
Can’t deactivate spyware program.

Click baloon to fix the problem

And finally the third balloon from the tray emblem with the four colors (red, green, blue, yellow) advising:

Explicit content is detected:


Further, I receive grey window pop ups :

Your system is unstable.

A problem has been detected and Windows has been shutdown buggy application to prevent damage to your computer, Kernel32x.SYS – Address 0xA73C20AE, error code Co2100, DateStamp 56b836A3, Kernel Debugger on port: COM3 (Port 0x19f, Baud rate 9201)




If I click on any of the emblems, a web browser attempts to open and when I close it, the emblems disappear. I also receive this windows prompt:

You have chosen to open setup_sbd_en.exe
Which is a: application
From: http://archive.easydownloadsoft.com
Would you like to save file?


Once I click on cancel, the prompt disappears and once I close the web browser, the emblem warning of a critical even disappears.

In addition, I’ve noticed the following when I have an open browser:

Iexplore.exe – application error
The instruction at “0x66fe1082” referenced memory at “0x0672d80”. The memory could not be “read”. Click ok to terminate the program.


As well as this one:

SysFader: IE7EXPLORER.EXE – Application Fatal Error
The instruction at 0x01cf34739 referenced memory at 0x02df2e50. The memory could not be read.



I will get several of these with different instruction and reference memory at numbers.

Thanks for reviewing this. Hopefully you can help me resolve this.

CJ


PS - I do have another problem but I figure that one is not as much as a priority as this one. I've noticed that when if I leave my computer speakers on for about 1/2 hour a radio show with loud music and announcers, commercials, etc....will start playing in my speakers. This continues until I turn off the spears, wait a minute or two and turn them on again...then it's gone for another 1/2 hour or so.

PSS - as you can see, I'm a real mess!

BC AdBot (Login to Remove)

 


#2 Jacee

Jacee

    Bleeping around


  • Malware Response Team
  • 3,716 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:38 AM

Posted 18 March 2008 - 09:56 AM

Yes, crj17.... you are infected with a variant of 'fake alert'/Zlob, also known as Smitfraud.

Download HijackThis™ here:
http://www.trendsecure.com/portal/en-US/th.../hijackthis.php
(If running Vista: Right click on it and choose "Run as Administrator")
Click 'Do a System Scan and Save logfile'.
The HJT log will open in notepad.

Copy and paste the contents of the HJT log into a NEW TOPIC in "HijackThis Logs and Malware Removal"
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

MS_MVP.gif
MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop


#3 crj17

crj17
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 19 March 2008 - 08:15 AM

THANK YOU! THANK YOU! THANK YOU!

I have a deadline today and had to be on the road all day yesterday - This is kiling my productivity unless I get it fixed today. I just post the Hijack This log in the forum you advised and already it's getting 2 reviews, so hopefully this will be quicker than I anticipated.

Thanks again. You guy are truly the underground cyber heroes of today's Zeitgeist. Keep up the passion.

CJ

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:38 AM

Posted 19 March 2008 - 09:36 AM

Your hijackthis log is posted here.

After posting a log you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

To avoid confusion, I am closing this topic until you are cleared by the HJT Team. If you still need assistance after your log has been reviewed and you have been cleared, please PM me or another moderator and we will re-open this topic.

Thanks for your cooperation and good luck with your log.

Thanks in advance for any and all help!
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users