Critical System Error Balloon won't go away

Welcome to Majorgeeks!

I'm going to post two messages! This is the first! Complete this procedure completely including attaching the requested log before doing the second procedure.

Download SmitfraudFix (by S!Ri) to your Desktop.

Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please attach that log in your next reply.

Note:process.exe ( which is used my SmitFraudFIx ) is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user. The below is a link to what process.exe is.

http://www.beyondlogic.org/consulting/proc...processutil.htm


IMPORTANT: Do NOT run any other options until you are asked to do so!

 

This is my second message. Make sure you have follow the first procedure before doing the below.

PLEASE READ ALL OF THESE INSTRUCTIONS FIRST BEFORE DOING ANYTHING. Ask any questions that you may have before starting.

Please print out or copy these instructions to Notepad as the internet will not be (while in Safe Mode) available to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. Again, if there's anything that you don't understand, ask your question(s) before moving on with the fixes.

Reboot your computer into Safe Mode per the safe directions in the READ & RUN ME.

Open the SmitfraudFix Folder of your Desktop, then double-click smitfraudfix.cmd file to start the tool.

Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.

The tool will also check if wininet.dll is infected. If it is infected and a clean version is found, you will be prompted to replace the infected wininet.dll with the clean file. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually. BUT Reboot in Safe Mode.

The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed.

Now reboot into normal mode and attach this new rapport.txt log here.

Now attach new logs from:
- GetRunKey
- ShowNew
- HJT

 

You need to delete the below two files:
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url
C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url

You are clean now but I see some other issues. You have Symantec Antivirus installed but I also see PCPitstop Panda AntiVirus Scan (remove only) in your uninstall programs list. Is this still installed? It should not be if you are going to use Symantec.

I also see Spy Sweeper and Windows Defender (which you probably installed while doing the READ ME). Is Spy Sweeper a paid version or a free trial? If paid, uninstall Windows Defender. If Spy Sweeper is only a trial then uninstall it and keep Windows Defender.


Did you knowingly install the below?
PopCap Browser Plugin
Screensavers Installer Version 2

 

Great! I'm happy to hear that!

Yes you should follow the directions in step 8 of the READ & RUN ME sticky thread.

Mozilla does not have a firewall. You can use one of the free firewalls mention in the below link. You should run all of the steps in this link anyway. As you will learn from this link, the Windows firewall does not provide sufficient protection.

How to Protect yourself from malware!

Windows Defender is providing active protection all the time, but it would no hurt to run a full scan at least every two weeks (once a week if you surf a lot). The rule of thumb applies with Ccleaner.

Yes you should keep all of these. The protection offered by Spybot uses very little system resources (as long as you don't use Teatimer). And SpywareBlaster uses no resources to provide the protection it offers. Run Spybot on the same schedule as the other scans. SpywareBlaster only needs to be run periodically to check to see if there are any updates. You can do this monthly! I would only run MSRT if you run into any malware problems.

NO!!!!!!!!! It is one of the plagues of the internet and the cause of tens of thousands of people getting malware infections like LOP and more. Software like this cannot be trusted no matter how appealing certain features may be to the end user.

I assume that since you only mentioned Windows Defender that you uninstalled Spy Sweeper because it was a trial version only. Is this correct?