Remove Virusburst

I have this little icon on the task bar that links to Virusburst.com that keep popping up with critical errors found.  I have scanned with everything I have and still cannot  get rid of it.  I have used, Adaware, SpyBot, ewido, AVG, Microsoft Defender and Norton Antivirus.

Any ideas of how I can get rid of this thing?
LVL 1
waytronAsked:
Who is Participating?
 
☠ MASQ ☠Connect With a Mentor Commented:
rpggamergirl is spot on, this is smitfraud

The fix can be downloaded here: http://siri.geekstogo.com/SmitfraudFix.php
plus instructions - basically you unpack it to a folder on your desktop, boot into safe mode and run it to clean your system.  It will reset your desktop wallpaper, internet home page etc so there's a bit of housekeeping to do afterwards but the annoying icon and its bubble will be gone for good!
0
 
younghvCommented:
Hi waytron,
I would make sure all of you Security applications have updated definitions, then re-boot to Safe Mode and do a complete HD scan.

Vic
0
 
Naser GabajE&P Senior Software SpecialistCommented:
Greetings waytron,

The best for such issues is Webroot spysweeper:

http://anti-spyware-review.toptenreviews.com/

Good Luck!
Naser
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
waytronAuthor Commented:
Hi YKoungy,

Yes I updated all definitions and then disconnected from the internet and scanned in both normal and safe mode.
0
 
younghvConnect With a Mentor Commented:
waytron,
Sounds as though you're making the right moves.

Try these two next and we'll get a deeper look at some stuff.

Vic

1. Systernals also has a 'rootkit revealer' program.
Give it a try: http://www.sysinternals.com/Utilities/RootkitRevealer.html


2. Author: rpggamergirl
http://www.experts-exchange.com/M_3598771.html

Get the newest version of HJT:

(an already renamed hijackthis)
http://danborg.org/spy/hjt/alternativ.exe

Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

Then go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: paste the log to either of these sites:
1. http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here.

2. or at --> http://www.hijackthis.de/ 
and click "Analyse", click "Save".  Then post the link to the saved list here.

Then, if still nothing show up in the log, run other diagnostic tools.

Next, download and run this tool, this fixes most common malware and will also give us a log to look at.
Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/combofix.exe
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
0
 
waytronAuthor Commented:
Well, I am stumped...  I gave up on this machine last night and pulled it off the bench.

I just plugged it back in to work on it again and the problem is now gone.  Go figure....

I will let it run for a while and see what happens.

If it comes back I will continue with the above.

Thanks
0
 
younghvCommented:
While you're waiting, go ahead and review all of the Event Viewer logs for any Warning or Error messages - that may give you some clues to what was going on.

Look for 'Event ID' numbers that can be researched (they tend to be kind of cryptic).


Vic
0
 
rpggamergirlCommented:
If it comes back, let us look at your hijackthis log first.
Hijackthis log tells us what malware infection is in your system, we can then give you the exact tool to remove it, rather than trying so many different ones to see which ones works.

VirusBurst popups belong to smitfraud infection,  hijackthis log confirms whether you have smitfraud or not.
I wouldn't like to just suggest Smitfraudfix just incase it's not smitfraud because you will lost your desktop then and I don't want you to panic.

But usually VirusBurst comes with smitfraud.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.