PDA

View Full Version : System Tray Popup I cannot Kill! Virusbursters



kcisobderf
2006-11-26, 10:25
It alternately flashes a yellow exclamation triangle and a minesweeper bomb. Context click does not present a menu to disable. Either mouseclick brings up this URL:

xxx:virusbursters.com/?aff=330

So some enthusiastic, or broke, affiliate wrote what seems to be a trojan horse to pimp this product! It regenerates registry entries after every boot, maybe during shutdown. It takes forever to shutdown. Some example strings in the registry are "baloon", and "virusbursters". It also seems to append strings to: SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters, without them being visible to regedit! I'm using RegSeeker to find these strings. Oh, and the strings are offshore havens, such as Trinidad and Tobago.

Please help!

tashi
2006-11-26, 19:24
Hello kcisobderf.

There are two options, a self help topic for those experienced and comfortable with such:

VirusBurst, SpywareStrike and other desktop type hijacks (http://forums.spybot.info/showthread.php?t=4015)

For those who prefer to be guided by a trained malware remover:

"BEFORE you POST" -Preliminary Steps and scanning with SPYBOT-S&D (http://forums.spybot.info/showthread.php?t=288)

Then start your own thread in the malware forum:

Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22)

Once you have posted, a helper will take a look at the logs as soon as available and give any further instructions necessary.

Regards. :)

charles67
2006-12-05, 04:41
I wound up using one of the tools here:
Removed

be warned that this bit-o-evil downloads more malware, including viruses.