Critical System Error Message

Moulder
10th October 2006, 21:33
Hi One and All,

I really hope there are some PC experts out there who can assist. After downloading a Codec Video Player file it looks as though a virus came with it. I keep getting a flashing symbol in the toolbar that frequently pops-up with a Critical System Error message - informing me of virus activity and to click on the symbol for a remedy. The subsequent click takes me to the website of "Virusburst" and - you've guessed it - they're offering software for sale to get rid of the virus.

Any other members experienced this? Better still - is there a remedy that does not involve buying the advertised software?

Steve.

K urgess
10th October 2006, 21:40
If it was a free download of the codec it's probably just an advert.

You should have virus protection already and if a scan with that shows nothing ignore it.

Better still uninstall the codec and find a different one or buy one.

Cheers

Hugh MacLean
10th October 2006, 22:34
Steve,

I don't think you have a virus.

VirusBurst is a rogue anti-spyware program that may install itself onto your computer without your permission.

The idea of course is for you to get worried and buy the program to clean any virus present. Your codec has acted like a trojan in this case rather than a virus.

As Marconi says run your anti virus program to confirm you have not got a virus, also try running a genuine anti-spyware program. Unfortunately a good anti-spyware program needs to be installed on all pc's now due to the crap that is out there.

Regards

TaffTech
11th October 2006, 02:04
... After downloading a Codec Video Player file it looks as though a virus came with it. I keep getting a flashing symbol in the toolbar that frequently pops-up with a Critical System Error message - informing me of virus activity and to click on the symbol for a remedy. The subsequent click takes me to the website of "Virusburst" and - you've guessed it - they're offering software for sale to get rid of the virus.

Any other members experienced this? Better still - is there a remedy that does not involve buying the advertised software?
Hi Steve,

No, you haven't got a virus but you do have what appears to be a spyware infection/trojan horse related to a thing called Smitfraud.

It only affects Windows/Internet Explorer users through an unpatched vulnerability - the latest patch for this type of thing was rushed out just a couple of weeks ago and would have been available through Windows Automatic Update.

Once you have it, it's not easy to get rid of as it often downloads other malware (for instance, from the web-page it pointed you to). You only need to visit a specially-crafted site using IE to become infected by more trojans, worms, keyloggers, etc..

To try to gauge the extent and type of malware you have, please download Hijackthis from the link below. Please do this. Click here: http://www.thespykiller.co.uk/files/hijackthis_sfx.exe to download HijackThis. Click scan and save a logfile, then post the logfile here so we can take a look at it for you to work out the safest route to get it cleaned up.

Don't click fix on anything in Hijackthis as most of the files are legitimate.

Moulder
11th October 2006, 16:01
Hi Steve,

No, you haven't got a virus but you do have what appears to be a spyware infection/trojan horse related to a thing called Smitfraud.

It only affects Windows/Internet Explorer users through an unpatched vulnerability - the latest patch for this type of thing was rushed out just a couple of weeks ago and would have been available through Windows Automatic Update.

Once you have it, it's not easy to get rid of as it often downloads other malware (for instance, from the web-page it pointed you to). You only need to visit a specially-crafted site using IE to become infected by more trojans, worms, keyloggers, etc..

To try to gauge the extent and type of malware you have, please download Hijackthis from the link below. Please do this. Click here: http://www.thespykiller.co.uk/files/hijackthis_sfx.exe to download HijackThis. Click scan and save a logfile, then post the logfile here so we can take a look at it for you to work out the safest route to get it cleaned up.

Don't click fix on anything in Hijackthis as most of the files are legitimate.

Thanks for all your responses - especially to you TaffTech for above. There has been a development - my trusted nephew has sent me a file that I installed and it appears to have done the trick.

Thanks again.

Steve.

(Thumb) (Applause)

TaffTech
11th October 2006, 16:30
Thanks for all your responses - especially to you TaffTech for above. There has been a development - my trusted nephew has sent me a file that I installed and it appears to have done the trick.

Thanks Steve,

Any chance you could let us know what the fix was? (by PM, if it's unsuitable for public airing ;)) Up until now, the fixes have been very long-winded for this type of attack.

I'd still like to see a Hijackthis log from you too, make sure you really are clean.