It all began when I ran an executable called keygen.exe... Yes, I know, stupid. If any of you are familiar with it, it's the sort that comes with crack.exe in the same archive as a text file. If it's pertinent, I'll post the link where I got it. I've done a lot of crap on my system, trying to fix it myself, so I haven't done anything else on the "Before you post" thread in case it'll make my system worse. I'll describe what's wrong with my system, then I'll give a list of the things I did, in the order I did them.
Symptoms:
-Certain sites won't load. Specifically, when I try to search google, or make any other search. Other various forums, including this one, won't load, and I'm actually using my laptop to make this post right now, which is why it's hard to get logs from my PC to here. I tried with the Firefox and Internet Explorer browsers, but the end result is the same - it just hangs while going "Waiting for
www.google.com...." or whatever site I'm trying.
-In the beginning, it kept saying my automatic updates were disabled, even though it said it wasn't on the control panel. Despite turning it off and on, every time I started up my comp, it would say that my automatic updates were disabled (in the Security Center).
-The start bar lags on startup as well, you can't see anything but a long blue strip until it finally loads up correctly.
What I did:
-First, I ran a scan with Symantec, and it didn't find any errors.
-Then, I installed Kaspersky (I had to uninstall Symantec to do so) and ran a full system scan, which found a few trojans and other malware, and deleted them, but my symptoms remained the same.
-Next, I installed Spyware Doctor and ran a full scan, which also found some spyware and deleted them, but my computer was still just as bad.
-I then followed these instructions:
***********
Download [but do *NOT* yet run] FixVundo from
http://securityresponse.symantec.com/avcenter/FixVundo.exe
[we'll have you run it later]
Note: If you have previously download this file on another occasion, please download it again, to be absolutely sure you have the most current version.
********************
Next, download VirtumundoBeGone from:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
* Save it to your Desktop
* Close all running programs (including your Internet Browser)
* Double-click VirtumundoBeGone.exe on the desktop
* Follow the directions as indicated
please be advised that this program will generate a "BLUE SCREEN OF DEATH"... this is an expected/necessary part of the process, so don't be surprised when it happens.
just reboot if your system "jams"
*********************
After rebooting, it's now time to run FixVundo (which you had downloaded earlier).
Make sure all other programs, including your Internet Browser, are closed.
Double-click the FixVundo.exe file to start the removal tool.
Click Start to begin the process, and then allow this tool to run.
Important: Do not launch any new applications while the tool is running!
Reboot your computer.
Run the FixVundo removal tool again to ensure that the system is clean.
I ran VirtumundoBeGone.exe but the log said:
[09/28/2008, 12:16:54] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\leon\Desktop\VirtumundoBeGone.exe" )
[09/28/2008, 12:16:55] - Detected System Information:
[09/28/2008, 12:16:55] - Windows Version: 5.1.2600, Service Pack 3
[09/28/2008, 12:16:55] - Current Username: leon (Admin)
[09/28/2008, 12:16:55] - Windows is in NORMAL mode.
[09/28/2008, 12:16:55] - Searching for Browser Helper Objects:
[09/28/2008, 12:16:55] - BHO 1: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (IEVkbdBHO Class)
[09/28/2008, 12:16:55] - BHO 2: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[09/28/2008, 12:16:55] - Finished Searching Browser Helper Objects
[09/28/2008, 12:16:55] - Finishing up...
[09/28/2008, 12:16:55] - Nothing found! Exiting...
Next I ran FixVundo.exe which ran a lengthy full scan of my computer. After a while, the window simply went gray and froze, and I had to forcibly end it. I rebooted my system and tried VirtumundoBegone again but nothing appeared still.
-Then, I ran f-vmonde.exe from another source and it simply said no traces were detected either.
As of now, the "Automatic Updates" notification no longer appears, but the same webpage problem persists.
