I'm having a random message pop up on my screen every now and then that says WinFixer 2005 is necessary to help my computer run. Then it prompts me to download WinFixer 2005 and when I click the X button to completely exit out of the window it starts to try and automatically download Win Fixer 2005. I'm not sure if Win Fixer 2005 is an actual program or some form of virus that is trying to infect my computer. Lately my computer has been having some trouble with the monitor booting up. Sometimes it won't boot up at all. The computer starts up but the monitor won't turn on. I'm not sure if this is a technical problem or if this is a side effect of a virus. Any help you could give me would be greatly appreciated. In addition I've been trying to delete a program from my computer that I had to use for my Business class. It's called SAM 2003 but when I try to delete it from ADD/REMOVE programs it doesn't delete it. Please help me!
Recommended Answers
Jump to PostDownload [but do *NOT* yet run] FixVundo from
http://securityresponse.symantec.com/avcenter/FixVundo.exe
[we'll have you run it later]
Note: If you have previously download this file on another occasion, please download it again, …
All 3 Replies
Download [but do *NOT* yet run] FixVundo from
http://securityresponse.symantec.com/avcenter/FixVundo.exe
[we'll have you run it later]
Note: If you have previously download this file on another occasion, please download it again, to be absolutely sure you have the most current version.
********************
Next, download VirtumundoBeGone from:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
* Save it to your Desktop
* Close all running programs (including your Internet Browser)
* Double-click VirtumundoBeGone.exe on the desktop
* Follow the directions as indicated
please be advised that this program will generate a "BLUE SCREEN OF DEATH"... this is an expected/necessary part of the process, so don't be surprised when it happens.
just reboot if your system "jams"
*********************
After rebooting, it's now time to run FixVundo (which you had downloaded earlier).
Make sure all other programs, including your Internet Browser, are closed.
Double-click the FixVundo.exe file to start the removal tool.
Click Start to begin the process, and then allow this tool to run.
Important: Do not launch any new applications while the tool is running!
Reboot your computer.
Run the FixVundo removal tool again to ensure that the system is clean.
*********************
It's now time to report back to us
Ok I did everything you asked me to do and here is the log file that was saved on my computer from VBG
[12/07/2005, 11:00:26] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\William Hall\Desktop\VirtumundoBeGone.exe" )
[12/07/2005, 11:00:31] - Detected System Information:
[12/07/2005, 11:00:31] - Windows Version: 5.1.2600, Service Pack 2
[12/07/2005, 11:00:31] - Current Username: William Hall (Admin)
[12/07/2005, 11:00:31] - Windows is in NORMAL mode.
[12/07/2005, 11:00:31] - Searching for Browser Helper Objects:
[12/07/2005, 11:00:31] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[12/07/2005, 11:00:31] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[12/07/2005, 11:00:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/07/2005, 11:00:31] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[12/07/2005, 11:00:31] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[12/07/2005, 11:00:31] - BHO 3: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[12/07/2005, 11:00:31] - BHO 4: {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} (MSEvents Object)
[12/07/2005, 11:00:31] - ALERT: Found MSEvents Object!
[12/07/2005, 11:00:31] - Finished Searching Browser Helper Objects
[12/07/2005, 11:00:31] - *** Detected MSEvents Object
[12/07/2005, 11:00:31] - Trying to remove MSEvents Object...
[12/07/2005, 11:00:32] - Terminating Process: IEXPLORE.EXE
[12/07/2005, 11:00:33] - Terminating Process: RUNDLL32.EXE
[12/07/2005, 11:00:33] - Disabling Automatic Shell Restart
[12/07/2005, 11:00:33] - Terminating Process: EXPLORER.EXE
[12/07/2005, 11:00:34] - Suspending the NT Session Manager System Service
[12/07/2005, 11:00:34] - Terminating Windows NT Logon/Logoff Manager
[12/07/2005, 11:00:35] - Re-enabling Automatic Shell Restart
[12/07/2005, 11:00:35] - File to disable: C:\WINDOWS\system32\sstts.dll
[12/07/2005, 11:00:35] - Renaming C:\WINDOWS\system32\sstts.dll -> C:\WINDOWS\system32\sstts.dll.vir
[12/07/2005, 11:00:37] - File successfully renamed!
[12/07/2005, 11:00:37] - Removing HKLM\...\Browser Helper Objects\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152}
[12/07/2005, 11:00:38] - Removing HKCR\CLSID\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152}
[12/07/2005, 11:00:38] - Adding Kill Bit for ActiveX for GUID: {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152}
[12/07/2005, 11:00:38] - Deleting ATLEvents/MSEvents Registry entries
[12/07/2005, 11:00:38] - Removing HKLM\...\Winlogon\Notify\sstts
[12/07/2005, 11:00:38] - Searching for Browser Helper Objects:
[12/07/2005, 11:00:38] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[12/07/2005, 11:00:38] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[12/07/2005, 11:00:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/07/2005, 11:00:38] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[12/07/2005, 11:00:38] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[12/07/2005, 11:00:38] - BHO 3: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[12/07/2005, 11:00:38] - Finished Searching Browser Helper Objects
[12/07/2005, 11:00:38] - Finishing up...
[12/07/2005, 11:00:38] - A restart is needed.
[12/07/2005, 11:00:46] - Attempting to Restart via STOP error (Blue Screen!)
I ran FixVundo twice. The first time it picked up the trojan. After it removed it and I restarted the computer it wasn't detected.
Ok I did everything you asked me to do and here is the log file that was saved on my computer from VBG
[12/07/2005, 11:00:26] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\William Hall\Desktop\VirtumundoBeGone.exe" )
[12/07/2005, 11:00:31] - Detected System Information:
[12/07/2005, 11:00:31] - Windows Version: 5.1.2600, Service Pack 2
[12/07/2005, 11:00:31] - Current Username: William Hall (Admin)
[12/07/2005, 11:00:31] - Windows is in NORMAL mode.
[12/07/2005, 11:00:31] - Searching for Browser Helper Objects:
[12/07/2005, 11:00:31] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[12/07/2005, 11:00:31] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[12/07/2005, 11:00:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/07/2005, 11:00:31] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[12/07/2005, 11:00:31] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[12/07/2005, 11:00:31] - BHO 3: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[12/07/2005, 11:00:31] - BHO 4: {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} (MSEvents Object)
[12/07/2005, 11:00:31] - ALERT: Found MSEvents Object!
[12/07/2005, 11:00:31] - Finished Searching Browser Helper Objects
[12/07/2005, 11:00:31] - *** Detected MSEvents Object
[12/07/2005, 11:00:31] - Trying to remove MSEvents Object...
[12/07/2005, 11:00:32] - Terminating Process: IEXPLORE.EXE
[12/07/2005, 11:00:33] - Terminating Process: RUNDLL32.EXE
[12/07/2005, 11:00:33] - Disabling Automatic Shell Restart
[12/07/2005, 11:00:33] - Terminating Process: EXPLORER.EXE
[12/07/2005, 11:00:34] - Suspending the NT Session Manager System Service
[12/07/2005, 11:00:34] - Terminating Windows NT Logon/Logoff Manager
[12/07/2005, 11:00:35] - Re-enabling Automatic Shell Restart
[12/07/2005, 11:00:35] - File to disable: C:\WINDOWS\system32\sstts.dll
[12/07/2005, 11:00:35] - Renaming C:\WINDOWS\system32\sstts.dll -> C:\WINDOWS\system32\sstts.dll.vir
[12/07/2005, 11:00:37] - File successfully renamed!
[12/07/2005, 11:00:37] - Removing HKLM\...\Browser Helper Objects\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152}
[12/07/2005, 11:00:38] - Removing HKCR\CLSID\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152}
[12/07/2005, 11:00:38] - Adding Kill Bit for ActiveX for GUID: {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152}
[12/07/2005, 11:00:38] - Deleting ATLEvents/MSEvents Registry entries
[12/07/2005, 11:00:38] - Removing HKLM\...\Winlogon\Notify\sstts
[12/07/2005, 11:00:38] - Searching for Browser Helper Objects:
[12/07/2005, 11:00:38] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[12/07/2005, 11:00:38] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[12/07/2005, 11:00:38] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/07/2005, 11:00:38] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[12/07/2005, 11:00:38] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[12/07/2005, 11:00:38] - BHO 3: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
[12/07/2005, 11:00:38] - Finished Searching Browser Helper Objects
[12/07/2005, 11:00:38] - Finishing up...
[12/07/2005, 11:00:38] - A restart is needed.
[12/07/2005, 11:00:46] - Attempting to Restart via STOP error (Blue Screen!)I ran FixVundo twice. The first time it picked up the trojan. After it removed it and I restarted the computer it wasn't detected.
Now go run it in safe mode.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.