Some weird things are happening with my computer that I think are caused by a virus.
First, most of the Google search results are redirecting me to advertisements.
Second, I get a network error message when I try to bring up the website that hosts Spybot Search and Destroy. I downloaded the executable file on another computer, but then could not install it on my current computer. The error message just tells me there is a network error.
Third, Ad-ware and AVG can’t update themselves. I ran both of them in safe mode, but the problems keep coming up.
As far as I know there doesn’t seem to be anything wrong with my internet connection. The only issue is that Google takes me to advertisements and a few spyware/virus prevention applications don’t work.
A possiblae culprit, based on the behavior described in the OP. (I don’t have advice, but happened on that while updating my AVG today, so offered it for what it may be worth.)
My grueling two day battle has come to an end. It was taken apart by Malwarebytes, one byte at a time.
I couldn’t download Malwarebytes on my infected computer (website was blocked), but I managed to do it on my laptop and transfer it over.
Once it deleted Vundo, my internet connection wouldn’t work. For some reason there was no address for the DNS server. Once I put that in everything worked fine.
Glad you solved it. For anyone else having a similar problem, one more data point: I can’t remember the specific virus but my son had one on his computer that put bogus entries in the hosts file for all of the major AV companies. These were added after enough blank lines that the bogus entries didn’t appear on the screen unless you scrolled down. Since the host file is usually checked before any DNS check, this was an effective block of updates.
I tried once to eradicate the newest incarnation of Vundo by hand. It was a valiant effort but I was defeated.
The reason I went after it without the help of Malwarebytes is that I accidentally stumbled upon a site who wanted to charge me for the download and of course I thought “Nertz to that!”. This is in November when the new variations surfaced.
I tried every tried and true method - Spybot, Kaspersky, Spysweeper, and the traditional Vundo-killer (via plugin) Ad-Aware. (Vundo is six years old) I worked in safe mode, I worked with Ultimate Boot Disk, I did every thing right - killed all suspicious processes, shut down system Restore, manually killed every new file that showed on reboot. There was nothing that could kill this infestation.
After six hours total over a weekend, I revisited a Malwarebytes thread and found out it is not generally a paid program and downloaded the real one from the source. (palmface)
This was the only time Kaspersky let me down and one of the few times I could not handle an infection by hand even with severe time investment.
Frankly I am surprised Vundo is not written about more than it is. I consider their crapulent technique legendary. I know it is introduced legally to the consumer, but man is it a royal pain.
Regarding the last post - via Wiki: Spybot Search & Destroy is able to block generations of Vundo that are older than Trojan.Vundo.F. Some modern variants of Vundo can exploit the presence of Spybot Search & Destroy by infecting TeaTimer.exe, a program that is bundled with Spybot.