Ad-aware VX2 Cleaner Problem

Re: Got the VX2 Adware and CANT Get Rid of it!

I'm probably off base posting this now as I've not done the step by step in the OP. I'm too fatigued at this point to do it, even if it would make a difference, and will wait till I have a clear head. But I'm going to relate my experience trying to use the ad-aware VX2 plugin.

After upgrading to the latest ver of Ad-Aware, I downloaded the cleaner, installed it and everything seemed to go smoothly. When I start up AA, click on plugins, I get a listing for "Bad Entrypoint" as name, description and creator. Needless to say nothing starts up. When I right click on this entry I get:

Obj. 1/1
Name: Bad Entrypoint
Filename: vx2cleaner.dll
Description: Bad Entrypoint

The same thing happens on my child's computer, which is infected, and mine which is clean.

I can't help but think that Ad-Aware's cleaner is dysfunctional. Rebooting, safe mode nothing seems to change anything.

BTW, the last time I tried cleaning it w/o the plugin (in safe mode), something happened that I thought was strange. AA showed 3 items, 2 of which were .dll s . When I quarantined, I got a message that 1 item couldn't be fixed and asking whether I wanted it fixed on bootup. This .dll had a different name than those previously listed. Before I rebooted, I opened a command prompt and tried to delete it manually, but was told access denied.

I'm curious if anyone trying to use AA's plugin has had the same experience as I, or different, and hope maybe some of this will mean something to the bright folks out there.

 

Re: Got the VX2 Adware and CANT Get Rid of it!

If you have upgraded to AdAwareSE, there may be a leftover subfolder from your previous version that still exists. Removing it may help with the vx2cleaner plugin issues you are experiencing. The current version of SE asks if you wish to uninstall a detected previous version if still installed. If you make sure by whatever method, that all vestiges of the previous version are removed (uninstall and manually delete leftover folders, if necessary), and install the plugin again, you may find it works.

 

Re: Got the VX2 Adware and CANT Get Rid of it!

Also, be sure you have the vx2cleaner plug-in for SE. Although they have the same filename "plvx2cleaner.exe", the version 6 one will not install to SE. You can tell which you have when you install it-- the top bar of the installation wizard will say "for AdAware SE" if it is the correct one.

 

Re: Got the VX2 Adware and CANT Get Rid of it!

Thanks The Doug. Good thought and I tried it, i.e. used add/remove to remove AA. The was still a directory left with a bunch of iles so I deleted those. Then did a fresh install. Now when I install the plug in nothing whatsoever shows up. This was on my machine. This looks like a dead end to me.

At any rate, I tried to follow the full regimen specified in the OP on my child's machine in safe mode. Here is what AA found, what it wanted to deal with on reboot, and the Hijackthis file. If I can figure out how to attach them Its been a long day....

Which I can't, so here is what AA wanted to kill after reboot:


Maybe this will be of use to someone, I hope so. I would love to know the identity and address of the sob that concocted this.

EDIT by chaslang: Please stop posting your problems in this thread. It does not belong to you. Think of it just like the spyware or hijackers on your computer. That's what you are doing. Start you own thread. Also do not post HJT logs unless we ask for them. Please read the sticky threads and follow them:
http://forums.majorgeeks.com/showthread.php?t=35407
http://forums.majorgeeks.com/showthread.php?t=38752

And the VX2 cleaner works fine you just have to install the correct one.

 

Re: Got the VX2 Adware and CANT Get Rid of it!

I used the Lavasoft AdAware 6 uninstaller from the Start Menu, and then deleted the AdAware 6 subfolder under Program Files\Lavasoft. Then installed SE, and then the vx2cleaner plugin with AdAware SE not running.

That is vx2.

chaslang, if you can split chinnboy and my posts to another thread, that's fine with me.

 

The Doug and chaslang, I can't thank you enough for your patience and help. I apologize for poor etiquette as I certainly didn't mean to hijack anybody's thread.

At any rate, I finally got AAse installed with a working plugin. I ran it in safe mode, but had to do so several times. Finally I came up with a clean scan. I then booted into standard mode, and <groan> 6 issues were identified. But none of them were VX2!

I thought it interesting that before I rebooted again I ran Spybot for good measure, and it identified an incidence of VX2/f. It claims to have fixed it. But Ad-Aware didn't seem to pick it up - it identified my problem as VX2 ver3.

I'm keeping my fingers crossed but it looks like I may be pretty clean. But I've got to get to bed, its been a grueling day.

Thanks again fellows!

Steve J

 

Alas, my travails persist. Last night, I rebooted the computer and left it on, after I disconnected it from the router. This morning the only thing other than the desktop was a message from NAV that it was unable to check for updated defs. Good, I think. So I plug it into the router, go read the paper, and come back down in 1 1/2 hours. There were a dozen or so IE windows open, plus one picture running under Windows Media PLayer. Ad-Aware now finds 17 objects, all found in the IE cache, captioned "tracking". All indicate they are from my child's cookie folder.

I went to the folder and deleted everything except an "index" file which was "in use". I then run AA and it finds 13 similar items, even though when I search the folder again there is nothing except the "index" file.

No sign of VX2 so that appears to have been fixed but was not my prime problem. I don't have the slightest idea of what could be starting these IE sessions on its own but I'm about to give up the ghost and dig out my Dell restore disk.

Update: Aha! Now 28 cookies do show up in the folder. I presume these are being created from the IE windows that keep opening...

 

As Howard Cosell used to sometimes say during the Monday Night Football highlights - "Apparently stopped - but NO!!!"

I figured I had nothing to lose, so I tried my hand at using the fix capability of Hijack This, and nailed 22 items. Thanks to chaslang for reminding me of the sticky page how to use it. It seems to have done the trick. Ad-Aware ran through clean, and Spybot as well after I figured out the fix for DSO Exploit.

I seem to be squeeky clean, the desktop seems stable with no surprise IE episodes, and I still have a few hours of daylight in the weekend. And I did learn quite a lot.

Thanks again, everyone!

 

For the record it is "deselect all" and it is very important for everyone to check on this when they install SpyBot.

So I'm noting that here so this might get read by a few others so they can indeed go in a check for these 4 default settings.

(not trying to hijack the thread -- honest to goodness!)