VX2 Variant 3 won't go away

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mianatw, Nov 13, 2004.

  1. mianatw

    mianatw Private E-2

    Hi There. I checked out the forum http://forums.majorgeeks.com/showthread.php?t=35407 to learn how to get rid of this persitent spyware thats' constantly bringing pop ups onto my desktop, some of which are installing programs. I did the following steps:

    Disabled System Restore.
    Checked for the Network Security, Workstation Netlogon Services & Remote Procedure Call (RPC) Helper (didn't have any)
    Downloaded and installed:
    Ad-Aware VX2 cleaner plug in (already had Ad Aware)
    CC Cleaner
    Already had Spybot
    Spyware Blaster
    McAfee Avert Stinger
    CWShredder
    Kill2Me


    I upgraded the definitions for all of these, and made sure that I started the computer in Safe Mode with Network Support. Ran them all. Everything came up clean excpet for Ad Aware, which said I had a variant of the VX2, Variant 3. I've ran the VX2 Cleaner Plug in twice, and ran Ad Aware 4 times afterwards, and it keeps coming back. I'm at a loss as to how to get it out. It shows up in my Windows/System32 files, usually hidden, and usually as a System File. I have to go into Tools, Folder Options, View, Show Hidden files and Folders, AND uncheck Hide extensions for known file types AND uncheck Hide protected operating system files in order to see the files. Please, is there anything else I can do?
     
    mianatw, Nov 13, 2004
    #1
  2. Corporal Punishment

    Corporal Punishment Administrator Staff Member

    Try booting to safe mode make SURE your temp files are cleaned out and clean your c:/windows/prefetch -- then rescan.

    See if that helps.
     
    Corporal Punishment, Nov 13, 2004
    #2
  3. mianatw

    mianatw Private E-2

    I've been looking around at different forums and such, and I've seen mentioned several times that the file Layout.ini is used by the defragmenter and should not be removed. Is this safe to remove just the once and let the system put it back in, or is it something that I should leave alone and just delete the rest?

    *is at work, won't get a chance to actually try this till later tonight...* :eek:
     
    mianatw, Nov 13, 2004
    #3
  4. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Why delete a neccasary file for no reason. Not sure where this idea came from...
     
    Major Attitude, Nov 13, 2004
    #4
  5. mianatw

    mianatw Private E-2

    I managed to get rid of it. I had to do some redownloading of Ad Aware stuff, but it all worked out. I also did delete everything in the Prefect file except for Layout.ini. Here's a link to the Ad Aware forum that I got the instructions from to retry Ad Aware.

    Hopefully it'll help someone else out.

    http://www.lavasoftsupport.com/index.php?showtopic=51827&st=0&#entry353796
     
    mianatw, Nov 14, 2004
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds