Help! Can't Delete VX2 Malware

Generic Detection Tool Log Attached

 

Your logs are clean, are you having any further problems?

 

I hope this is the end of VX2 on my computer. I'll keep watching. Thank you SO MUCH for all your help!

 

Your Welcome!

You should see this article on How to Protect yourself from malware!

 

Arrgh!! I'm back and still infected. I ran Panda Active Scan and there are about 30 infected files again. I've done what I can to follow the instructions for protecting against malware--I have a firewall and antivirus program and I've switched to Sun Java. I've also downloaded and installed Firefox but can't get it to work with AOL. Any suggestions?

After you told me the logs were clean, I tried to go on-line and got this message, "America Online will now install the files required for you to connect to the service. You may be asked to restart your computer; otherwise, you will not be able to connect." I restarted without clicking on the message and was able to get online, but I think this is when the trouble began again. I'm also getting other strange messages.

Is there any way to get rid of this permanently. I'm about ready to trash this computer.

Thanks for your help!

 

papertrail,

Im going to be honest with you, I would do away with the AOL crap as it causes more harm and agravation than it does good.

All you need for protection is an up-to-date AV, firewall and windows updates. SpyWare Blaster & Guard are great for protection also.


If possible attach your Panda scan log.

 

Here's the log. Thank you!

 

Was these infections removed by Panda?

 

Hey there...

I am posting on behalf of the original papertrail, who is now unable to open either browser (ie, or firefox, which was downloaded and installed). There are still a host of problems occurring (and no, running panda seems to have made no difference).

One thing I should state before going any further... I am a mac user, and while I have some rudimentary knowledge of windows, most of this is foreign to me (but I do use firefox). So feel free to treat me as a novice as well.

Firefox was working just fine at first, although aol was refusing to recognize it as the default browser. Still ie was opening everytime, and it appeared more spyware/malware/whatever was downloading. We did a little research on the web, and changed the default settings in both firefox & ie, as well as selected firefox as the default web browser for windows in the control panel under "set program account defaults." Sorry if some of my terminology is a bit off here... It still wasn't working, but at least it was possible to get online at that point. Now suddenly this afternoon, neither will open.

In my web search I came across a little program called SetBrowser 1.4. We haven't downloaded or run that... but is it something you'd recommend? And there's a firefox extension meant to help with this as well. Do you think that would work? Or are we just missing a very easy fix?

Not sure if this matters, but there is only one av program running - Norton. Updates to norton system works were downloaded earlier today, and diagnostic tools/check disk was run, w/apparently no trouble.

Probably related... the machine is now taking a ridiculously long time to restart. I don't mean 2 or 3 minutes, I mean practically forever.

One final question... If papertrail ditches aol, which I believe is going to happen shortly, as a windows user, is there a particular isp you would suggest? Dial-up is being used here, and probably will continue to be, at least for now. I was checking out earthlink, but if you have any better ideas, we'd love to hear them. Obviously anything w/ie hard-wired in is NOT up for consideration!

Thanks so much for all the help and time you've given so far, it's been invaluable! And tia for any further advice you're able to give!

 

Never heard/used SetBrowser 1.4. so I cant say if its good or not.

About ISP's, they are different in every city so you will have to shop around. I would however recommend you try to get Cable/DSL if possible because dialup is torture (had it before).

About papertrail's problems, I need a current HJT log so is there a way to run HJT and get the log uploaded from another computer?

 

Thanks for the response!

Well... papertrail called aol three times last night, and was finally told the problem is w/the norton firewall settings. So running norton's liveupdate was the problem. This stupid thing closed the necessary ports. I'm in the process of printing up the pages of instructions on symantec's website on how to fix this. Turns out they are fully aware of this problem, too. Of course tech support would be free if papertrail could get online, but phone support is $29.95 per "incident!" Convenient, no? And I wouldn't be surprised if "incident" translates to "call." And then... after everything's configured, they want us to test the net connection with ie "even if you normally use another internet browser." With no firewall up. Yeah, okay. It's not as if that's how this entire problem started in the first place, or anything.

As long as we can run hjt, which I don't think will be problem, we will get a new log to you, one way or another.

I was on dial-up too, a while back, and couldn't agree more. I've been strongly suggesting cable (dsl in our area has a rep for instability). We'll see.

Incidentally... I happened to note symantec's fee for virus removal support is $39.95 - $69.95. Again, per "incident." Holy #$*! I can only assume this is some sort of industry standard. I thought your help was valuable before, but now I have an even clearer understanding. QUADRUPLE thanks to you!!

 

Personally, I would ditch Norton just like I did a few months ago. I used to love it but when I got a virus, norton didnt do a thing, I had to do everything manually.

NPF is the worst firewall ever, I say this from experience because every Norton Firewall will be corrupted and cause internet problems or other problems if you get infected with something. I've seen it so many times it isnt funny.

If you really want Norton fixed let me know and I'll send you a fix tool for any version of norton. This will remove everything including your problems.

Let me know!

 

I'd like to see norton trashed, too. Thinking maybe avg instead. The problem though, is that a year's subscription to this thing was just purchased. I think papertrail may check into seeing if this could possibly be cancelled and at least partially refunded.

In the meantime though, if you could send me that tool, it'd be great... thanks! Then we can work on it either way.

Oh, and haven't forgotten the hjt log... hopefully I will have that soon.

PMing my address...

 

What version of Norton do you have? 02,03,04??

 

Systemworks 02, Personal Firewall 05.

Attaching hjt log...

TY!

 

Download SymNRT, save to your desktop. Double click to run the program, follow the on screen insructions then REBOOT!

Download Rnav, save to your desktop. Double cli ck to run the program. When running this tool it will prompt you when you run it "Would you like to exit now and try this" click NO. Now, Select Norton AntiVirus 2003/Norton AntiVirus 2003 Professional and click OK.

Note: You will be prompted to reboot when this tool is complete, please do so that settings can be applied.

 

Cool, have downloaded, and am burning these now, so papertrail can run them tomorrow. Will you need another hjt log afterwards, or do you expect this will finally clear up all the problems?

 

This should clear up all of the Norton issues, to confirm the computer is clean I need a fresh HJT log.

 

Okay then, after running these, we will get you a new hjt log asap.

Thanks again!

 

Your Welcome!

 

Well, I'm back. Thank you for communicating with papertrail2 to help me fix the Norton nightmare. Now all things Norton have been deleted and I can connect to the web. I am now using AVG and Sygate. I ran an AVG scan and it found 9 Trojan Horses--7 were supposedly deactivated by Microsoft Anti-Spyware--the other two were active. AVG removed them. Today I tried to run a Panda scan, but it was blocked while going through the registry. Up to that point, 10 infected files were found and could not be disinfected. Spybot and Adaware scans show nothing significant.

Also, I cannot connect to AOL without restarting the computer. Is there a firewall setting that would correct this?

I have attached a new HJT log. Thank you for all your help!

 

Your HJT log is clean, the first thing I would do is uninstall the AOL Spyware crap as it causes more harm than it does good.

Download Spy Sweeper 4.0.3.363 and install it.

After you install make sure you get the updated spyware definitions. Then do a full sweep removing all infections. After you remove the infections with SpySweeper, reboot and let me know how things are running.

 

I followed your instructions. AOL Anti-Spyware has been deleted and I am now using Spy Sweeper. It's pretty impressive--I may keep it and pay for a subscription. I feel safer from spyware now.

For some reason, I still have to restart to connect to AOL at times--not sure why. Also, my touchpad has a mind of its own sometimes. Otherwise, I think everything's okay. These problems are insignificant compared to the past few days and weeks.

Thanks so much for your help!

 

If your not having any further Malware problems and just these remain I would post them in the Software Forum.

 

Thanks again. I don't know what I would have done without your help! If you ever need a reference for a job interview, I would be pleased to write a letter of recommendation for you.

 

Thanks, I really appreciate it!

Surf Safely!