Help, VX2 virus!!! 9 replies

Please wait...

DnC

GF's Cognitive Psychologist

50 XP

13th April 2004

0 Uploads

2,668 Posts

0 Threads

#1 13 years ago

I've got this VX2 virus and all attemps the get rid of i has failed. I've tried adware, S&D, spy sweeper, xsoftspy and alert spy. They find it, delete it but it comes back. I hate reformating!!!




FF|CrYpTK33PeR

MoHFiles - Vice Site Manager

50 XP

12th April 2005

0 Uploads

274 Posts

0 Threads

#2 13 years ago
Full Name:

[size=+1]VX2[/size] Websearch Type:Adware Also Known as:Transponder Blackstone TPS108 AADCOM NetPal DigitalRooster MSView VX2.Transponder Danger Level:danger7.gif7 [Explain] Official Description:The software goes along with the user of the software as they are surfing around the web and builds reports on the activity. The software monitors the click stream activity of the consumer and communicates with servers. The software monitors some activity of the PC and communicates with servers. Comment:Seen in numerous incarnations. Information URL:http://www.vx2.com/ Properties: Stealth Tactics Shows ads Changes browser Stays Resident Connects to the internet Manual removal: 1 Click "Start" in the task bar, then select "Control Panel" "Control Panel" Window is opened 2 In "Control Panel" window select "ADD/REMOVE Programs" Look For "BlackStone" "BlackStone" should be found in the "ADD/REMOVE Programs" 3 If "BlackStone" is found Select it and click the "Remove" button to remove it "BlackStone" should be removed. 4 If "BlackStone" is not present in the "ADD/REMOVE Programs" close any open Web browsers. All the browsers should be closed. 5 Click "Start", select the Search button and search for "IEHelper.dll" in the "C: drive". "IEHelper.dll" file should be found. 6 Delete "IEHelper.dll" "IEHelper.dll" file should be deleted. 7 Click "Start", select the Search button and search for "domlst.cch" in the "C: drive". "domlst.cch" file should be found. 8 Delete "domlst.cch" "domlst.cch" should be deleted. 9 IF the system does not permit the file to be deleted... Select "START" then select "Run", type "regedit" and press "ok". A new "Registry Editor" window is opened. 10 In the left side of the Registry Editor, select the key and its subkeys as follows. HKEY_LOCAL_MACHINE-----SOFTWARE-----Microsoft-----Windows---CurrentVersion-----Explorer-----BrowserHelperObjects\ You should find the "{00000000-5eb9-11d5-9d45-009027c14662}" key 11 Delete the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-5eb9-11d5-9d45-009027c14662} The key is deleted. 12 Reboot the computer. Click "Start", then click "Search". Search for "IEHelper.dll" You should able to find the "IEHelper.dll" file now. 13 Now delete IEHelper.dll The "IEHelper.dll" should be able delete now. 14 Reboot the computer now, and search again for "IEHelper.dll" You should not be able to find the "IEhelper.dll" file any where in your system. 15 Click Start button on the task bar and click the "Run...". a Run window is opened at the down left corner of the desktop. 16 Type "regedit" in the Run window and press "ok" A new "Registry Editor" window is opened. 17 Search for HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-5eb9-11d5-9d45-009027c14662} If the key if still found, proceed to the next step. You should not find the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-5eb9-11d5-9d45-009027c14662} key. 18 Follow from step 5 to step 10. Removal tools: List of products that detect/remove/protect against VX2: X-Cleaner RegBlock ===================================================== Or you can try this one: http://www.greyknight17.com/spy/VX2Finder(126).exe

Click the "Find VX2.betterinternet info" button to make sure that you don't have this adware. If there are no files listed, go on to the last step. If you find the adware files, (it is usually 3 random named dll files) Select all the files found.

Press 'Delete These Files'. The program will delete all files but one that will be deleted on reboot. Allow program to reboot. Once Restarted:

  • Press 'Guardian.reg'.
  • Press 'User Agent'.
  • Press 'Restore Policy'.

Clicking on "find vx2.BetterInternet info" again should show all fields blank. If you have no adware files, just click on the "Restore Policy" Button




DnC

GF's Cognitive Psychologist

50 XP

13th April 2004

0 Uploads

2,668 Posts

0 Threads

#3 13 years ago

Ok, thanks. I dont have time to do that now. But ill try later!




metal_militia

Killing is my business...

50 XP

29th November 2004

0 Uploads

1,759 Posts

0 Threads

#4 13 years ago

I hear a shot of adrenalin to the heart works best on VX :therock:




Revenge VIP Member

Shizzle my nizzle

117,165 XP

28th July 2004

0 Uploads

10,354 Posts

0 Threads

#5 13 years ago

I guess the virus maker named if after that.




MR.X`

I'm too cool to Post

50 XP

30th April 2004

0 Uploads

12,409 Posts

0 Threads

#6 13 years ago

I had that thing. I hate reformatting, but not as much as I hate all that crap I have to do to fix the system. I backed up everthing I wanted saved onto my iPod (took quite a few runs) and dumped those files onto my old VAIO, then reformatted the hard disk.

Problem? Solved.




Operative34997

error 414- user not found

50 XP

3rd June 2004

0 Uploads

794 Posts

0 Threads

#7 13 years ago

As was mentioned previously, VX2 can come in many forms. It can be the 'easy to remove with one of the above mentioned utilities' version, or it can be 'one bad SOB version that's easier to reformat'. I've encountered a fairly wide range of them. If none of the recomended remedies works, you will be hours ahead of yourself by backing up what you can and reformatting. I once (manually) removed one of the really bad ones as a demonstration on a work computer to show that the time saved by reformatting is well worth doing as opposed to patching things up.




Deimos

Pierce the Heavens

50 XP

27th January 2003

0 Uploads

9,197 Posts

0 Threads

#8 13 years ago

Ooo, souds like a nasty one. I wish you the best of luck on the removal of that sucker!




DnC

GF's Cognitive Psychologist

50 XP

13th April 2004

0 Uploads

2,668 Posts

0 Threads

#9 13 years ago

We for the last 24 hours ive had no pop ups but my startup registry resets all the time. Don't worry crypt, you haven't wasted your time and think ive just died it down. Do you know how I got it everyone? I didn't bother scanning a file i downloaded just because it was more than 1MB. :(




DnC

GF's Cognitive Psychologist

50 XP

13th April 2004

0 Uploads

2,668 Posts

0 Threads

#10 13 years ago

I have still got Aurora pop ups and FireDaemon running in msconfig.