Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 37

Thread: Running out of options

  1. #21
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    I've been searching on and off for awhile now and you probably have tried countless things, however NoAdware is the only one claiming they can remove it.

    www.NoAdware.net

    good luck

    edit: http://www.2-spyware.com/remove-vx2-cc.html

    Here's a thread that's not dated:

    I have been combing the boards for days now trying to find something to get rid of this VX2. I have finally found it. When you do a Regedit *Find* do the search for a PBAKKI and guess what. You will find the entry in the reg where it renames its self and where it is in start up. I was able to find this by using MSCONFIG and going into startup and diabling that file there. This is how i removed it.

    1. Run Adaware first and try and removed everything. Then tell adaware to run during next reboot.

    2. Did a Reg Find on the word PBAKKI and removed every key out there for that word

    3. At this point I rebooted

    4. Run a FULL system scan with adaware, then go into windows and run adaware again but just in a smart scan. Nothing is there.

    Using the MSCONFIG I was able to narrow down the file and remove all the entrys that VX2 did. Then what I did was really dumb and double clicked on that PBAKKI file in c:\windows\system32 where i watched it rename its self to iupbbm.dll and where i couldent removed it.

    delete file pbakki.exe because it is still there and adaware doesn\'t pick it up that its Spyware

    Then i followed the steps above and POOF the file is now gone.

    http://www.2-spyware.com/remove-vx2-cc.html

    EDIT #2: Good Point how old is this latest variant
    Connection refused, try again later.

  2. #22
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    just to satisfy my curiosity, where do they claim that they can remove this most recent variant??

  3. #23
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    SC
    Posts
    718
    Good god! I thought a computer programmer would be 'smart' enough to protect oneself!?!
    I used to be a programmer and my pc always seemed to have one virus or another. It's not that I wasn't smart enough to protect myself, I just figured it came down to "do I want a secure computer or porn?" Needless to say, the network admin didn't like me very much but I had some great pictures of pamela

    Neg, I've recently delt with pesky little programs that refused to be deleted. Just recently, I ran the free version of Pest Patrol (you have to remove everything it finds manually but at least it gives you the path of the files) on a system and it located a bunch of crap that had to be deleted via the command prompt. No other method worked. Even exposing all system files didn't help me find/remove these bastards. Maybe if all else fails you can get rid of these buggy files via the command prompt?
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  4. #24
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    Tried all of that, Shag... deleting from command prompt, Safe Mode, even through Knoppix (that didn't even work...). And the nastiest thing is that they disappear and re-appear... one moment they're there, the next they're gone, then they're back under a different name,...

  5. #25
    Senior Member Falcon21's Avatar
    Join Date
    Dec 2002
    Location
    Singapore
    Posts
    252
    First thing I would do is to check the startup items. You can do this easily using some tools that display at the items at every startup locations. Remove those that are suspicious, but before that, kill the process first. You may also need to search the net for more information to manually remove the malware instead of rely on malware scanner since they may not work well on particular malware.

  6. #26
    IT Specialist Ghost_25inf's Avatar
    Join Date
    Sep 2001
    Location
    Michigan
    Posts
    648
    Check it, take the HD out and scan it on a different computer as a slave. Sounds to me the programs are hiding in HiMem. Also look on the HD for programs like M2W.exe and other nonsense like that. Run all the program you discussed in your post on the machine with the HD as a slave and let me know if this fixes the issue. Other than that I would say run a backup of the information and format format format. Also check the MBR. I will discuss this with my coworker and see if he has any ideas. I will get back with you tomorrow.
    S25vd2xlZGdlIGlzIHBvd2VyIQ

  7. #27
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    That's the problem, Falcon21: there doesn't seem to be any info on this thing (yet). Spyrus was having the exact same problem, with the exact same pop-ups, with the exact same behavior, yet his suspicious files are totally different from the ones I saw. A new variant of VX2 seems to be what it is, and there's a bunch of info out there on "older" VX2's - info that doesn't help one bit trying to get rid of this one. I appreciate everybody's help, though! I learned quite a bit today

    Ghost > I appreciate it, but I was on a deadline: got the computer yesterday evening, customer already picked it up (got rid of a bunch of stuff, but not that one particularly annoying thingy)... Might be a good suggestion for Spyrus, though!

  8. #28
    IT Specialist Ghost_25inf's Avatar
    Join Date
    Sep 2001
    Location
    Michigan
    Posts
    648
    I deal with Viruses day in and day out at my job. I do just what I said above. Removing the hard drive makes it impossiable for the virus to run. I scan it with McAfee 2005 AV, then I use Ad-Aware and Spybot to add to my addtionional scanning. Granted this doesnt hit the Reg files but it does remove everything else. I then plug the HD back into the PC and Run Ad-Aware and Spybot one last time just to hit the Reg. Once this is done I attend to the error messages that is left behind by the crap I removed. I cant tell you how much people pay each year for computer service when all they needed to have was an Updated AV, and Spyware remover. (I feel sorry for these people). Well got to go to bed, Ive got a laptop needing a reload, a dell with spyware, and a no name with a bad power supply needing my attention in the morning. See ya...
    S25vd2xlZGdlIGlzIHBvd2VyIQ

  9. #29
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    Oh neggy poo....!

    Can you be a dear and zip that crap up and send it to me? I'd looooove to play with this little bitch.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  10. #30
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741
    thats the problem hogfly we cant really figure out what files are causing the root of this issue, some hidden file(s) are making these files come back without knowing what they are I dont know if we could really do anything for you... but when if i have time tomorrow at work i will grab whatever files I can for you
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •