-
December 9th, 2004, 12:14 AM
#21
I've been searching on and off for awhile now and you probably have tried countless things, however NoAdware is the only one claiming they can remove it.
www.NoAdware.net
good luck
edit: http://www.2-spyware.com/remove-vx2-cc.html
Here's a thread that's not dated:
I have been combing the boards for days now trying to find something to get rid of this VX2. I have finally found it. When you do a Regedit *Find* do the search for a PBAKKI and guess what. You will find the entry in the reg where it renames its self and where it is in start up. I was able to find this by using MSCONFIG and going into startup and diabling that file there. This is how i removed it.
1. Run Adaware first and try and removed everything. Then tell adaware to run during next reboot.
2. Did a Reg Find on the word PBAKKI and removed every key out there for that word
3. At this point I rebooted
4. Run a FULL system scan with adaware, then go into windows and run adaware again but just in a smart scan. Nothing is there.
Using the MSCONFIG I was able to narrow down the file and remove all the entrys that VX2 did. Then what I did was really dumb and double clicked on that PBAKKI file in c:\windows\system32 where i watched it rename its self to iupbbm.dll and where i couldent removed it.
delete file pbakki.exe because it is still there and adaware doesn\'t pick it up that its Spyware
Then i followed the steps above and POOF the file is now gone.
http://www.2-spyware.com/remove-vx2-cc.html
EDIT #2: Good Point how old is this latest variant
Connection refused, try again later.
-
December 9th, 2004, 12:21 AM
#22
just to satisfy my curiosity, where do they claim that they can remove this most recent variant??
-
December 9th, 2004, 03:20 AM
#23
Good god! I thought a computer programmer would be 'smart' enough to protect oneself!?!
I used to be a programmer and my pc always seemed to have one virus or another. It's not that I wasn't smart enough to protect myself, I just figured it came down to "do I want a secure computer or porn?" Needless to say, the network admin didn't like me very much but I had some great pictures of pamela
Neg, I've recently delt with pesky little programs that refused to be deleted. Just recently, I ran the free version of Pest Patrol (you have to remove everything it finds manually but at least it gives you the path of the files) on a system and it located a bunch of crap that had to be deleted via the command prompt. No other method worked. Even exposing all system files didn't help me find/remove these bastards. Maybe if all else fails you can get rid of these buggy files via the command prompt?
The object of war is not to die for your country but to make the other bastard die for his - George Patton
-
December 9th, 2004, 03:36 AM
#24
Tried all of that, Shag... deleting from command prompt, Safe Mode, even through Knoppix (that didn't even work...). And the nastiest thing is that they disappear and re-appear... one moment they're there, the next they're gone, then they're back under a different name,...
-
December 9th, 2004, 03:38 AM
#25
First thing I would do is to check the startup items. You can do this easily using some tools that display at the items at every startup locations. Remove those that are suspicious, but before that, kill the process first. You may also need to search the net for more information to manually remove the malware instead of rely on malware scanner since they may not work well on particular malware.
-
December 9th, 2004, 03:46 AM
#26
Check it, take the HD out and scan it on a different computer as a slave. Sounds to me the programs are hiding in HiMem. Also look on the HD for programs like M2W.exe and other nonsense like that. Run all the program you discussed in your post on the machine with the HD as a slave and let me know if this fixes the issue. Other than that I would say run a backup of the information and format format format. Also check the MBR. I will discuss this with my coworker and see if he has any ideas. I will get back with you tomorrow.
S25vd2xlZGdlIGlzIHBvd2VyIQ
-
December 9th, 2004, 03:46 AM
#27
That's the problem, Falcon21: there doesn't seem to be any info on this thing (yet). Spyrus was having the exact same problem, with the exact same pop-ups, with the exact same behavior, yet his suspicious files are totally different from the ones I saw. A new variant of VX2 seems to be what it is, and there's a bunch of info out there on "older" VX2's - info that doesn't help one bit trying to get rid of this one. I appreciate everybody's help, though! I learned quite a bit today
Ghost > I appreciate it, but I was on a deadline: got the computer yesterday evening, customer already picked it up (got rid of a bunch of stuff, but not that one particularly annoying thingy)... Might be a good suggestion for Spyrus, though!
-
December 9th, 2004, 04:02 AM
#28
I deal with Viruses day in and day out at my job. I do just what I said above. Removing the hard drive makes it impossiable for the virus to run. I scan it with McAfee 2005 AV, then I use Ad-Aware and Spybot to add to my addtionional scanning. Granted this doesnt hit the Reg files but it does remove everything else. I then plug the HD back into the PC and Run Ad-Aware and Spybot one last time just to hit the Reg. Once this is done I attend to the error messages that is left behind by the crap I removed. I cant tell you how much people pay each year for computer service when all they needed to have was an Updated AV, and Spyware remover. (I feel sorry for these people). Well got to go to bed, Ive got a laptop needing a reload, a dell with spyware, and a no name with a bad power supply needing my attention in the morning. See ya...
S25vd2xlZGdlIGlzIHBvd2VyIQ
-
December 9th, 2004, 04:28 AM
#29
Oh neggy poo....!
Can you be a dear and zip that crap up and send it to me? I'd looooove to play with this little bitch.
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
-
December 9th, 2004, 04:50 AM
#30
thats the problem hogfly we cant really figure out what files are causing the root of this issue, some hidden file(s) are making these files come back without knowing what they are I dont know if we could really do anything for you... but when if i have time tomorrow at work i will grab whatever files I can for you
Duct tape.....A whole lot of Duct Tape
Spyware/Adaware problem click
here
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|