61. by balda. 2005-02-04 03:02:43
help.................is this software the best to remove vx2
62. by James. 2005-02-03 03:02:51
How do i know if the VX2 thin is gone.....
do i just scan and see if it has showed up in the list at then end??? or is their another way to find out and be tottaly sure?
63. by kevin. 2005-01-24 23:01:53
it took me long hours. at first i didnt even know this thing was that bad so i just scanned it with adaware for about 10 times and it kept showing up! before you do anything, go to download.com and download spy sweeper and you should have adaware. scan your computer with spysweeper and remove the nonsense found by it. clear out your temporary internet files and cookies. then read this forum http://www.lavasoftsupport.com/index.php?showtopic=54511 . that was a great help. just be sure to kill guard.tmp in your system32 folder as they will tell you to do so. and the second method on that forum helped me deleted randreco.exe which kept running. after all that scan it with spy sweeper again to make sure nothing is found. then scan it with adaware. if vx2 is still detected, write down the registry path. then go to start > run > type in regedit > go to the path of the registry file > set permission of ADMIN only. then reboot your computer in safe mode (run msconfig > boot.ini > check safemode). in safe mode, run adaware and remove all the files that are found. then do a normal reboot. you should scan it with spysweeper and adaware again just to make sure. but that should take care of it. atleast thats how i did it anyways
64. by Kevin Also. 2005-01-24 18:01:59
So how did you gt rid of it. I cannot find it either. When I goto say the Trend Micro Housecall to do a virus scan, the first thing to show up is a pop-up ad of a fly (as a virus) and a frog (as a anti-virus). It's driving me nutz.
Any help out there guys?
Kev
65. by kevin. 2005-01-24 15:01:47
nevermind...i finally got rid of it!! i hope the person created this will slip and fall on his face only to get his good popped by a sharp rock.
66. by kevin. 2005-01-24 15:01:20
i cant seem to locate guard.tmp in my system32 folder. i even checked show hidden files/folders and still cant find it. but when i run adaware se, vx2 still shows up. please help.
67. by Bill. 2005-01-23 00:01:46
To remove VX2 Use windows XP disk, boot into recovery console, locate the file guard.tmp in the C:windowssystem 32 dir, change the attributes (attrib -s-h-r guard.tmp), then write down the file size in bytes should be 224xxx, locate all dlls that have this exact size, change their attributes and erase them. use the erase command, not delete, when done erase guard,tmp, reboot machine and use ad aware to remove the registry entries and remnants of the vx2 adware.
68. by Mike H. 2005-01-20 20:01:40
Well, I too was infected with that nasty VX2 bug and with the advice of several people on this forum, I was finally able to get rid of the VX2 that was hiding on my computer. The procedure I had to use was to run Ad-Aware in SAFE mode, identify the VX2 files, clean up the registry and after about the umpteenth time, was finally able to erase the suspected .dll files. I even searched all the dll files in the System32 folder for a date of 2005. I renamed them with a dl$ and finally was able to delete all of them. It is a tricky and time consuming operation, but I am happy to finally be rid of that nasty uninvited guest. The only question I have remaining, is at one point, the instructions mentioned to change the access restrictions to just the administrator. After you are rid of the VX2 bugs, is it safe or wise to reverse that and change the access restrictions to what they were before I changed them. Thanks again. I am glad that this forum was here to help me and hopefully, it will help others.
69. by Mark Coe. 2005-01-19 22:01:16
My computer is so messed up.. I can't get rid of the VX2 no matter what I try. I hope the person that is responsible for this software gets run over by a truck and dragged for 100 feet, only to live through it as a quadrapalegic.
70. by X. 2005-01-19 10:01:39
I have had all sorts of trojans and spyware on various PCs since Q4 2004. I currently have VX2, I was just wondering if that's all that I have. From time to time my cursor appears to develop an athletic regime of its own, either hopping up and down (medium impact aerobics) or swimming lengths across the monitor. I have seen similar behavious with some other thing on another PC -- I think it was CWS. Are these cursor gymnastics part of VX2 as well?
71. by E. 2005-01-16 09:01:08
the post 13 down (titled Evil!!!!) from mine worked. i couldn't get a client's pc clean until i found the .dlls with an adaware scan in safe mode, removed all permissions, even the local admin, and took ownership of the files as local admin. then i pulled the plug, went into safe mode and deleted the files, then scanned with adaware. i still had to manually scan the registry for ebates moe money, virtual bouncer and elite sidebar. this is the nastiest spyware app i've ever seen. it's as destructive as most viruses. everyone at Vx2 should be tarred and feathered in front of a web cam for the whole world to see.
72. by Thea. 2005-01-12 20:01:14
Does anyone have any information on the vx2.zserv variant? I've searched every where and feel like I've done all of these things with no luck. Suggestions?
73. by Doc in San Clemente, CA. 2005-01-11 18:01:20
I had the latest iteration of VX2 on a machine that adaware could not remove and the add-in tool didn't even show. When adaware would run it would show it, and ask to remove the files at next boot, but of course, since the names change, it could not remove them. Here is the soulution I found.
* Make sure you know the administrator password as you will need it. If you don't know it, but you have administrator privilages, reset the administrator password so you will know it later.
** Have a Win2000 or WinXP install disk handy. You will need it for part of this proceedure
1) Run Adaware from safe mode using the full system scan option and when it shows
the list of files it could not remove, WRITE THEM ALL DOWN with the FULL PATH.
2) Start your computer using the Win2000 or WinXP install disk. When prompted to install or repair, chose R for repair.
3) When prompted to repair using the console or automatic, chose C for console
4) Login in to the default windows - This is where you need the admin password
5) Now delete the files one by one that Adaware gave you earlier by using either
del /path/path/filename or cd to the appropriate directory(s) and delete the files.
6) Reboot as normal and run Adaware again using the Full System Scan option.
That should do it. I have not found a system yet that this did not work on.
74. by Guest. 2005-01-06 14:01:52
Have today removed VX2 after many weeks of trying used PC Bug Doctor and it cleaned it out complety
75. by Guest. 2005-01-05 17:01:54
Have just removed VX2 after weeks of trying tried all above on this forum have justed used pc BugDoctor and it's gone now just need to remove www coolsearch crap
76. by Guest. 2004-12-30 05:12:46
HAVE TRYED EVERYTHING ABOVE WITH NO SUCCESS PLZ PLZ SOMEONE HELP ME.
im ganna go crazy soon, the only way i am able to even use my computer is because ad-watch is preventing and edits at the moment but no program or solution above is working, when i watch ad-watch it prevents 1000 registry edits a minute, its insane i have no idea what to do. HELP ME someone.
77. by Guest. 2004-12-29 13:12:37
I believe that the easiest way to remove the VX2 spyware, or any other persistent spyware, from a WinXP system that will not run Ad-aware on reboot, is to remove the HDD and install it as a slave on a Win98 or Win2K system that will run Ad-aware on reboot. However, it probably won't be necessary for the reboot run, since the infested/infected drive is installed as a slave.
ebob2k
78. by Guest. 2004-12-29 12:12:43
I'm working on a friend's laptop that has XP Home (so I can't go in and set permissions, etc) and I can't attach the disk drive to another machine either. Any hope for me?
Doug
79. by Guest. 2004-12-28 17:12:11
Wow, I can hardly believe it.
I seem to have finally deleted this f*****g thing with Pest Patrol. I've been trying to get rid of this thing for weeks.
I downloaded the trial version of the corporate Pest Patrol programme. They don't seem to have a home user trial version. So I registered as a business user.
I''m running Hitman Pro now (combines CW, SpySweeper, AdAware etc.) to get rid of anything that may be left behind.
80. by Guest. 2004-12-28 15:12:24
Hi. I tried most of the methods posted here. I ran Adaware SE and noted the locations of the files. Then I ran regedit and denied access to the appropriate .dll file. Without exiting anything, I unplugged the computer and restarted in Safe Mode. But I couldn't delete the .dll file in Safe Mode.
So I tried #46 - starting up in Safe Mode Command - but when I went into the C:WindowsSystem32 directory, it couldn't find the .dll file. But it would show up in normal safe mode.
#46 said to use "attrub filename.exe -h -s -r" if the file doesn't show up. How do I do this? What is "attrub filename.exe -h -s -r"? I'm familiar with only very basic naviagation in a DOS prompt ("cd", "cd..." del xxxxx.exe", etc.).
help.................is this software the best to remove vx2
62. by James. 2005-02-03 03:02:51
How do i know if the VX2 thin is gone.....
do i just scan and see if it has showed up in the list at then end??? or is their another way to find out and be tottaly sure?
63. by kevin. 2005-01-24 23:01:53
it took me long hours. at first i didnt even know this thing was that bad so i just scanned it with adaware for about 10 times and it kept showing up! before you do anything, go to download.com and download spy sweeper and you should have adaware. scan your computer with spysweeper and remove the nonsense found by it. clear out your temporary internet files and cookies. then read this forum http://www.lavasoftsupport.com/index.php?showtopic=54511 . that was a great help. just be sure to kill guard.tmp in your system32 folder as they will tell you to do so. and the second method on that forum helped me deleted randreco.exe which kept running. after all that scan it with spy sweeper again to make sure nothing is found. then scan it with adaware. if vx2 is still detected, write down the registry path. then go to start > run > type in regedit > go to the path of the registry file > set permission of ADMIN only. then reboot your computer in safe mode (run msconfig > boot.ini > check safemode). in safe mode, run adaware and remove all the files that are found. then do a normal reboot. you should scan it with spysweeper and adaware again just to make sure. but that should take care of it. atleast thats how i did it anyways
64. by Kevin Also. 2005-01-24 18:01:59
So how did you gt rid of it. I cannot find it either. When I goto say the Trend Micro Housecall to do a virus scan, the first thing to show up is a pop-up ad of a fly (as a virus) and a frog (as a anti-virus). It's driving me nutz.
Any help out there guys?
Kev
65. by kevin. 2005-01-24 15:01:47
nevermind...i finally got rid of it!! i hope the person created this will slip and fall on his face only to get his good popped by a sharp rock.
66. by kevin. 2005-01-24 15:01:20
i cant seem to locate guard.tmp in my system32 folder. i even checked show hidden files/folders and still cant find it. but when i run adaware se, vx2 still shows up. please help.
67. by Bill. 2005-01-23 00:01:46
To remove VX2 Use windows XP disk, boot into recovery console, locate the file guard.tmp in the C:windowssystem 32 dir, change the attributes (attrib -s-h-r guard.tmp), then write down the file size in bytes should be 224xxx, locate all dlls that have this exact size, change their attributes and erase them. use the erase command, not delete, when done erase guard,tmp, reboot machine and use ad aware to remove the registry entries and remnants of the vx2 adware.
68. by Mike H. 2005-01-20 20:01:40
Well, I too was infected with that nasty VX2 bug and with the advice of several people on this forum, I was finally able to get rid of the VX2 that was hiding on my computer. The procedure I had to use was to run Ad-Aware in SAFE mode, identify the VX2 files, clean up the registry and after about the umpteenth time, was finally able to erase the suspected .dll files. I even searched all the dll files in the System32 folder for a date of 2005. I renamed them with a dl$ and finally was able to delete all of them. It is a tricky and time consuming operation, but I am happy to finally be rid of that nasty uninvited guest. The only question I have remaining, is at one point, the instructions mentioned to change the access restrictions to just the administrator. After you are rid of the VX2 bugs, is it safe or wise to reverse that and change the access restrictions to what they were before I changed them. Thanks again. I am glad that this forum was here to help me and hopefully, it will help others.
69. by Mark Coe. 2005-01-19 22:01:16
My computer is so messed up.. I can't get rid of the VX2 no matter what I try. I hope the person that is responsible for this software gets run over by a truck and dragged for 100 feet, only to live through it as a quadrapalegic.
70. by X. 2005-01-19 10:01:39
I have had all sorts of trojans and spyware on various PCs since Q4 2004. I currently have VX2, I was just wondering if that's all that I have. From time to time my cursor appears to develop an athletic regime of its own, either hopping up and down (medium impact aerobics) or swimming lengths across the monitor. I have seen similar behavious with some other thing on another PC -- I think it was CWS. Are these cursor gymnastics part of VX2 as well?
71. by E. 2005-01-16 09:01:08
the post 13 down (titled Evil!!!!) from mine worked. i couldn't get a client's pc clean until i found the .dlls with an adaware scan in safe mode, removed all permissions, even the local admin, and took ownership of the files as local admin. then i pulled the plug, went into safe mode and deleted the files, then scanned with adaware. i still had to manually scan the registry for ebates moe money, virtual bouncer and elite sidebar. this is the nastiest spyware app i've ever seen. it's as destructive as most viruses. everyone at Vx2 should be tarred and feathered in front of a web cam for the whole world to see.
72. by Thea. 2005-01-12 20:01:14
Does anyone have any information on the vx2.zserv variant? I've searched every where and feel like I've done all of these things with no luck. Suggestions?
73. by Doc in San Clemente, CA. 2005-01-11 18:01:20
I had the latest iteration of VX2 on a machine that adaware could not remove and the add-in tool didn't even show. When adaware would run it would show it, and ask to remove the files at next boot, but of course, since the names change, it could not remove them. Here is the soulution I found.
* Make sure you know the administrator password as you will need it. If you don't know it, but you have administrator privilages, reset the administrator password so you will know it later.
** Have a Win2000 or WinXP install disk handy. You will need it for part of this proceedure
1) Run Adaware from safe mode using the full system scan option and when it shows
the list of files it could not remove, WRITE THEM ALL DOWN with the FULL PATH.
2) Start your computer using the Win2000 or WinXP install disk. When prompted to install or repair, chose R for repair.
3) When prompted to repair using the console or automatic, chose C for console
4) Login in to the default windows - This is where you need the admin password
5) Now delete the files one by one that Adaware gave you earlier by using either
del /path/path/filename or cd to the appropriate directory(s) and delete the files.
6) Reboot as normal and run Adaware again using the Full System Scan option.
That should do it. I have not found a system yet that this did not work on.
74. by Guest. 2005-01-06 14:01:52
Have today removed VX2 after many weeks of trying used PC Bug Doctor and it cleaned it out complety
75. by Guest. 2005-01-05 17:01:54
Have just removed VX2 after weeks of trying tried all above on this forum have justed used pc BugDoctor and it's gone now just need to remove www coolsearch crap
76. by Guest. 2004-12-30 05:12:46
HAVE TRYED EVERYTHING ABOVE WITH NO SUCCESS PLZ PLZ SOMEONE HELP ME.
im ganna go crazy soon, the only way i am able to even use my computer is because ad-watch is preventing and edits at the moment but no program or solution above is working, when i watch ad-watch it prevents 1000 registry edits a minute, its insane i have no idea what to do. HELP ME someone.
77. by Guest. 2004-12-29 13:12:37
I believe that the easiest way to remove the VX2 spyware, or any other persistent spyware, from a WinXP system that will not run Ad-aware on reboot, is to remove the HDD and install it as a slave on a Win98 or Win2K system that will run Ad-aware on reboot. However, it probably won't be necessary for the reboot run, since the infested/infected drive is installed as a slave.
ebob2k
78. by Guest. 2004-12-29 12:12:43
I'm working on a friend's laptop that has XP Home (so I can't go in and set permissions, etc) and I can't attach the disk drive to another machine either. Any hope for me?
Doug
79. by Guest. 2004-12-28 17:12:11
Wow, I can hardly believe it.
I seem to have finally deleted this f*****g thing with Pest Patrol. I've been trying to get rid of this thing for weeks.
I downloaded the trial version of the corporate Pest Patrol programme. They don't seem to have a home user trial version. So I registered as a business user.
I''m running Hitman Pro now (combines CW, SpySweeper, AdAware etc.) to get rid of anything that may be left behind.
80. by Guest. 2004-12-28 15:12:24
Hi. I tried most of the methods posted here. I ran Adaware SE and noted the locations of the files. Then I ran regedit and denied access to the appropriate .dll file. Without exiting anything, I unplugged the computer and restarted in Safe Mode. But I couldn't delete the .dll file in Safe Mode.
So I tried #46 - starting up in Safe Mode Command - but when I went into the C:WindowsSystem32 directory, it couldn't find the .dll file. But it would show up in normal safe mode.
#46 said to use "attrub filename.exe -h -s -r" if the file doesn't show up. How do I do this? What is "attrub filename.exe -h -s -r"? I'm familiar with only very basic naviagation in a DOS prompt ("cd", "cd..." del xxxxx.exe", etc.).
Any help appreciated. Thanks...