Antisource.com  /  Security Forums  /  About  /  FAQs  /  Links  /  Polls  /  Advanced Search     
Register!   Login  
The All Inclusive Security Resource
Defending users and administrators against the
threat of viruses, trojans, spam, spyware, and hackers
Topics
General News
Antivirus Reviews
Network Defense
Spyware
Anti-Spam
Phishing Scams
Virus Alerts
Security Forums
Desktop Security
Malware Removal Help
Spam Blocking
Patches and Hotfixes

Network Security
Firewalls and Routers
Intrusion Detection
Web Proxies

Antivirus Support
Symantec
McAfee
Trend Micro
Other Antivirus
Quick Resources
About Antisource
Malware Threats Triangle
Free Virus Scan
Virus Map
 

VX2

Sunday, December 19, 2004
Author: Richard S. Westmoreland
Permalink: vx2 		Spyware
Email Article to a Colleague Printer-Friendly Version Author's Profile


Since Schadenfroh's generously contributed article MiniRoundup of Mini-AntiMalware Tools, Antisource.com has received a lot of hits for the keyword vx2 malware. Because so many people are looking for ways to remove this, I thought it would be a good idea to tell you something about it.

I asked Schadenfroh what he knew about VX2, and here is what he had to say:

I have seen it in action at school. To play it safe, I always install the VX2 plugin for ad-aware with any installation of adaware. Its symptoms are like that of many others, wierd pop ups, hijacking, the usual stuff, it is just very hard to get rid of. If it keeps up it might rival Coolwebsearch. I do not believe it has nearly as many variants as CWS, but it is certainly very harmful and embeds itself pretty deeply.

Here are some links that could help:
DirectMedia, BetterInternet, VX2 Exposed
PestPatrol: VX2

Here is what I have learned so far about VX2:

  • It is a IE Browser Helper Object (BHO)
  • Also known as Blackstone Data Transponder, NetPal, Sputnik, RespondMiter, Clean Get-Away, MSView, My PanicButton, SiteHelper
  • It's main file name is "IEHelper.DLL" or "VX2.dll"
It looks like a lengthy process to completely remove this adware. Not only does it keep track of what sites you are visiting, but it also tracks what you enter into web forms, what software you have installed, and reports back your email address (in Outlook Express) to Mindset Interactive to be sold to spammers. This sounds like one nasty spyware that I'm glad I have not had the luck of personally dealing with yet.

Additional information can be found here:

SpywareGuide: VX2  

Comment about VX2 | 2 comments |

The following comments are owned by whomever posted them. This site is not responsible for what they say.

VX2
Authored by: skipshot on Thursday, February 10, 2005

With regard to removing the VX2 varients, I have found out another way, not to eliminate it from the drive, but to disable it and keep it from running. As one of the problems in deleting all the files involved, one thing remains constant. It changes the file names with every reboot.
By locating wininit.ini in the Windows directory, open it in notepad and find the section [rename] and remove the entire section. It seems that since it cannot rename the file(s) it disables the operation of the malware. I am still unable to delete the files it had previously created, but am no longer bothered by the pop-up ads and spyware programs no longer report it as being on the system.
Reply to This

VX2
Authored by: ugnius on Thursday, March 31, 2005

In the 2-spyware.com website user with the nickname Doug posted long comment: detailed steps of VX2 removal.
Reply to This


 
 Copyright © 2008 Antisource
 All trademarks and copyrights on this page are owned by their respective owners.
Running GeekLog | Privacy Policy | Created this page in 0.17 seconds | Site Stats | RSS Feed xml