VX2 malware - how do I get rid of it! - Page 2

joey16g · 22-Nov-2004, 09:12 PM **#16**

Here is my "Startup List" and "GetService" list. Please help me, I still have been unable to eradicate this from my machine...

Thanks.

**Cookiegal** · 22-Nov-2004, 09:20 PM **#17**

Please do this. Click here http://forums.techguy.org/attachment...chmentid=38105 to download getservice.zip and unzip it to your desktop. Open the Getservice folder and click on the getservice.bat file. A notepad will open up with a long list of services. Please save that notepad file and attach it to your next reply to this thread. It will be easier to attach it rather than copy and paste because it will be too long to paste in one post.

joey16g · 22-Nov-2004, 09:26 PM **#18**

here you go:

This looks particularly suspicious to me "AGRSMMSG.exe", do you know what that is, it is in the windows folder, also the stuff in system32 folder, can you explain that stuff?

joey16g · 22-Nov-2004, 09:26 PM **#19**

This looks particularly suspicious to me "AGRSMMSG.exe", do you know what that is, it is in the windows folder, also the stuff in system32 folder, can you explain that stuff?

Flrman1 · 22-Nov-2004, 09:30 PM **#20**

There is nothing in either of those. I need you to tell me exaclty what is being found and the exact locations that it is being found in. I need all the details or I am not going to be able to help you remove it.

**Cookiegal** · 22-Nov-2004, 09:35 PM **#21**

The file you asked about is a modem driver. You can do a Google search for any of the others to get an explanation of what they are.

Did you find anything in the Control Panel relating to Bargain Buddy?

joey16g · 22-Nov-2004, 10:10 PM **#22**

No, everything there has been removed that I thought was suspicious, did you find anything in what I sent you?

joey16g · 22-Nov-2004, 10:11 PM **#23**

why would the modem driver be running? I have ethernet, just curious...anyways...this sucks, i cant find this damn thing anywhere huh...

joey16g · 22-Nov-2004, 10:25 PM **#24**

Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Download Manager
Adobe Photoshop Elements 2.0
Adobe Premiere 6 LE
Advanced Networking Pack for Windows
Agere Systems Ac'97 Modem
AOL Instant Messenger
Art Explosion Greeting Card Factory
Click to DVD 1.3
DeductionPro 2003
DirectX 9 Hotfix
DivX 4.12 Codec
DVD Decrypter
DVgate
Easy Thumbnails
Experience Vaio
Forte Agent
Giga Pocket 5.0
HighMAT Extension to MS Windows
iDEN CompanionPro
iDEN Packet Data Applet
iDEN Phonebook Manager
Internet Explorer Q867801
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
Logitech Desktop Messenger
Logitech iTouch Software
Logitech MouseWare 9.79.1
Lucent Technologies Soft Modem AMR
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Microsoft .NET Framework 1.1
Microsoft Data Access Components
Microsoft Money 2004
Microsoft Office 2000 SR-1 Pro
Motion JPEG Software Decoder
MovieShaker 3.3
Mozilla (1.6)
MSN Music Assistant
Music Visualizer Library 1.4.00
Nero 6 Ultra Edition
Norton AntiVirus 2004
Norton SystemWorks2003
Norton WMI Update
NVIDIA Windows 2000/XP Display Drivers
OpenMG Secure Module 3.1
Outlook Express
PhotoMax Pro
PicoPlayer
PicoPlayer Demo
PicoPlayerSplashScreen
PictureGear Studio 1.0
POP Peeper
PowerDVD
Quicken 2002 New User Edition
Quicktime
RealOne Player
RealProducter Basic 8.5
Recommended Hotfix
Savings Bond Wizard
Screenblast ACID 2.0a
Screenblast Sound Forge 1.0b
Sis Compatable VGS V2.09a
SonicStage 1.5.00
Sony Certificate PCH
Sony DV Shared Library
Spybot - Search and Destroy 1.3
SpywareBlaster v3.2
Support Actions WinXP
TaxCut 2003
Trend Micro PC-cillin 90-Day Trial Period Patch
VAIO Edit Components LE
VAIO Help and Support
VAIO Media 2.0
VAIO Media Installer 2.0
VAIO Media Music Server 2.0
VAIO Media Photo Server 2.0
VAIO Media Platform 2.0
VAIO Registration
VAIO Support
VERITAS RecordNow DX
VERITAS RecordNow DX Update Manager
Viewpoint Manager (Remove Only)
Viewpoint Media Player
VX2 Cleaner plug-in for Ad-Aware SE
Windows Blaster Worm Removal Tool
Windows Media Format Runtime
Windows Media Player 10
(2) Windows Media Player Hotfixes
(A bunch of) Windows XP Hotfixes
WinRAR archiver
Yahoo! Address AutoComplete
Yahoo! extras
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Toolbar
yEnc32

joey16g · 23-Nov-2004, 08:34 AM **#25**

any news on this list? I think that it is clean, but im still getting the damn bargain buddy!

joey16g · 23-Nov-2004, 08:42 AM **#26**

using spybot I have found:

Double Click 1 entry
DSO Exploit 5 entries
eXact Advertising.BargainBuddy 2 entries

under bargian buddy the files are:

C:\Windows\System32\msexreg.exe
C:\Windows\System32\instsrv.exe

Ad-aware also finds Bargain Buddy and fails to get rid of it.

joey16g · 23-Nov-2004, 08:43 AM **#27**

Should I try deleting these files in safe mod? I'm just hesitant about it because I dont know what they do...thanks

**dvk01** · 23-Nov-2004, 08:46 AM **#28**

I have merged both your threads taht are about the same problem

Do not start a nerw thread when someone is helping you it makes it impossible to keep up with what has been done

Flrman1 · 23-Nov-2004, 07:10 PM **#29**

Quote:

Originally Posted by joey16g

Should I try deleting these files in safe mod?

Yes.

joey16g · 23-Nov-2004, 09:27 PM **#30**

allright, ill give it a shot and repost my log, sorry about the 2 posts...ill get back to you in a few mins

Tag Cloud
access acer asus batch bios bsod computer crash desktop dns driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop lcd malware memory monitor motherboard mouse network printer problem ram registry router security slow software sound trojan usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!