Text only | Text with Images

LandzDown Forum

Security => Security Software Programs => Topic started by: so82 on October 14, 2005, 07:32:36 PM

Title: VX2
Post by: so82 on October 14, 2005, 07:32:36 PM
Hey,
I want some information about the vx2 add-on:
How do you know in which cases to run the add-on?
Do you have any list of vx2 variants?

thanks for all the help !
Title: Re: VX2
Post by: Corrine on October 14, 2005, 07:46:36 PM
Hi, so82.  The VX2 variants are identified by Lavasoft as, well, as VX2.  Ad-Aware does not use "name" per se in the actual scanning but rather signatures.  Those signatures are identified to us as names when detected.  If VX2 shows up in a logfile, then you would want to also run the VX2 add-on.  Well known in the arena is nail.exe, which the VX2 cleaner does an excellent job with.  As to other names, I wouldn't be able to even hazzard a guess.
Title: Re: VX2
Post by: so82 on October 14, 2005, 10:51:01 PM
thanks Corrine
Is there any chance you have a logfile that vx2 shows up in that you can post as an example?
Do you know what kind of effect vx2 variants have on an infected computer?
Title: Re: VX2
Post by: Corrine on October 14, 2005, 11:09:53 PM
Sorry, so82, I don't have any recent logfiles.  If you see something with aurora in it nor nail.exe, that's VX2.  As to the effect on the infected computer -- from what I understand -- popups happening so fast there is no way to stop them.  Lots of random character files installed in the System32 folder.  Some VX2 infections are definitely worse than others. 
Title: Re: VX2
Post by: so82 on October 14, 2005, 11:23:05 PM
thank you for the information   8)
Title: Re: VX2
Post by: Corrine on October 14, 2005, 11:50:31 PM
You are most welcome, so82.  I may not have quite the answers you are looking for, but will certainly do my best to help.

Regards,

Corrine
Title: Re: VX2
Post by: LS SteveJ on October 16, 2005, 10:46:23 AM
Hey So82... the best way to see if you have Nail is to first scan with ad-aware. As Corrine said, it will detect the nail-file (no pun intended hehe) and will report that you have VX2 on your system... you should then run the VX2 Add on... this will examine your system looking for all the aggresive VX2 variants we have discovered and put into detection and remove them.... you will usually be required to restart and run Ad-Aware again after reboot...

if you are interested in finding a new variant of nail or similar nasties... the new VX2 add-in has had some improvements made to it, that will look for potential new variants...  also... if you are interested in general system analysis... we are releasing alpha versions of our analysis tool...we are looking for a commited testing team for this...  you can sign on to the "application testing program" at www.lavasoftresearch.com.. we are working hard to get something which can be used by experts and novices alike, and give a very good overview of the system... pointing out potential threats, and so forth....

this tool is also free btw..  :)
Title: Re: VX2
Post by: so82 on October 18, 2005, 02:13:17 PM
thanks for the information
Text only | Text with Images