VX2

Started by so82, October 14, 2005, 07:32:36 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

so82

VX2
October 14, 2005, 07:32:36 PM
Hey,
I want some information about the vx2 add-on:
How do you know in which cases to run the add-on?
Do you have any list of vx2 variants?

thanks for all the help !

Corrine

#1
October 14, 2005, 07:46:36 PM
Hi, so82.  The VX2 variants are identified by Lavasoft as, well, as VX2.  Ad-Aware does not use "name" per se in the actual scanning but rather signatures.  Those signatures are identified to us as names when detected.  If VX2 shows up in a logfile, then you would want to also run the VX2 add-on.  Well known in the arena is nail.exe, which the VX2 cleaner does an excellent job with.  As to other names, I wouldn't be able to even hazzard a guess.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

so82

#2
October 14, 2005, 10:51:01 PM
thanks Corrine
Is there any chance you have a logfile that vx2 shows up in that you can post as an example?
Do you know what kind of effect vx2 variants have on an infected computer?

Corrine

#3
October 14, 2005, 11:09:53 PM
Sorry, so82, I don't have any recent logfiles.  If you see something with aurora in it nor nail.exe, that's VX2.  As to the effect on the infected computer -- from what I understand -- popups happening so fast there is no way to stop them.  Lots of random character files installed in the System32 folder.  Some VX2 infections are definitely worse than others. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

so82

#4
October 14, 2005, 11:23:05 PM
thank you for the information   8)

Corrine

#5
October 14, 2005, 11:50:31 PM
You are most welcome, so82.  I may not have quite the answers you are looking for, but will certainly do my best to help.

Regards,

Corrine


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

LS SteveJ

#6
October 16, 2005, 10:46:23 AM
Hey So82... the best way to see if you have Nail is to first scan with ad-aware. As Corrine said, it will detect the nail-file (no pun intended hehe) and will report that you have VX2 on your system... you should then run the VX2 Add on... this will examine your system looking for all the aggresive VX2 variants we have discovered and put into detection and remove them.... you will usually be required to restart and run Ad-Aware again after reboot...

if you are interested in finding a new variant of nail or similar nasties... the new VX2 add-in has had some improvements made to it, that will look for potential new variants...  also... if you are interested in general system analysis... we are releasing alpha versions of our analysis tool...we are looking for a commited testing team for this...  you can sign on to the "application testing program" at www.lavasoftresearch.com.. we are working hard to get something which can be used by experts and novices alike, and give a very good overview of the system... pointing out potential threats, and so forth....

this tool is also free btw..  :)

so82

#7
October 18, 2005, 02:13:17 PM
thanks for the information
Print
Go Up Pages1
User actions