RNDHomeUser
MIS
My system got Infected with this VX2.BetterInernet I don't know when exactly for a while I was having performance degrade on my system. I noticed that. I thought might be something with my DSL Speed. Apparently it is not that this ft1_01_0_279_gepfah.exe big file was keep downloading from web when you first see any perfomance degrade try to disconnect the internet and run the Lavasoft Adaware and SpyBot these two are only softwares which can find this VX2 Beast, I tested my machine Lavasoft adaware find traces of registries and folders for Ebates and VX2 these are two variants first they come into the system their is more but they will act in background when you uninstall Ebates from c:\Program files\Ebates. Now I rebooted my machine and tested again now I have more crap and clean your registries from Hkey_Localuser 1003 to 1004 then your internet setting are ok. Now I got alexaie.dll, Huntbar that was been download when I am on Internet that is why I have to disconnect this time and test to kill other variants manually now I saw this thread and read everything and looked and tested I didnot find VX2, but I saw in my task manager I have this service running called vgxrtxlov.exe I have to terminate this process and delete this from registry and in windows\system32 I think this EXE will be different for different users. This is the nasty one which downloads other spywares once I deleted this exe I didnot found anyothers keep downloading but still I stuck with keep getting pop-ups, next step immideately I did was check for all the new updates from microsoft and applied those also Updated my spybot and imunize my system, downloaded recent updates for lavasoft adaware. downloaded the spy sweeper and downloaded the updates. now I disconnected my DSL connection I looked into everything in C:\localsettings\users\temp folder deleted everything in their and deleted my cookies, I saw in c:\windows\prefetch deleted everything before I deleted everything I noted most recent used once I saw polall1t.exe, ft1_01_0_279_gepfah.exe, twaintec.dll in their it wont hurt if you delete them becasue they will be created as and when you use programs more frequently . after noting down all this I went to c:\windows and I found all these exe's Perinsbi.exe, polall1t.exe, ft1_01_0_279_gepfah.exe. I delted all of them manually and went to c:\windows\system32\ saw the twaintech.dll I tried to delete it it won't let me I have to unregister using run regsvr32 \u "c:\windows\system32\twaintech.dll". I have to rebot the system then I could able to delete it now I went to safe mode and checked everything my machine was clean ran lavasoft adaware, spysweeper, spybot everything came as nothing found. I was happy it took me almost three day's to figure out to get information and delete this stuff from my system now my system is back and running fast no junk cookies from hitbox, doubleclick, clickagent. My cookies are clean my internet is fast Now I am thinking to upgrate and purchase Zone Alarm incase to resist from these spyware adaware stuff comming in without my knowledge.
Look for these main variants, also look into cookies if your system is getting this hitbox, doubleclick those are symptoms you have spyware
tracker9.exe
update_1.exe
twaintec.dll
twaintec.cab
preInsTT.exe
polall1t.exe
alchem.exe
preinsbi.exe
ft1_01_0_279_gepfah.exe
Look for these main variants, also look into cookies if your system is getting this hitbox, doubleclick those are symptoms you have spyware
tracker9.exe
update_1.exe
twaintec.dll
twaintec.cab
preInsTT.exe
polall1t.exe
alchem.exe
preinsbi.exe
ft1_01_0_279_gepfah.exe
