Hi Flyersguy
yep, is a PITA
Try this for "betterinternet"
This is how I finally got it cleaned.
With regedit
Hkey_local_machine\software\microsoft\windows nt\current version\winlogon\notify\guardian
Right click on the guardian folder and select permissions
Advanced button
Uncheck inherit from parent permissions
You should be able to clean in off after that.
You will have to click remove on the first little window that comes up .
Then you will have to click apply, and then ok.
After that you will have to remove the offensive files.
The two files you probably want to delete are :
C:\WINDOWS\SYSTEM32\akmpvcno.cpy.dll
and
C:\WINDOWS\SYSTEM32\akmpvcno.dll
You may be able to delete akmpvcno.cpy.dll once you remove the permissions from 'guardian' I think. However, you will have to restart your machine to remove akmpvcno.dll
So restart, This worked for me, but my 'offensive' files were named afsldpc.cpy.dll and afsldpc.dll adaware only noticed afsldpc.cpy.dll .
I should also note that I am using windows XP home. I knew this worked right away when I restarted because it didn't sit there loading up my personal preferences FOREVER anymore.
good luck and i hope this works for you too.
(p.s. do an adaware scan after you are finished to see if you actually killed it, and to clean out all the gunk it leaves behind)
I removed permissions. I left the guardian 'folder' thinger there. It's turned into an empty folder, and I'm happy with it if it really wants to be there.
then i restarted and removed the 2 dll files in the system32 directory. It's 3 days later, and still no sign of vx2.
Found it here: http://www.lavasoftsupport.com/index.php?showtopic=24265
Have to look around for VIRTUMUNDO though ... will post if I find something\anything
Today upon doing some normal surfing, I got some terrible spyware on my machine.
At first, the spyware acted as a Browser hijack and completely took away my internet. After doing a few ad-aware and spybot scans, I regained the use of my internet, however, I am still getting tracking cookies and spyware registry files placed on my system everytime I reboot or after a few minutes of the computer being idle.
I took this from my Ad-Aware scan log...this is the spyware that started it all and I think may be causing my current spyware....Can anyone make sense of this? Betterinternet was given access by my firewall for the internet (i accidentally clicked yes to allow it...I removed that program from the firewall now though)
VX2.BETTERINTERNET