Hi Ron,
I think MAS did a pretty good job on the VX2-infected PC. There were quite a few other things (spyware/malware/data miners/tracking cookies, etc.) as well. I just ran MAS in normal XP mode (not Safe Mode). After the scan, I did not see any mention of having found VX2, but I just took all the default suggestions to delete or ignore the things MAS found.
After reboot, I ran HJT ver. 1.99.0, which found the LSP problem I had noticed before. When you try to delete the LSP entries, this current HJT version says 'sorry I can't do it, but check here' and provides this link:
http://www.cexx.org/lspfix.htmI ran LSPfix which did fix the problem. With previous versions of HJT, you could check the LSP checkboxes, but the problem would return after reboot.
So this PC is clean now; I have rebooted several times. I ran the Ad-Aware VX2 add-in, and VX2 was not found.
We are probably going to install MAS (when RTM is available), replacing Spybot S&D, on the client PCs on my network.
So it seems, from what you say, MAS is a mixed bag. We will need to try it on more infected PCs to get a better idea, of how useful MAS is.
:-) Jay
check Facebook
