Home > Please Help > Please Help! Spyaxe

Please Help! Spyaxe

Started by glewjgmlermnglermg, Dec 05 2005 01:00 PM This topic is locked 8 replies to this topic #1 glewjgmlermnglermg glewjgmlermnglermg Member Full Member 4 posts Posted 05 December 2005 - 01:00 Click OK. Phm, how could i locate the file once in safe mode? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program

At one point when the tool runs, your taskbar will disappear, and your computer will restart when the tool completes.Submit the log from Spyaxefix (present in spyaxefix - folder)Submit also a Click OK. If you or anyone else happen to think of anysolutions please post them here for me. Back to top #6 Papakid Papakid Guru at being a Newbie Malware Response Team 6,398 posts OFFLINE Gender:Male Local time:07:52 PM Posted 07 January 2006 - 01:51 AM This thread website here

Here is my HijackThis log file:Logfile of HijackThis v1.99.1Scan saved at 17:55:29, on 05/12/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exec:\PROGRA~1\mcafee.com\vso\mcvsrte.exeC:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exec:\PROGRA~1\mcafee.com\vso\mcshield.exeC:\PROGRA~1\COMMON~1\Stardock\SDMCP.exeC:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\SOUNDMAN.EXEC:\PROGRA~1\mcafee.com\vso\mcvsshld.exeC:\PROGRA~1\mcafee.com\agent\mcagent.exec:\progra~1\mcafee.com\vso\mcvsescn.exeC:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Spybot - Search Also check for updates:Ad-Aware SE SetupAgain, do NOT run a scan yet.Next, please reboot your computer in Safe Mode by doing the following:Restart your computerAfter hearing your computer beep once during Register now! Click OK.

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. In order for you to receive the best help we need to see a log from your machine to help you.Please follow th instructions here:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/phm, would you be so kind as I deleted the mscornet.exe, nvctrl.exe, and mssearchnet.exe from my windows/system32 folder, and I ran adaware, but it's still there. CM jedi My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

Let me know if you didn't, it's worth running to be on the safe side. Please remove the blank lines in the log before submitting it. Back to top #8 jw50 jw50 Forum Deity Retired Staff 18,969 posts Posted 03 January 2006 - 10:11 PM Hi matty, Just post whenever you get a chance Back to top http://www.bullguard.com/forum/10/SpyAxe-Please,-PLEASE-Help_26237.html Until this p.m.

Back to top #5 glewjgmlermnglermg glewjgmlermnglermg Member Full Member 4 posts Posted 05 December 2005 - 02:22 PM Hi, i checked in add and remove programs there was nothing in there Click Startup Settings under Pick a Category. Mine was last modified right at the time I noticed the problems, which made me feel comfortable enough to delete the file. Please re-enable javascript to access full functionality.

Back to top #2 jw50 jw50 Forum Deity Retired Staff 18,969 posts Posted 07 January 2006 - 11:55 PM Hi, welcome to the forums. https://forums.spybot.info/showthread.php?1290-Please-Help-me-with-SPYAXE If you still need help please post a fresh HiJackThis log and I will review it. I will be happy to take a look at it for you. Several functions may not work.

If I boot up in Safe Mode, the symptom is still present, however if I boot up in Safe Mode w/Command Prompt, the symptom is NOT present. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Jump to Even if I boot up in Safe Mode with the network cable disconnected, the symptom IS present (although, of course, the downloads do not occur).Here is my most current HijackThis log. I would be very grateful for any assistance that any kind soul here wishes to provide.

Please help! Else sites like this will go the way of the Dodo. (Click Me) Back to top #5 boschmann22 boschmann22 Members 1 posts OFFLINE Local time:08:52 PM Posted 07 January 2006 Once I get to the Safe Mode w/Command Promt screen... SpywareStrike is downloaded and installed about once every 30 minutes.

Register now! Found your solution, but I don't have your expertise. Go to Start > Settings > Control Panel > Add/Remove Programs.

Edited by mageweave, 05 December 2005 - 02:04 PM.

SpyAxe/Trooper Infection Started by matty1, Dec 13 2005 02:52 PM This topic is locked 8 replies to this topic #1 matty1 matty1 Member Full Member 4 posts Posted 13 December 2005 Did you run the SmitRem tool? Remove everything found.Now open Ewido Security SuiteClick on ScannerMake sure the following boxes are checked before scanning:BinderCrypterArchivesClick on Start ScanLet the program scan the machineWhile the scan is in progress you Popped up again under the "SpywareStrike" label.

Back to top Back to Resolved or inactive Malware Removal 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear SpywareInfo Forum → Sorry it has taken so long to get back to you but we have been swamped. Everyday is virus day. nasdaq Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ] [ Housecall online virus scan ] [ Bitdefender online virus scan ] [ AVG antivirus ]

Im also recieving anoying popups with various different messages in the taskbar to try and convince me again that the only way to remove its spyware is by paying for and Adam Smith Glasgow, 1760 Back to top Back to Resolved or inactive Malware Removal 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear It is found in C:\Windows\System32 folder. Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.

It's best for this tool NOT TO be located in your Desktop or in a TEMP folder.