SpyAxe - A Warning

  PaulB2005 20:46 07 Dec 2005

click here

By the way AdAware click here released an update today (7/12/05) which clears SpyAxe/

  VoG II 20:54 07 Dec 2005

Very timely - just look at the number of threads click here

  PaulB2005 20:56 07 Dec 2005

That's why i posted it. I came across the page and as it has a number of screenshots i though i'd post it here.

It does seem to be hitting hard.

See also the entry at click here

CTRL+F enter SpyAxe. Hit enter twice.

  PaulB2005 23:18 07 Dec 2005

The 2nd December Spybot S&D update also added this to it's detection engine. click here

As did Adaware today

  PaulB2005 12:11 09 Dec 2005


  VoG II 14:23 09 Dec 2005

We have received numerous reports from customers and users about the ever increasing problem of SpyAxe.

SpyAxe is an Anti-Spyware application which is currently known to be installed without user consent.

Users can be misled by a fake 'Windows Update' message generated by a trojan, claiming that "Your computer is infected" and advising you to click a link to install SpyAxe.

Du to the increase in complaints and variants in the last few days we are releasing a rapid response update to address this problem.

You may update your Ad-Aware application by using the webupdate feature, or by downloading the definition file from click here

  PaulB2005 22:19 10 Jan 2006

bump and close

  PaulB2005 23:25 10 Jan 2006

Seems to be a new variant. Brothers PC has SpyAxe but it's resisiting all the usual suspects. Removed a variety of Trojan Downloaders and other malware but the last one is persistant.

Can't even trace how it gets started on the PC....

  maitreya667 15:22 12 Jan 2006

SpyAxe removal steps
Summary: This document explains how to manually remove SpyAxe from the computer.

Removal Instructions

Boot into Safe Mode with Networking
Shut the computer down so the power is off.
Wait 20 seconds or so.
Turn the computer on and immediately begin pressing the F8 key on the keyboard once every second repeatedly. Do this until the Windows Startup Menu appears. If you get a keyboard error, press F1 to resume and then continue pressing the F8 key once every second.
Select option Safe Mode with Networking, and then press the Enter key on the keyboard.
Windows will then boot into Safe Mode.
Note: This may take longer than a normal boot.
At the end of the boot process, a dialog box will appear informing you that Windows is in Safe Mode. Click OK on this dialog box.
Windows is now in Safe Mode.

Once you are in Safe Mode with Networking do the following:
Click Start button
Click Run
Enter the following text: C:\Windows\System32
A window with a list of files will appear.
Delete the following files from the window:
Note: To delete the files single click on the file so it is highlighted and then press the Delete key on the keyboard to delete.
hpA75B.tmp or all the files similar to hpXXXX.tmp where X may be any character.
Note: If some files do not remove please reboot again and come back to Safemode with Networking and try removing the files again.

Remove Spyware from Add/Remove Programs
Click on the Start button
Highlight then click on Control Panel. The Control Panel will then appear.
Windows 2000 users - Highlight Settings then click on Control Panel. The Control Panel will then appear.
Double click on the Add/Remove Programs icon. The Add/Remove Programs Properties dialog box will then appear.
Locate SpyAxe on the list of installed programs and single click on it so it is highlighted.
Click the Add/Remove button.
Note: If at any time you are prompted to remove Security Tool, answer Yes To All.

Delete the Registry Keys
Backup the Registry
Note: For instructions, in how to backup the registry click here.
Click Start, and then Run.
In the Open field, type regedit. This will open the Registry Editor.
Search for the following entries one by one and delete all the instances of it from the registry:
Note: To find the entries Click on the Edit menu and click on Find. In the Find What field, type the name of the entry and click on Find Next. When the instance is found Press the Delete key on the keyboard to remove this entry.
Close regedit
If you have Windows XP SP2, open Internet Explorer. If you don't have Windows XP SP2 ignore this step.
Click on Tools
Select Manage Add Ons and click
Select HomePageBHO and disable it
Select and disable Security Update Tool bar from the Add Ons.

Check if SpyAxe folder is present in your computer
Click Start (bottom left corner of your screen)
Click Run
Enter the following text: C:\Program Files
A window with a list of files will appear.
If SpyAxe folder is present, delete it
Your computer will start in normal mode and the issue will be resolved.

<a href="click here">Info on SpyAxe</a>

  Monument 15:50 12 Jan 2006

or you can just run this and let it do it for you click here

  PaulB2005 16:00 12 Jan 2006

Eh? I posted to this thread yesterday!!

It appears we had a new varient of the file that causes the popups called wiatwain.dll. The SmitRem program didn't work, however, i've now submitted the file and the CLSID to the author and he's updated SmitRem to remove this version.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 5T review: Hands-on

Illustrator Andrés Lozano on his improv line work, brazen use of colours & hand sketching

iPhone X review

Comment envoyer gratuitement des gros fichiers ?