« Research In Motion to be discussed, Mon., Dec. 12, 2005, 4:54 PM | Main | The Fed speaks, but are you listening?, Tues., Dec. 13, 2005, 2:25 PM »

December 13, 2005

Computer Problems

I just wanted to send out a quick note that my PC was over-run by the Spyaxe virus late yesterday. I have Norton, AVG, ewido, SpyDoctor, SpyHunter, Spybot, Ad-Aware, and Microsoft AntiSpyware (count them 8 anti-virus "solutions") and nothing either stopped Spyaxe or, after eliminating it, can keep it out. My system is now running at about 1 pct efficiency, so it is basically useless and it took me 45 minutes to post this message.

I understand there is a lot happening today in the precious metals markets, and regarding the FOMC meeting, but if you can't work, you simply cannot work.

Posted by Posted by Bill Cara on December 13, 2005 08:29:01 AM | Category: Blogging World

Discourse

Hi Bill,
My name is Andrew and I saw you were having computer problems. I have my own computer business and would be happy to help you (free of charge) if you would like! Depending on the problem, I may be able to connect to your computer and fix it through the internet, again at no charge. Perhaps you may want to use me down the road for any computer issue's, sales, service, or tech support.

I hope to hear from you soon,
Andrew E.
computercorner@optonline.net
201-923-9456

Posted by: Swick1981 [TypeKey Profile Page] at December 13, 2005 10:23 AM [link]

Bill:

Spyaxe claims to be "latest and one of the most technologically advanced applications on the Internet for detection and removal of potentially undesired items". If so, they should make it possible to remove the software by the usual means.

My suggestion is:

1. Look for a tray icon on the bottom right hand corner for the Spyaxe program, right click it and see if there is an option to exit the program.

2. Click Start > Settings > Control Panel > Add/Remove Programs

Good luck.

Teresa

Posted by: Teresa Lo [TypeKey Profile Page] at December 13, 2005 11:00 AM [link]

Spyaxe is apparently malware, an anti-spyware program reported to issue fake warnings and hijack your browser to manipulate you into buying its full commercial version. User reports I've seen indicate that it can not be removed normally, even in safe mode, and the removal tools supplied by the vendor either do not work or cause further damage. Some users state that the "smitRem" malware removal tool has been updated to handle Spyaxe removal and will work; I can not personally vouch for this but see http://www.bleepingcomputer.com/forums/topic36868.html

Posted by: RW [TypeKey Profile Page] at December 13, 2005 11:41 AM [link]

I heartily recommend Fred Langa and the LangaList (free) Newsletter for his advice on how to keep on top of your computer. Here is the link to his articles on backing up your system and data so you won't have these problems again.

http://www.langa.com/backups/backups.htm

David

Posted by: davidtr4 [TypeKey Profile Page] at December 13, 2005 12:20 PM [link]

Spyaxe pretends to be anti-spyware but is actually a virus that immediately re-generates itself as soon as these other anti-virus products "clean" it. But if you do a full system scan and fix, which may take 90 minutes or more (I have a lot of files and programs), where it is technically removed, Spyaxe returns 5 seconds later. So in reality there does not seem to be any removing it.

I'm trying to figure out if somebody has control of my system, or just simply blackmailing me into buying their product to make this problem go away. If it's the latter, then judging from the M-O, the blackmailer will return, and you will be forced into an endless iteration of problem-payment-fix problem-payment-fix.

The only way to stop this -- if the law doesn't care to step up here -- is to set a contract to 'off' this guy, who says he is Joshua Veronimo of Manila Philippines +206.339.5073, but is probably Jimmy Smith, 15-year old child of Dr. and Mrs. Smith of Anytown USA.

I believe that some authority somewhere knows who this person is, so I wonder why nothing is done.

I am sure the perp's name is not Osama, and he is not initiating these problems from a cave somewhere in the mountains of Afghanistan.

And since Microsoft products are the ones under attack, I just cannot understand why Bill Gates doesn't personally say, enough is enough.

Three times in a year... I get the message.

Maybe I ought to be writing and uploading my blog from Internet cafes, and stick them with the problems... Do you think?

Posted by: Bill Cara [TypeKey Profile Page] at December 13, 2005 12:32 PM [link]

I don't know how computer savvy you are, but you might want to consider running Linux instead of Windows. When I realized that most of what I use are my web browser and email and realized that both programs were available on Linux, I switched right over. It's not as easy to use, but I am willing to put up with a few rough edges in order to avoid the constant onslaught of viruses and spyware that seems to be out there. If you are curious, download a Ubuntu Linux Live CD and give it a try ( http://www.ubuntulinux.org/download/ ). The Live CD lets you run Ubuntu Linux without actually installing anything on your hard drive, so there is no risk of losing data. If nothing else, it may give you a way use your computer to access the web without Spyaxe interfering. Just a thought.

Posted by: korvus [TypeKey Profile Page] at December 13, 2005 12:40 PM [link]

Bill,

The type of ad/mal/spyware you're referring to works by installing multiple executables with multiple associated registry entries, each of which checks for the existence of one or more of the other. Thus, if you delete one program/registry entry, an alternate program instance will re-create the "killed" offender subsequent to checking for it's existence w/o finding a response. This type of circular integrity check ensures that most SpyWare programs cannot eliminate their existence (at least on Winblows).

Google the spyware name, coupled with "removal", and look for instructions that point to removing startups and editing the registry. Sadly, you're pretty much guaranteed to be forced to remove manually.

As far as "virus scanners", check out PC-Cillin... much better than any of the others you listed in terms of virus protection.

Posted by: Joe_Blow [TypeKey Profile Page] at December 13, 2005 1:12 PM [link]

Bill,
The best spyware removal tool I have used is "Hijack This!" It can be a bit complicated. Instead of pressing a magic button to get rid of the spyware, the program creates a log file. You then need to research whether the contents of the log are good or bad. It will delete whatever items you select. The effort is worth it though. The program actually works.
http://www.spywareinfo.com/~merijn/downloads.html

http://www.spywareinfo.com/~merijn/htlogtutorial.html

http://hometown.aol.co.uk/jrmc137/hjttutorial/tutorial.htm

Posted by: tremendous11 [TypeKey Profile Page] at December 13, 2005 2:39 PM [link]