Spy-ware protection

H

Hand-e-Man

New Member
Joined
Dec 26, 2005
Messages
1
Reaction score
0
Location
Cape Town
Beware Spyaxe loads automatically & cannot be deleted /uninstalled...How do I report the disgusting marketing trick and to whom?
A nasty Syware / Virus got into my PC and I cant get rid of it unless I buy it!

I have used AVG and 'Spyware-be-gone' but still the bug is there.

It is disgusting that "Spyaxe' have stooped to this invasive level to sell their product by 'raping' my computer.

How it works....a popup window appeared saying my Computer is 'infected' and a trial version automatically installed. I ran the uninstaller but an icon remains on my tool-bar with a fly-up window saying "your computer is infected"....along with a continuous & irritating popping sound. Every so often it simply logs onto the site : http://spyaxe.net/?track_id=100064 and automatically re-installs itself again.

I have used every trick I know to find and delete related files on my PC but nothing works...it remains....I believe it has even disabled my 'system restore' points and parts of the Spyware be gone program don't function now!?

I now cannot use my PC with the fly-up dialogue box covering part of my screen and the popping sound...I have also had to close my DSL connection to prevent further downloads happening.....HELP PLEASE
 
Yeah, caroper is right, MS antispyware works the best, the whole "adaware/spybot" combo is out dated and not as effective.
 
Spyaxe is part of the very annoying SmitFraud gang, grab smitrem.exe from here and run it under normal windows mode, reboot into safemode and run it again, then make sure you have decent AV/AS and run them both, with some luck everything should be fixed after the next reboot.
 
...or move over to Linux. Use Knoppix to browse the Net safely and without worries, and Windows for your games and other work.

Bah, spyware = satanspawn.
 
Bah Humbug....

Why is that that whenever something goes wrong with a Windows Box / Laptop regarding worms, spyware and viruses, someone suggests "Go Linux".

I love linux myself, but there are more security flaws in most linux distributions than windows. (This I can prove, so lets not start a Linux is better than Windows aurgument. To me the fact that more security flaws are picked up with Linux than Windows is a good thing).

The only way to keep yourself clean and safe is to use your head and common sense. Firewalls, Anti-Virus, Anti-Spyware, and if you aren't sure about something, go read up about it first before using it.
 
Crash said:
I love linux myself, but there are more security flaws in most linux distributions than windows.
Click to expand...

Agreed, I also swear by Linux but there are massive holes and most people have no clue. The average person will move to Linux because "it is more secure" without realising that its only secure if you know what you are doing (much like windows).

For example most people never give a second thought to /tmp regardless of the fact that it gives full access to all users in most distros, ie if you hardlink a file in /tmp you have read/write/execute permissions to the file. eg if I hardlinked the shadow file..... you get the idea.

If you have the slightest experience with Linux you will know that you need to stick /tmp on a seperate partition to prevent hardlinking.

I agree fully with Crash that a system is only as secure as the person controlling it and lets be honest there is always somebody smarter out there.
 
alchamy said:
For example most people never give a second thought to /tmp regardless of the fact that it gives full access to all users in most distros, ie if you hardlink a file in /tmp you have read/write/execute permissions to the file. eg if I hardlinked the shadow file..... you get the idea.

If you have the slightest experience with Linux you will know that you need to stick /tmp on a seperate partition to prevent hardlinking.
Click to expand...
As a standard for Linux on desktops, /tmp should be set to be cleaned on every boot, which would remove hardlinked files. On servers a cron job suffices. Well anyway, those are the standards I've adopted to date and have worked well so far...
 
mbs said:
As a standard for Linux on desktops, /tmp should be set to be cleaned on every boot, which would remove hardlinked files. On servers a cron job suffices. Well anyway, those are the standards I've adopted to date and have worked well so far...
Click to expand...

Thats a fair enough solution, but atleast an attempt is made to protect the system from this hole. I often wonder how many "admins" have built production systems and left /tmp as is on the server.

The only problem with that solution is that if a file is hardlinked and edited the damage is done even after a reboot/cronjob deletion
 
Last edited:
I had the whole Spyaxe thingy, but got rid of it eventually, after many hours of labour.

Now, I've got this 'DNS404 error, site has been blocked by spyware, download bla-di-bla-di-blah' to prevent contracting a STD or whatever.

Comes up seldomly,very infrequently. But irritating nonetheless.
 
I would suggest disabling "System Restore", then run a good Anti-Spyware program. Like viruses, spyware gets backed up by "System Restore".
Re-enable when the clean-up is finished.
 
Yeah Codemaster, I've seen a couple nasty worms exploit System Restore to keep themselves alive.

Trent242, you might need to re-install your PC and then be a bit more careful. Not being patronising or anything, I've had my fair share of dodgy **** on my Pc.
 
The_Unbeliever said:
But are these exploits (for example this /tmp) locally exploitable, or remotely?
Click to expand...

Both really, the /tmp idea will most likely be used by someone that has an account with limited priveleges to raise the account priveledge.

Crash said:
Trent242, you might need to re-install your PC and then be a bit more careful. Not being patronising or anything, I've had my fair share of dodgy **** on my Pc.
Click to expand...

Hehe, I think we have all had a fair amount of **** on our machines.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X