Re: i screwed up! i had spyaxe and trojan zlob.. tried to remove i

Tech-Archive recommends: Fix windows errors by optimizing your registry



"David H. Lipman" wrote:

> From: "ph23vo" <ph23vo@xxxxxxxxxxxxxxxxxxxxxxxxx>
>
> | i was told to modify a file in [regedit] but i accidentally deleted it...
> | and to top it off i had disabled system restore and it dumped all my previous
> | restore points.. the file i think i deleted is..."shell"= Explorer.exe out of
> | HKEY_LOCAL_MACHINE\ software\microsoft\windows\current version\winlogon can
> | anyone tell me if that file should be in there [ what it does ] and can i
> | somehow replace it? i get a ACCESS IS DENIED when i try and download XP home
> | pack 2...my memory is hazy as i have been working on this all day..appr it
> | dan
>
> Next time ask anti malware questios in the *RIGHT* locations and you'll get the correct
> advice.
>
> There are anti virus News Groups specifically for this type of discussion.
>
> microsoft.public.security.virus
> alt.comp.virus
> alt.comp.anti-virus
> alt.privacy.spyware
>
>
>
> Two part reply..
>
> Perform Part 1 then perform Part 2.
>
> If the first two parts don't work, perform the alternate utility.
>
> It is suggested that you execute each tool in Normal Mode then in Safe Mode.
>
> If you are using any version of Sun Java that is prior to JRE Version 5.0,
> then you are strongly urged to remove any/all versions that are prior to JRE
> Version 5.0. There are vulnerabilities in them and they are actively being exploited.
> It is possible that is how you got infected with malware.
>
> Therefore, it is highly suggested that if there are any prior versions of Sun Java
> to Version 5 on the PC that they be removed and Sun Java JRE Version 5.0 Update 6
> be installed ASAP.
>
> http://www.java.com/en/download/manual.jsp
>
>
>
> Part 1
> -----------
>
> Use noahdfear's SmitFraud and SpyAxe removal tool -- SmitRem.exe
> http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
>
> http://www.bleepingcomputer.com/forums/topic36868.html
>
>
> Part 2
> -----------
>
> Download SmitFraud.exe from the URL --
> http://www.ik-cs.com/programs/virtools/SmitFraud.exe
>
> Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
> Choose; Unzip
> Choose; Close
>
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
> FireWall to enable WGET.EXE to download the needed McAfee related files.
>
> Execute; c:\mcafee\clean.bat
> { or Double-click on 'Clean Link' in c:\mcafee }
>
> A final report in HTML format called C:\mcafee\ScanReport.HTML will be generated. At the
> end of the scan, it will be displayed in your browser (Opera, FireFox or Internet Explorer).
> It is suggested that you move the report out of c:\mcafee before performing another scan.
>
> ALTERNATE:
>
> Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal tool.
>
> http://secured2k.home.comcast.net/tools/AntiPuper.exe
>
> http://forums.mcafeehelp.com/viewtopic.php?t=65072
>
>
> Please Copy and Paste the contents of the HTML Log file; C:\mcafee\ScanReport.HTML in your
> reply.
>
> * * * Please report back your results * * *

dave thanks the above is what i finally found and it removed the spy axe
and zlob .. however when i tried to update at microsoft.com the update pack
2 loads halfway and then goes to "access is denied" theres still something
wrong as my computer is slow and acts sluggish [maybe due simply to a half
installed pack 2 dont know] unfortunately the original info i had got was
where i screwed up this deal is there a tool for repairing/replacing missing
files in regedit ? thanks for the help dan
>
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
>
.

Relevant Pages

  • Re: i screwed up! i had spyaxe and trojan zlob.. tried to remove it...
    ... | and to top it off i had disabled system restore and it dumped all my previous ... It is suggested that you execute each tool in Normal Mode then in Safe Mode. ... then you are strongly urged to remove any/all versions that are prior to JRE ... Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal tool. ...
    (microsoft.public.windowsupdate)
  • Re: Strange anti-virus program is on my computer!! Help me get rid of
    ... then you are strongly urged to remove any/all versions that are prior to JRE ... Use noahdfear's SmitFraud and SpyAxe removal tool -- SmitRem.exe ... FireWall to enable WGET.EXE to download the needed McAfee related files. ... Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal tool. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: spysheriff (SPYware)
    ... It is suggested that you execute each tool in Normal Mode then in Safe Mode. ... If you are using any version of Sun Java that is prior to JRE Version 5.0, ... FireWall to enable WGET.EXE to download the needed McAfee related files. ... Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal tool. ...
    (microsoft.public.windowsxp.general)
  • Re: spysheriff (SPYware)
    ... > you are are strongly urged to remove any/all versions that are prior to JRE ... > FireWall to enable WGET.EXE to download the needed McAfee related files. ... > Secured2K's SpyAxe, PSGuard, Smitfraud, Sinnaka and Alemod removal tool. ... > Please Copy and Paste the contents of the HTML Log file; ...
    (microsoft.public.windowsxp.general)
  • System shuts down while online
    ... Ralph ... >Prior to Feb 01 wasn't having any problems but heard ... > Ran the removal tool again, ... >on line and try to download something a window pops up ...
    (microsoft.public.windowsxp.security_admin)