1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Possible fairly simple solution to mssearchnet/spyaxe/searchtoolbar problem

By Polar
Apr 22, 2006
  1. Phew. Spent all of last night and most of this morning trying to kill this thing, but I finally managed to nix it. A lot of my work was blindly fumbling about in the dark here, but I'll recount as best I can. I'm sure there are ways to more efficiently get rid of this thing, but this method is something easier than downloading three programs, editing thirty or fourty registry keys, learning linux in 3 easy steps, beating mother Teresea in a contest to decide who can be the most passivley resistant, you get the idea.

    Firstly: I panicked. You might want to skip this step, as I assure you it leads to unecessary unpleasantess.

    Secondly: I ran checks with Mcafee and MSanti, MSanti picked it up, but didn't successfully clean it, Mcafee deleted a few temporary files that were apparently causing trouble, but didn't solve the problem either.

    After this, MSanti (or perhaps it was Mcafee, but I'm 90% sure it was MSanti) popped up saying that it was cleaning Spyaxe from my computer. (And it in fact did.) I'm going to guess this is what saved me from the brunt of the infection. Unfortunatley, I still had mssearchnet, nvcrtl, and Security Toolbar. So I went to work. Google revealed a post on this site made by Weshemp, which gave me the names of the files that were causing the trouble, the same names I'd figured looked out of place in the process manager.

    First I did the regedit (which I never would have done unless I had checked the post) deleting two keys tied to a search for mssearchnet and another tied to nvctrl. After that, I whipped out the weapons, in this case DrDelete, and, in the words of George Carlin, I waxxed the mother f***ers. I deleted every instance of nvctrl and mssearchnet I could get my paws on, and then, as an afterthought, killed Security Toolbar as well. I rebooted, and nvsctrl and mssearchnet were gone from the active processes list (and indeed the machine), but STB remained. After trying a number of things which are insignificant because they didn't work, I decided to try doing a system restore. I only had to restore to two days ago (because I contracted this vile thing last night) but I ended up restoring to sometime last week.

    After the restore, everything is working nominally, I imagine I could have just restored to begin with and it would have fixed the problem, but, also in the words of George Carlin, we don't have time for rational solutions.

    I hope this helps at least one person, this thing was bloody frustrating to get rid of.

  2. Peddant

    Peddant TS Rookie Posts: 1,446

    Capital punishment for spyware writers,that`s what I say.

    If you get any more problems,or want to avoid getting any more problems check THIS
    post out.The prevention bit is at the bottom.And welcome to Techspot.:)
  3. Polar

    Polar TS Rookie Topic Starter

    Here here! Public floggings would do well there, I think. =P And thanks. I don't know what sort of help I'll be able to be, as I'm only slightly software savvy, and have only a bit of hardware knowledge, but I'll see if I can't lend a hand here and there.

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...