LD SoftwareBespoke Software, Web Design, Security Consultants and Host Services.

Menu

Sentinel
You have been warned!
We have caught 5852 shameful hackers.

NukeSentinel(tm)

Paypal Referral
Sign up for PayPal and start accepting credit card payments instantly.

Link Exchange
Join our free link exchange

Click Here
 
SpyAxe

Online Advertising

SpyAxe

SpyFalcon | SpywareStrike

From Wikipedia the free encyclopedia, by MultiMedia

Back | Home | Up | Next


SpyAxe is a new (as of December 2005) malware that is infecting unsuspecting computers by actually pretending to be an antispyware application. It is typified by an icon in the system tray that has a constant popup saying the computer has been infected. If the user clicks on the popup, the web browser will ultimately be directed to the SpyAxe homepage, with an invitation to sign up for their service. Credit card payments go through something call "psbill", which appears to be based in Russia. There are several variants of this spyware. It is hard to remove because often it includes a rootkit. In early 2006 SpyAxe was rebranded or cloned to SpywareStrike. It also goes under the guise of "SpySheriff". It may attempt to change the computer's wallpaper/desktop and permanently change Internet Explorer's homepage, even though a different one has been selected in "Tools - Internet Options - Home Page." This is done via group policy.

Amongst others, SpyAxe installs the following:

Processes

  • mscornet.exe
  • mssearchnet.exe
  • nvctrl.exe
  • spyaxe.exe (multiple instances)

DLLs

  • ioctrl.dll
  • svchosts.dll
  • webconm.dll
  • wbeconm.dll

Directories

  • C:\Program Files\SpyAxe
  • C:\Windows\System\1024
  • C:\Windows\System32\1024
  • C:\Winnt\System32\1024

External links


Home | Up | Keystroke logging | AntiVirus Gold | Bonzi Buddy | C2.LOP | CoolWebSearch | HuntBar | Internet Optimizer | PSGuard | SpyAxe | SpyTrooper | WorldAntiSpy | XXXDial | Zango Messenger | Phone Home | Claria Corporation | Cydoor | New.net

Online Advertising, made by MultiMedia | Free content and software

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

 
You can syndicate our News with backend.php And our Forums with rss.php
You can also access our feeds via Feedburner Site News and LD Software Forums
© 2009 ld-software.co.uk All Rights Reserved.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.38 Seconds