CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
|  reply to Profixer
Re: Lavasoft Rapid Response to SpyAxe
Thanks for the feedback LS SteveJ. I'm glad to hear Adaware continues to work on detection and removal for the new variants. We have certainly noticed an increase in cries for help here.
Meanwhile, the SmitRem tool by Noadfear can help and has been updated to include SpyAxe. New FAQ added last night to give some steps on removing SpyAxe and other Smitfraud variants:
»Security »Zlob/Smitfraud Removal
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
Profixer
join:2005-07-01
| No problem Calamity!... Its peeing us off just as much as our users, and the community, I promise you....
there is a ton of downloaders out there, installing new variants on a daily basis... and we are trying our best to get both the downloaders, and the variants they are spitting out....
I will keep you posted |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| said by Profixer  :I will keep you posted Thank you for your efforts! Appreciate it 
Was wondering why we're seeing so many new victims of this. Any idea what exploit they are using (or other method of install) so we can warn folks how to prevent it?
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
Profixer
join:2005-07-01
| There are alot being installed by variants of Trojan.Downloader.Zlob.. people should keep there eye out for svchosts.dll / svchost.dll especially... the method of choice for SpyAxe install is a fraudlent Windows Update icon in the tray, popping a bubble saying "Your computer is infected with spyware, click here to install the latest anti-spyware"... or something of that nature.... |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL | Thanks again, Steve. Keep us posted on any developments! |
|
