SpyAxe
|
Popis:
|
Adware
|
|
Úroveň rizika:
|
Vysoké
|
|
Datum 1. výskytu:
|
Tuesday, April 15, 2008
|
|
Poskytovatel Softwaru:
|
SunShine, Ltd.
|
|
Stručné informace:
|
Spyaxe is an adware that issue fake warnings on your computer that it is infected with spyware and will convinced the user to purchased the full version.
|
|
Odstranění:
|
Tento škodlivý software může být odstraněn pomocí "Spyware
Terminatora"
|
ODSTRANIT SPYWARE »
Geogr. rozdělení softwaru "SpyAxe"
Info o škodlivém softwaru
Zobrazit vše
Detected Items
- Detected Files:
%SYSDIR%\svchosts.dll
MD5: 126EB09F02A5BD42CA43604069D81D05 Size:230912
MD5: FFA73BC455545D4C84EB19289BB5ED50 Size:3448
MD5: D09A4DC83FC7C99D30CB15DEB8B381DC Size:330240
MD5: 9309385EC319322164A10FC3B8BBFA99 Size:149460
MD5: 0B9F8559568FA6AF3E4BEB80F67EC010 Size:230400
MD5: DAE6E97F93530A95C8E229E2C8F9D51D Size:374272
MD5: D98C9B67216092D003E096B774731429 Size:316089
MD5: 4238AAD726B79C05485D7DEABDFCACD9 Size:216112
MD5: 8E196671A249C215C6485E806E97D105 Size:349696
MD5: 4841E4837BFD279DDDAC19665DC488FD Size:202863
MD5: AF996969C68853351119EC53B681AE6F Size:6793
MD5: FBF0075C58DBF558D7B5CF04058A85D7 Size:606269
and more....
%SYSDIR%\winppl32.dll
MD5: E8ADA414E3C35BD47E081CEA2BB584C7 Size:32256
%SYSDIR%\ippnu.dll
MD5: 0AAE30B0E6CF8DAD3E19F7C73AF7E149 Size:80896
%SYSDIR%\WINPPL32.DLL
MD5: 459B61CA8DEE6111C81CB6633E0E2800 Size:39936
%PROGRAMFILES%\spyaxe\DbgHelp.Dll
MD5: 647C65CFE03C00114A9B5D351DB4B23E Size:634880
%PROGRAMFILES%\SpyAxe\msvcr71.dll
MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size:348160
%PROGRAMFILES%\SpyAxe\msvcp71.dll
MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size:499712
%PROGRAMFILES%\SpyAxe\uninst.exe
MD5: 0FE61B873F5DE796DB3C5CED41F55B05 Size:35119
%SYSDIR%\svchosts.dll
MD5: 0C5D0DE2571E3AD7568820272E061151 Size:51066
MD5: C4B8854B41C961E9302432F148DA3133 Size:18382
MD5: 06ECBBA21C73F44BCE032CD50B66F009 Size:27318
MD5: FF2745EBCA8EA580A889E98C8FFD0598 Size:12764
MD5: 48FF7E04CC3D6D9C16E06C97E2BC8329 Size:374272
MD5: 2E4D796ECE07D80942BD6B8923252FC3 Size:970752
MD5: 69B04332F4FB69C4898F1334AC95D56E Size:1015808
MD5: 4063493400DDF2A5F1DA945F9E5EA34A Size:225331
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%sysdir%\hp???.tmp
%sysdir%\hp??.tmp
%sysdir%\hp????.tmp
%sysdir%\hp?????.tmp
%sysdir%\ld?????.tmp
%sysdir%\ld???.tmp
%sysdir%\ld????.tmp
%sysdir%\1024\hp???.tmp
%sysdir%\1024\hp????.tmp
%sysdir%\1024\hp?????.tmp
%sysdir%\1024\ld?????.tmp
%sysdir%\1024\ld???.tmp
%sysdir%\1024\ld????.tmp
%TEMP%\sj????.tmp
%TEMP%\sj???.tmp
%TEMP%\sj??.tmp
%TEMP%\sj?????.tmp
%sysdir%\WBECONM.DLL
%programfiles%\spyaxe\spyaxe.exe
%programfiles%\spyaxe\uninst.exe
%programfiles%\spyaxe\msvcp*.dll
%programfiles%\spyaxe\msvcr*.dll
%APPDATA%\Microsoft\svchosts.dll
%APPDATA%\Microsoft\ioctrl.dll
%sysdir%\svchosts.dll
%sysdir%\hp568C.tmp
%sysdir%\hpD448.tmp
%sysdir%\hp6D8A.tmp
%sysdir%\netwrap.dll
%sysdir%\wiatwain.dll
%sysdir%\REPLMAP.dll
%sysdir%\WINOQV32.DLL
%sysdir%\WINPPL32.DLL
%programfiles%\spywareaxe\uninst.exe
%programfiles%\spywareaxe\msvcp*.dll
%programfiles%\spywareaxe\msvcr*.dll
%programfiles%\spywareaxe\spywareaxe.exe
%TEMP%\sadd.exe
%sysdir%\interf.tlb
%sysdir%\IPPNU.DLL
%sysdir%\hp???.tmp
%sysdir%\se500mdm.dll
%sysdir%\simpole.tlb
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\SpyAxe ?.*.lnk
%DESKTOP%\SpyAxe.lnk
%START_PROGRAMS%\SpyAxe\SpyAxe ?.? Website.lnk
%START_PROGRAMS%\SpyAxe\SpyAxe ?.*.lnk
%START_PROGRAMS%\SpyAxe\Uninstall SpyAxe ?.*.lnk
- Files by MD5
MD5: B7B36EE3D6D2640CD1EE0A215EBD3570 Size: 19968
- Files by Directories
%programfiles%\spyaxe
%START_PROGRAMS%\SpyAxe
- Files by CLSID or Name
CLSID=3e9b951e-6f72-431b-82cf-4a9fbf2f53bc
CLSID=724510c3-f3c8-4fb7-879a-d99f29008a2f
CLSID=1ca480cd-c0e5-4548-874e-b85b17905b3a
CLSID=3bf1f86f-b1a8-489b-8d8b-43781d51411f
CLSID=e9ccf15d-4c68-4b5a-9e9a-8e12e4bd39bd
CLSID=7288c0bd-7f2f-4229-a0c4-3c90a6e2a881
CLSID=7caf96a2-c556-460a-988e-76fc7895d284
CLSID=893fad3a-931e-4e53-b515-b1426d63799b
CLSID=e0103cd4-d1ce-411a-b75b-4fec072867f4
CLSID=e0103cd4-d1ce-411a-b75b-4fec072867f4
CLSID=4da4616d-7e6e-4fd9-a2d5-b6c535733e22
CLSID=4da4616d-7e6e-4fd9-a2d5-b6c535733e22
CLSID=70f17c8c-1744-41b6-9d07-575db448dcc5
CLSID=4957bab51-81ff-8195-f273-d7e286ea702f
CLSID=250cb705-b9f5-4c77-a8c0-8d9d436fcff4
CLSID=3bb3ddaf-7867-44b1-90fc-ac425344724d
CLSID=44b2f61f-7081-4b93-ae50-cd568548e4a7
CLSID=47fbd835-e417-48f6-a04d-7b702c5052c5
CLSID=627aeb80-5854-4436-bb57-79e51c7491c1
CLSID=707b19e6-4207-4d3f-b0a8-319dba2e6b93
CLSID=78ab494d-026f-43a5-8071-e4411fd7859b
CLSID=7c987433-cab4-499a-a0ce-a518f3c54e96
CLSID=9ad637ef-97f0-4f13-aa24-e84aa5c0e1ce
CLSID=b7f4f12c-aa9d-421a-a9a6-cc5ff952a4a4
CLSID=bcfd6185-8c88-45db-9a5f-3659b05e8bd5
CLSID=c74d1fc2-a047-44fd-b1d1-2e7f193f1762
CLSID=da8da181-7b27-475c-b872-1a77751cc10a
CLSID=dea859d7-abb8-4239-b454-6731f4891560
CLSID=fcf0a3dd-9231-4625-84c6-4810bbe5f54b
CLSID=6d42e870-6d15-4c82-8c78-ecd53ff5b6f0
CLSID=27150f81-0877-42e9-af13-55e5a3439a26
CLSID=b0398eca-0bcd-4645-8261-5e9dc70248d0
CLSID=7a932ed2-1737-4ab8-b84d-c71779958551
CLSID=8d83b16e-0de1-452b-ac52-96ec0b34aa4b
CLSID=f79fd28e-36ee-4989-aa61-9dd8e30a82fa
CLSID=6ab7158b-4bff-4160-ad7d-4d622df548cf
CLSID=686a161d-5bd1-4999-8832-6393f41e564c
CLSID=5f4c3d09-b3b9-4f88-aa82-31332fee1c08
- Registry Keys
HKCU\Software\spywareaxe
HKLM\Software\spywareaxe
HKCU\Interface\{0F68A8AA-A9A8-4711-BE36-AE363EFA6443}
HKCU\Interface\{28420952-C82B-47D9-A042-FA2217D8A082}
HKCU\Interface\{3C099C83-8587-4B35-8AF0-FC3A169CE14F}
HKCU\Interface\{3FE13F31-E890-4C37-8213-4B5F9A511C26}
HKCU\Interface\{4CAD27DC-1B60-42F4-820E-316FE0A13512}
HKCU\Interface\{54874D12-C0C6-44CC-83FB-2C35202F881B}
HKCU\Interface\{54A3200B-D76E-48D1-B35C-D87EAF6D90BD}
HKCU\Interface\{663DFE59-032C-46FB-A09A-FFC2DC074F54}
HKCU\Interface\{69CE4FBC-4861-4206-8211-DD5A9EE79AD3}
HKCU\Interface\{AFA9056F-AA11-4771-AE01-04ECFDE18206}
HKCU\Interface\{B8F2487F-AA6A-4914-9A3F-DB84E6868D66}
HKCU\Interface\{E4645720-E02F-4BB2-8E6D-BE7653DD1BF2}
HKCU\Interface\{FA46B160-C9DD-4040-B9D9-CCF5D3DB5438}
HKCU\Interface\{FC1F0C2C-8117-427D-816C-215B68524F74}
HKCU\Interface\{FD1EEE96-8DC7-478D-BE3B-7D06AC67FB66}
HKCU\Interface\{FD8E5ED7-0091-416F-A55B-1D072D58A24F}
HKCU\TypeLib\{2BB3BCBF-411A-4C67-8E69-F4BB301DC333}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\spyaxe.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpyAxe
HKLM\Software\SpyAxe
HKCU\AppID\SpyAxe.EXE
HKCU\AppID\{70F17C8C-1744-41B6-9D07-575DB448DCC5}
- Registry Values
HKLM\Software\Microsoft\Windows\CurrentVersion\Run ValueName=SpyAxe
«
Jít do Databáze softwaru
