Rogue 'anti-spyware' on the prowl

CIOL Bureau
New Update

NEW DELHI: A warning has been issued against a rogue anti-spyware program, which anti-virus and content security software provider MicroWorld claimed to be a spyware.


According to a MicroWorld statement, “SpyAxe is a purportedly anti-spyware program that kills spyware found on your computer. It has been doing rounds since the first week of December 2005 when it was spreading at a rate 2500 PCs per hour, with a sure chance of much faster spread rate by now.”

MicroWorld said that SpyAxe works through a known trojan horse to display annoying popup windows. The alerts warn the user that user's pc is affected with spyware, prompting you to click on the same. If you click on the popup it starts downloading the malware.

It has high profile and stylish marketing methods and SpyAxe claims itself to be a truly legitimate firm. For starters, it gives a false address for the company.


After SpyAxe is installed, it will conduct scans on the computer in a hogwash manner. SpyAxe can't be uninstalled from the Add/Remove Programs list of Windows. This tool makes high use of false positives, even detecting a registry key that belongs to the Windows operating system.

SpyAxe is installed by the trojan horses Trojan-Downloader.Win32.Zlob, ZToolbar and Trojan.Puper.

A new program called SpywareStrike is another addition to this disguised malice. This one charges you $49.99 to invade the personal computer. SpywareStrike came into the market On December 20, 2005, located at a URL of the same name.

The marketing is very much identical to that of SpyAxe, with a very similar logo. SpywareStrike is installed via trojan horse, direct download from the site, or comes from a left over after the manual disabling of SpyAxe.