SpyAxe replacement: SpyFalcon

The name SpyAxe, top rogue anti-spsyware app of 2005, brings up anger and frustration for its many victims but now SpyFalcon has burst on the scene looking like a replacement for SpyAxe.

The name SpyAxe, top rogue anti-spsyware app of 2005, brings up anger and frustration for its many victims but now SpyFalcon has burst on the scene looking like a replacement for SpyAxe. SpyFalcon, just like SpyAxe, is being installed along with trojans through exploits. A screenshot can be seen here at SunbeltBLOG. Nick's Computer Security blog has instructions for ridding your computer of SpyFalcon in case you landed here looking for help with it.

The domain whois shows:

Registrant:
    SunShine Ltd
    David Taylor        (Whois Privacy and Spam Prevention by Whois Source)
    U-12 Gamma Commercial Complex # 47
    Rizal Highway cor. Manila Ave Subic Bay
    Olongapo City
    null,98101
    PH
    Tel. +206.9543154

Creation Date: 16-Jan-2006
Expiration Date: 16-Jan-2007

Domain servers in listed order:
    ns1.antispydns.biz
    ns2.antispydns.biz
    ns3.antispydns.biz

I wouldn't be surprised if the information is false. The IP address 195.255.176.79 belongs to Netcathost in the Ukraine and hosts 2 other domains spyfalconupdate.com and updateyourwindows.com (links to whois) and the IP address is blacklisted by spamhaus.