SpyAxe replacement: SpyFalcon
The name SpyAxe, top rogue anti-spsyware app of 2005, brings up anger and frustration for its many victims but now SpyFalcon has burst on the scene looking like a replacement for SpyAxe. SpyFalcon, just like SpyAxe, is being installed along with trojans through exploits. A screenshot can be seen here at SunbeltBLOG. Nick's Computer Security blog has instructions for ridding your computer of SpyFalcon in case you landed here looking for help with it.
The domain whois shows:
Registrant:
SunShine Ltd
David Taylor ()
U-12 Gamma Commercial Complex # 47
Rizal Highway cor. Manila Ave Subic Bay
Olongapo City
null,98101
PH
Tel. +206.9543154
Creation Date: 16-Jan-2006
Expiration Date: 16-Jan-2007
Domain servers in listed order:
ns1.antispydns.biz
ns2.antispydns.biz
ns3.antispydns.biz
I wouldn't be surprised if the information is false. The IP address 195.255.176.79 belongs to Netcathost in the Ukraine and hosts 2 other domains spyfalconupdate.com and updateyourwindows.com (links to whois) and the IP address is blacklisted by spamhaus.