| View previous topic :: View next topic |
| Author |
Message |
JDUB22
Newbie
Joined: 03 Dec 2005
Last Visit: 10 Dec 2005
Posts: 1
|
 Posted: Sat Dec 03, 2005 11:57 pm Post subject: WARNING! Identity Theft by Spy Axe, Spy Trooper, and The Spy |
 |
|
WARNING!!! Identity Theft by Spy Axe, Spy Trooper, and The Spy Guard
First off let me tell you there is absolutely NOTHING genuine about any of these companies, Spy Axe, Spy trooper, and The Spy Guard. Ask yourself three simple questions:
1. Why did they force their program on my computer?
2. Why is it almost impossible to unistall their program?
3. Why doesn’t the company offer advice on its website on how to unistall it?
Obvious answer is the correct answer. They are crooks.
Recently Spy Axe infected my computer and now my IE keeps opening up to UpdateYourSystem.com and trying to sell me one of three software programs; Spy Axe, Spy Trooper, and The Spy Guard. This website is specifically designed to trick to average consumer like myself into thinking this is a Microsoft security update coming from a secure Microsoft website. I am embarrassed to say that I fell for it.
Needless to say I purchased the software thinking it would fix the “Security Alerts”, and “Spyware Infection(s)” that had recently taken control of my computer. Little did I know all these problems were the result of Spy Axe and its malicious program.
Shortly after purchasing the software I received a call from my credit card company asking me if I had made online purchases in excess of $14,000. Obviously I had not.
To make a long story short I spoke with the company that received the false order from my credit card and they directed me to the detective in charge of the investigation. He informed me that these entities are part of a credit card and identity theft network that is operating oversees mainly in Russia and Manila.
Below I have provided some basic information about the four companies involved. Spy Trooper, The Spy Guard, Spy Axe, and UpdateYourSystem.com. Take a look at the registrant information for UpdateYourSystem.com:
Registrant:
Mag
Dicacik (mag@sexpicsporn.com)
Need I say more?
I am embarrassed to admit that I was taken advantage of and hopefully my story will help others. Please post this story on other websites.
Thank you.
____________________________________________________________________________
Registration Service Provided By: KUKARAKA DOMAINS REGISTATION SERVICE
Contact: +021.2223713
Domain Name: SPYTROOPER.COM
Registrant:
Popandopulos Ltd
Alison Popandopulos (crystaljones@list.ru)
2 Pyramid, Room 34
Chalkidiki
Chalkidiki,126322
GR
Tel. +001.41512345678
Creation Date: 26-Aug-2005
Expiration Date: 26-Aug-2006
Domain servers in listed order:
61143.managedns1.estboxes.com
61143.managedns2.estboxes.com
61143.managedns3.estboxes.com
61143.managedns4.estboxes.com
Administrative Contact:
Popandopulos Ltd
Alison Popandopulos (crystaljones@list.ru)
2 Pyramid, Room 34
Chalkidiki
Chalkidiki,126322
GR
Tel. +001.41512345678
Registration Service Provided By: ESTDOMAINS
Contact: +372.55647646
Website: http://www.estdomains.com
Domain Name: THESPYGUARD.COM
Registrant:
Nelroy LTD
Emilios Hadjivangeli (nelroy@yandex.ru)
Suite 206, Victoria House, State House Avenue
The Republic of Seychelles
Victoria
Victoria,5443453
SC
Tel. +002.22334245
Creation Date: 17-Aug-2005
Expiration Date: 17-Aug-2006
Domain servers in listed order:
managedns1.estboxes.com
managedns2.estboxes.com
managedns3.estboxes.com
managedns4.estboxes.com
Registration Service Provided By: WMDomains.NET
Contact: support@wmdomains.net
Visit: http://www.wmdomains.net
Domain name: SPYAXE.COM
Registrant Contact:
U-12
Joshua Veronimo (admin@spyaxe.net)
+632.8323123
Fax: +632.8323123
U-12 Gamma Commercial Complex # 47 Rizal Highway cor. Manila
Olongapo City, 1300
PH
Administrative Contact:
U-12
Joshua Veronimo (admin@spyaxe.net)
+632.8323123
Fax: +632.8323123
U-12 Gamma Commercial Complex # 47 Rizal Highway cor. Manila
Olongapo City, 1300
PH
Registration Service Provided By: ESTDOMAINS
Contact: +372.55647646
Website: http://www.estdomains.com
Domain Name: UPDATEYOURSYSTEM.COM
Registrant:
Mag
Dicacik (mag@sexpicsporn.com)
P.O Box 3728
Praha
null,4749
CZ
Tel. +420.484020829504
Creation Date: 22-Oct-2005
Expiration Date: 22-Oct-2006
Domain servers in listed order:
ns1.updateyoursystem.com
ns2.updateyoursystem.com
Administrative Contact:
Mag
Dicacik (mag@sexpicsporn.com)
P.O Box 3728
Praha
null,4749
CZ
Tel. +420.484020829504 |
|
| Back to top |
|
 |
Nick
Site Admin
Joined: 27 Feb 2004
Last Visit: 28 Aug 2012
Posts: 3913
Location: California
|
| Posted: Sun Dec 04, 2005 1:03 am Post subject: |
|
|
Moved from Spyware Removal to give more exposure and allow everyone to be able to comment.
_________________
Nick's Security Ticker
 |
|
| Back to top |
|
|
Milenko
Newbie
Joined: 04 Dec 2005
Last Visit: 09 Dec 2005
Posts: 2
|
| Posted: Sun Dec 04, 2005 9:23 am Post subject: |
|
|
I too was hijacked last night by Spy Axe and SpyTrooper. Being a complete neophyte (and an old codger to boot), I almost got taken in by the Axe/Trooper pitch. When re-reading the bubble, I noticed a slight language thing that alerted me to an issue. "It is recommended to use special antispyware" is not good English and could easily be a translation from another language.
I found your helpful forum (through Yahoo) and while I was reticent to perform some of the technical fixes, I did download smitREm. It would not run as forum instructions suggested but I was able to force in the batch file. Cleaned up alot but seemed to get frozen with the disk cleanup (should I have been more patient?).
Still have the Spy Axe bubble but IE works better.
I hope this helps any non-technical people such as myself. Any suggestions on smitRem completion? Thanks. |
|
| Back to top |
|
|
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 22 May 2013
Posts: 10271
Location: sunny California
|
| Posted: Sun Dec 04, 2005 11:49 am Post subject: |
|
|
Milenko.
You should download HijackThis and post your log in that forum. You probbly have some addtional maware still that needs removal.
http://www.spywarewarrior.com/viewforum.php?f=5
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.  |
|
| Back to top |
|
|
cowriles
Newbie
Joined: 05 Dec 2005
Last Visit: 05 Dec 2005
Posts: 5
|
| Posted: Mon Dec 05, 2005 10:25 am Post subject: |
|
|
| I didn't purchase anything using a credit card but i did click the "download" free trial or something like that.. what should i do.. am i ok just as long as i didn't purchase anything or should i start calling credit cards and tell them? |
|
| Back to top |
|
|
Milenko
Newbie
Joined: 04 Dec 2005
Last Visit: 09 Dec 2005
Posts: 2
|
| Posted: Fri Dec 09, 2005 11:31 pm Post subject: |
|
|
Suzi,
Thanks for the reply; I got immersed in all the fascinating postings and discussions on this site and never checked on a response to my earlier query.
As it stands, a combination of Smitrem and SpeAxeFix did the trick for me.
You guys are awesome and the service that you provide is so essential to countering the nefarious elements preying on users. The ability to find and access something like Spyware Warrior is what the Internet can be.
Many thanks.
Milenko |
|
| Back to top |
|
|
wyrmrider
Warrior Addict
Joined: 25 Jun 2004
Last Visit: 17 Jan 2009
Posts: 730
|
| Posted: Sat Dec 10, 2005 8:21 am Post subject: |
|
|
post the hjt
read the stickies in the hjt forum
reference this thread
better safe than sorry
also new spybot and ad-aware defs yesterday
run a couple of on line av scans
ccleaner
defrag
reset system restore |
|
| Back to top |
|
|
Nick
Site Admin
Joined: 27 Feb 2004
Last Visit: 28 Aug 2012
Posts: 3913
Location: California
|
| Posted: Sun Mar 05, 2006 5:33 pm Post subject: |
|
|
Looks like The SpyGuard may be the next in the rotation for the various SmitFraud infections. Been picking up activity on this one.
_________________
Nick's Security Ticker
|
|
| Back to top |
|
|
|
