Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

WARNING! Identity Theft by Spy Axe, Spy Trooper, and The Spy

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion
View previous topic :: View next topic  
Author Message
JDUB22
Newbie


Joined: 03 Dec 2005
Last Visit: 10 Dec 2005
Posts: 1

PostPosted: Sat Dec 03, 2005 11:57 pm    Post subject: WARNING! Identity Theft by Spy Axe, Spy Trooper, and The Spy Reply with quote

WARNING!!! Identity Theft by Spy Axe, Spy Trooper, and The Spy Guard

First off let me tell you there is absolutely NOTHING genuine about any of these companies, Spy Axe, Spy trooper, and The Spy Guard. Ask yourself three simple questions:

1. Why did they force their program on my computer?
2. Why is it almost impossible to unistall their program?
3. Why doesn’t the company offer advice on its website on how to unistall it?

Obvious answer is the correct answer. They are crooks.

Recently Spy Axe infected my computer and now my IE keeps opening up to UpdateYourSystem.com and trying to sell me one of three software programs; Spy Axe, Spy Trooper, and The Spy Guard. This website is specifically designed to trick to average consumer like myself into thinking this is a Microsoft security update coming from a secure Microsoft website. I am embarrassed to say that I fell for it.

Needless to say I purchased the software thinking it would fix the “Security Alerts”, and “Spyware Infection(s)” that had recently taken control of my computer. Little did I know all these problems were the result of Spy Axe and its malicious program.

Shortly after purchasing the software I received a call from my credit card company asking me if I had made online purchases in excess of $14,000. Obviously I had not.

To make a long story short I spoke with the company that received the false order from my credit card and they directed me to the detective in charge of the investigation. He informed me that these entities are part of a credit card and identity theft network that is operating oversees mainly in Russia and Manila.

Below I have provided some basic information about the four companies involved. Spy Trooper, The Spy Guard, Spy Axe, and UpdateYourSystem.com. Take a look at the registrant information for UpdateYourSystem.com:

Registrant:
Mag
Dicacik (mag@sexpicsporn.com)

Need I say more?

I am embarrassed to admit that I was taken advantage of and hopefully my story will help others. Please post this story on other websites.
Thank you.

____________________________________________________________________________
Registration Service Provided By: KUKARAKA DOMAINS REGISTATION SERVICE
Contact: +021.2223713

Domain Name: SPYTROOPER.COM
Registrant:
Popandopulos Ltd
Alison Popandopulos (crystaljones@list.ru)
2 Pyramid, Room 34
Chalkidiki
Chalkidiki,126322
GR
Tel. +001.41512345678

Creation Date: 26-Aug-2005
Expiration Date: 26-Aug-2006

Domain servers in listed order:
61143.managedns1.estboxes.com
61143.managedns2.estboxes.com
61143.managedns3.estboxes.com
61143.managedns4.estboxes.com


Administrative Contact:
Popandopulos Ltd
Alison Popandopulos (crystaljones@list.ru)
2 Pyramid, Room 34
Chalkidiki
Chalkidiki,126322
GR
Tel. +001.41512345678


Registration Service Provided By: ESTDOMAINS
Contact: +372.55647646
Website: http://www.estdomains.com

Domain Name: THESPYGUARD.COM

Registrant:
Nelroy LTD
Emilios Hadjivangeli (nelroy@yandex.ru)
Suite 206, Victoria House, State House Avenue
The Republic of Seychelles
Victoria
Victoria,5443453
SC
Tel. +002.22334245

Creation Date: 17-Aug-2005
Expiration Date: 17-Aug-2006

Domain servers in listed order:
managedns1.estboxes.com
managedns2.estboxes.com
managedns3.estboxes.com
managedns4.estboxes.com

Registration Service Provided By: WMDomains.NET
Contact: support@wmdomains.net
Visit: http://www.wmdomains.net

Domain name: SPYAXE.COM
Registrant Contact:
U-12
Joshua Veronimo (admin@spyaxe.net)
+632.8323123
Fax: +632.8323123
U-12 Gamma Commercial Complex # 47 Rizal Highway cor. Manila
Olongapo City, 1300
PH

Administrative Contact:
U-12
Joshua Veronimo (admin@spyaxe.net)
+632.8323123
Fax: +632.8323123
U-12 Gamma Commercial Complex # 47 Rizal Highway cor. Manila
Olongapo City, 1300
PH

Registration Service Provided By: ESTDOMAINS
Contact: +372.55647646
Website: http://www.estdomains.com

Domain Name: UPDATEYOURSYSTEM.COM
Registrant:
Mag
Dicacik (mag@sexpicsporn.com)
P.O Box 3728
Praha
null,4749
CZ
Tel. +420.484020829504

Creation Date: 22-Oct-2005
Expiration Date: 22-Oct-2006

Domain servers in listed order:
ns1.updateyoursystem.com
ns2.updateyoursystem.com


Administrative Contact:
Mag
Dicacik (mag@sexpicsporn.com)
P.O Box 3728
Praha
null,4749
CZ
Tel. +420.484020829504
Back to top
View user's profile Send private message
Nick
Site Admin


Joined: 27 Feb 2004
Last Visit: 15 Jul 2014
Posts: 3913
Location: California

PostPosted: Sun Dec 04, 2005 1:03 am    Post subject: Reply with quote

Moved from Spyware Removal to give more exposure and allow everyone to be able to comment.
Back to top
View user's profile Send private message
Milenko
Newbie


Joined: 04 Dec 2005
Last Visit: 09 Dec 2005
Posts: 2

PostPosted: Sun Dec 04, 2005 9:23 am    Post subject: Reply with quote

I too was hijacked last night by Spy Axe and SpyTrooper. Being a complete neophyte (and an old codger to boot), I almost got taken in by the Axe/Trooper pitch. When re-reading the bubble, I noticed a slight language thing that alerted me to an issue. "It is recommended to use special antispyware" is not good English and could easily be a translation from another language.

I found your helpful forum (through Yahoo) and while I was reticent to perform some of the technical fixes, I did download smitREm. It would not run as forum instructions suggested but I was able to force in the batch file. Cleaned up alot but seemed to get frozen with the disk cleanup (should I have been more patient?).

Still have the Spy Axe bubble but IE works better.

I hope this helps any non-technical people such as myself. Any suggestions on smitRem completion? Thanks.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 21 Sep 2014
Posts: 10329
Location: sunny California

PostPosted: Sun Dec 04, 2005 11:49 am    Post subject: Reply with quote

Milenko.

You should download HijackThis and post your log in that forum. You probbly have some addtional maware still that needs removal.

http://www.spywarewarrior.com/viewforum.php?f=5
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
cowriles
Newbie


Joined: 05 Dec 2005
Last Visit: 05 Dec 2005
Posts: 5

PostPosted: Mon Dec 05, 2005 10:25 am    Post subject: Reply with quote

I didn't purchase anything using a credit card but i did click the "download" free trial or something like that.. what should i do.. am i ok just as long as i didn't purchase anything or should i start calling credit cards and tell them?
Back to top
View user's profile Send private message
Milenko
Newbie


Joined: 04 Dec 2005
Last Visit: 09 Dec 2005
Posts: 2

PostPosted: Fri Dec 09, 2005 11:31 pm    Post subject: Reply with quote

Suzi,
Thanks for the reply; I got immersed in all the fascinating postings and discussions on this site and never checked on a response to my earlier query.

As it stands, a combination of Smitrem and SpeAxeFix did the trick for me.

You guys are awesome and the service that you provide is so essential to countering the nefarious elements preying on users. The ability to find and access something like Spyware Warrior is what the Internet can be.

Many thanks.

Milenko
Back to top
View user's profile Send private message
wyrmrider
Warrior Addict


Joined: 25 Jun 2004
Last Visit: 17 Jan 2009
Posts: 730

PostPosted: Sat Dec 10, 2005 8:21 am    Post subject: Reply with quote

post the hjt
read the stickies in the hjt forum
reference this thread
better safe than sorry
also new spybot and ad-aware defs yesterday
run a couple of on line av scans
ccleaner
defrag
reset system restore
Back to top
View user's profile Send private message
Nick
Site Admin


Joined: 27 Feb 2004
Last Visit: 15 Jul 2014
Posts: 3913
Location: California

PostPosted: Sun Mar 05, 2006 5:33 pm    Post subject: Reply with quote

Looks like The SpyGuard may be the next in the rotation for the various SmitFraud infections. Been picking up activity on this one.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group