high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Included in our products from | May 2008 (4.29) |
| Protection available since | 28 March 2008 02:14:35 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/Spywad-AX is a Trojan for the Windows platform.
Troj/Spywad-AX displays fake messages claiming the computer is infected with spyware and then tries to sell the user antispyware tools.
When Troj/Spywad-AX is run, the following files are created:
<Current Folder>\delself.bat - text file, can be deleted
<System>\braviax.exe - detected as Troj/Spywad-AX
<System>\dllcache\beep.sys - detected as Troj/Spywad-AX
<System>\cru629.dat - detected as Mal/EncPk-BB
<System>\univrs32.dat - detected as Troj/Agent-GPD
<WINDOWS>\braviax.exe - detected as Troj/Spywad-AX
<WINDOWS>\cru629.dat - detected as Mal/EncPk-BB
The following registry entries are created to run braviax.exe on startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
braviax
<System>\braviax.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
braviax
<System>\braviax.exe
|
