Category Viruses and Spyware
Troj/Spywad-AX is a Trojan for the Windows platform.
Troj/Spywad-AX displays fake messages claiming the computer is infected with spyware and then tries to sell the user antispyware tools.
When Troj/Spywad-AX is run, the following files are created:
<Current Folder>\delself.bat - text file, can be deleted
<System>\braviax.exe - detected as Troj/Spywad-AX
<System>\dllcache\beep.sys - detected as Troj/Spywad-AX
<System>\cru629.dat - detected as Mal/EncPk-BB
<System>\univrs32.dat - detected as Troj/Agent-GPD
<WINDOWS>\braviax.exe - detected as Troj/Spywad-AX
<WINDOWS>\cru629.dat - detected as Mal/EncPk-BB
The following registry entries are created to run braviax.exe on startup:
It takes advantage of software vulnerabilities, which allows a remote malicious user or malware to download files on the affected machine.
It connects to a Web site to download a malicious file, which Trend Micro detects as TROJ_VUNDO.BHH. As a result, routines of the downloaded Trojan are also exhibited on the affected system.