New Rogue making its mark – PestCapture

October 4th, 2006 by AndyAtHull

Thanks to Sunbelt for the heads up!

This rogue also uses the same .dll files as SpySheriff, you know the one rogue that was the main attaction in yesterdays video.

The IP used for this rogue is shared with an earlier rogue, Bravesentry:

IP: 69.50.166.195 – pestcapture(.)com

It also seems they have changed their payment services from segpay to:

IP: 69.50.168.101 – isoftpay(.)com

Whois details can also be found and tell you it is associated with Intercage Inc to no suprise. Who also knows VirusRescue very well, and others.

And before the jiggery-doo is over check this out:-

PestCaptures Satisfaction Guarantee

Shop safely at www.pestcapture.com with the PestCapture 100% satisfaction guarantee. If for any reason you are not happy with your purchase, simply contact our customer support staff within 30 days, and we will refund 100% of the purchase price with no questions asked. At www.spysheriff.com (< -- LOL) your security and satisfaction come first. If you’re unhappy, we’re unhappy and we’ll make sure that won’t happen

That just hit the final nail in the coffin.

So if you have been infected with this rogue then visit our HijackThis forum for free help. You can also discuss it here in our forum.

Share|
Rogue Programs | 3 Comments »

Comments (3)

  1. Anonymous says:
    04/10/2006 at 13:38

    New Rogue making its mark – PestCapture…

    New rogue in the wild appears to be caught in time. Originally posted at sunbelt I include the whois details which show this latest rogue is associated with Intercage Inc. Which we know is also associated with other rogues.
    The payment service has cha…

  2. milligansghost says:
    04/10/2006 at 17:53

    your security and satisfaction come first. If you’re unhappy, we’re unhappy and we’ll make sure that won’t happen…
    And if you believe that i have a large Area of swamp land
    for you to buy Ideal Building land :-)

  3. gerbear says:
    02/05/2007 at 09:07

    I am a new mod at a small forum associated with an online drawing site. Now i am too paranoid to put the name here! Just wanted everyone to know that Intercage is alive and well and has found our corner of the world. I Was suspicious of the name so I used the whois databases and found a Calif addy so I googled and found this and other sites. They are supremely evil and still here. I found this 69-50-189-90.esthost.com for the hostname.

Leave a Reply

Download SCars (Beta) v0.6.5b2


Download SCars

Click here for the secondary mirror.

Testimonials for SCars

  • "SCars is probably one of the better programs I have in my arsenal to help keep people up to date and cleaned up. Yes, you could tell people to run cleanup programs once a week. Or you could get SCars to remind them!" - Olrik Lenstra
  • Contact us to add yours.

Securitycadets on Facebook


Securitycadets on Facebook

Recent Posts

Categories

Popular Posts