Latest (28/06/2009):

We are hoping to make the blog and surrounding pages more friendly and accesable soon. Stay tuned for more about that!

If you think you have malware and/or virusses on your PC and wish to seek help for free - Visit our Malware Removal Forum.

Subscribe

  • FeedBurner
  • Add to Windows Live
  • Add to Google Reader or Homepage
  • Add Security Cadets to Newsburst from CNET News.com
  • Subscribe in NewsGator Online
  • Subscribe in Bloglines
  • Add to netvibes
  • Subscribe to Yahoo
  • Add to My AOL
  • Add to Technorati Favorites
  • Security Cadets - RSS

W.O.T.

    • Free Internet Security - WOT Web of Trust
  • Copyright Notice

    Creative Commons License
    All articles are licensed under a Creative Commons License.

    Search

    Twitter

      SpyCrush – Another rogue to avoid!

      February 7th, 2007 by AndyAtHull

      Yup, another one to add to the fast growing list. Originally, as you will see in the setup image, a clone of VirusBurst(er) which you can see here and here.

      SpyCrush Setup

      And the program in looks is no to different from VirusBurst either.

      SpyCrush Main

      (click on the thumbnail to enlarge)

      The same mistakes, and the same lies. And the same behind the scenes details. By that I mean Estdomain Inc and hosted at Netcathost. See here for more.

      Registration Service Provided By: ESTDOMAINS INC
      Contact: +1.3027224217
      Website: http://www.estdomains.com

      Domain Name: SPYCRUSH.COM

      Registrant:
      ODS ltd
      Robyn Turner (turnrobyn@gmail.com)
      Level 11 Toowong Tower
      9 Sherwood Road
      Toowong
      null,Qld 4006
      AU
      Tel. +61.38761200

      Creation Date: 10-Aug-2006
      Expiration Date: 10-Aug-2007

      Domain servers in listed order:
      managedns4.estboxes.com
      managedns3.estboxes.com
      managedns2.estboxes.com
      managedns1.estboxes.com

      And Netcathost has the honor of being SANS’ most hated of 2005 – SANS.

      So avoid this rogue like the plague. In fact use our self-help removal guide here. Or ask for step by step help with an expert here. You can also discuss this matter further in our forum.

      (Thanks to some of the members at SpywareWarrior)

      Bookmark and Share

      Filed under Rogue Programs, Security Related | 8 Comments »

      8 Responses

      1. milligansghost Says:

        Blah here we go again another round of hunt the Malware dont it just drive you crazy …

      2. SimpleTechnology Daily Links 2007-02-08 - Simple Technology - News and how-tos for the digital lifestyle Says:

        [...] Security Cadets: SpyCrush – Another rogue to avoid! “Yup, another one to add to the fast growing list … avoid this rogue like the plague.” [...]

      3. Denise Hoffman Says:

        We have somehow gotten this on our laptop and can’t find it to remove it. We have not downloaded any software for it. We ran AVG anti-spyware and thought it had it but it remains on our task bar and keeps popping up. Any help you can give us would be appreciated. Thanks

      4. AndyAtHull Says:

        For this one you have two options.

        1 – Use the self-help removal guide;

        http://forum.securitycadets.com/index.php?showtopic=1540

        2 – Get direct help in our forum with a qualified helper;

        http://forum.securitycadets.com/index.php?showforum=2

        Registration is needed before you post, but it’s free. This is to prevent being harvested by spammmers.

        Following the removal guide may remove the program and what comes with it, but that doesn’t mean you are all clean. You may have other malware unrelated to spycrush.

        Andy

      5. misko Says:

        please

      6. miller Says:

        Does anyone know if this is a real US company??? Their website indicates they are based in Braintree, MA., however after much trying I have been unable to find any contact info as far as tele#, addr, or anything for this company called Spycrush, Inc.

      7. AndyAtHull Says:

        Hi Miller,

        To answer your question as best as I can, and in a way, this company is more than likely not from the US and the details given are more than likely fake.

        The people behind these scams are generally based in Ukraine and that region. They often use fake details to make it look like they are legit to normal computer users. Just another way to convince and get the money they want.

        On the whois I mention it shows you who the registrar is, which is Estdomains. These are not to be trusted and are behind many scams. Some say that are mafia related, I say they are scum.

        So I hope that answered your question.

        Andy

      8. Ray Says:

        thanks. this got rid of the spycrush program on my computer. Will this softwear block it from coming back?

      Leave a Comment

      Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.