I’ve hardly reported about new rogues in the last few months. So when one pops-up from our buddies Estdomains I can hardly decline and not paste it all over the web can I now?

This latest one goes by the name of Dr. AntiSpy v3.5 and is a clone of several others from SpySheriff to PestTrap to Malware-Stopper to PestCapture.

(Click to Enlarge)

And do you know who is plastered on the whois? Since it started on may the 7th? Well look below:

Registration Service Provided By: ESTDOMAINS INC
Contact: +1.3027224217
Website: http://www.estdomains.com

Domain Name: DRANTISPY.COM

Registrant:
Privacyprotect.org
Domain Admin ( contact@Privacyprotect.org)
PO Box 83-000
Johnsonville
All Postal Mails Rejected, visit Privacyprotect.org
Wellington
null,6440
NZ
Tel. +45.36946676

Creation Date: 07-May-2007
Expiration Date: 07-May-2008

Domain servers in listed order:
ns2.drantispy.com
ns1.drantispy.com

Not only does EstDomains Inc get a mention but also Intercage Inc as the IP location. Who are Intercage Inc I hear you ask? Just look at some resources on ZDNet & SunBelt for more. You’ll realise it is something to be carefull about.

Intercage are heavly involved with several rogues. Their main site is blank at all times and the IP for this one is in a spamlist like this one.

You can always get help here of course by either following the self-help removal guide or get step-by-step help in the HJT forum. You can also chat about this rogue here.