It’s that time again when a new rogue antispyware appears. Many different variants get released daily, however we’re focusing on the Zlob varient.

The following rogue is a variant from the IE Defender, AntiSpy Pro rogues. The ones that acted like fools and still do.

The one I am bringing to light is called Files Secure.

(Click to the original size)

Without having to go into great details, this one has the following site (do not log onto it unless you know what you’re doing):

www(dot)files-secure(dot)com

And from the whois we can tell EstDomains Inc and Ukrtelegroup Ltd are involved.

If you got infected with this and need help, then make sure you visit our Malware Removal support forum. And if English isn’t your first language then visit other ASAP sites with support sites for different languages.

An automated removal guide will be available soon. In the mean time chat about this here in details.

… I’ll be kicking butt again!

I did say a week or so ago that I posted my last article for the year. However whilst I have been on holiday, several items have come to light which I will be going into once I am back from holiday. Probably near Sunday evening this weekend.

I may be on holiday, but suckers, I still have my eye on you!

It’s that time again where we all stuff our face with some festive food and sit and watch re-runs of old Christmas movies.

I will be going away this Christmas into mainland Europe and spend some time with family. Last time we spent Christmas away from home was a few years ago when I just started to create this blog. We went on a skiing trip to Bulgaria. However this year will be different.

You may or may not find some new posts before I return. Our guest bloggers’ may post a few things here and there. However I wouldn’t want you to glare every five minutes to check. Enjoy your holidays however you spend it!

For those seeking assistance in our forum. Please bare in mind that our helpers too may be away with their family. Any help you may require will likely not be there or very delayed.

But from all of us at SecurityCadets.com:

Merry Christmas and a Happy 2008

See you in the new year!

How about this. DollerRevenue get fined by a Dutch regulator:

Telecoms watchdog OPTA has fined three Dutch firms and their two directors a total of €1m for the illegal distribution of spyware.It is the first time OPTA has imposed fines for spreading malicious Trojans, and has been called “one of the biggest cases of illegal software crime”, by the regulator.

In 2005, the two unnamed businessmen distributed software called DollarRevenue among millions of internet users. Approximately 450 million software files were installed on 22 million computers in the Netherlands and abroad.

The adware application silently downloaded advertising software and installed it to the computer without the user’s knowledge. DollarRevenue was also bundled with some ad-supported products and was extremely difficult to remove.

The software was also directly linked to certain botnet attacks, with over 7,700 machines hacked within 24 hours.

Finish reading the rest over at ChannelRegister.Co.Uk. Have an opinion? Tell us!

Ever since Chris Boyd reported about a site that pushed hackers, phishers and spammers, plus crackers, we have seen a strong fight from the kids behind them.

One of the individuals is called Helgi, if you do not know already. And he ran a forum that saw many posts with cracks, hacks and spamming tools.

Chris Boyd has for the last week or so been taking down the sites ran by Helgi via chatting to the host. And not in a hacking way. However there was some question why the sites appeared again. Are the hosts gaining an advantage from this forum?

Well me and Chris, and other individuals he asked, teamed up and this is what I got in their support chat:

(Click to Enlarge)

Chris has also published his screenshot he took, click here. We must thank Rahul for co-operating about this problem. However, if they appear again on the same service, more questions will be asked.

We didn’t use hacking methods to take down helgi’s hack-and-scream forum. Just used a bif ot common sense. Chat about this in our forum.

Browse around and make sure you click here for more links about the subject. And make sure you stick around as we pound some host who seems to be “supporting a forum that pushes hackers, phishers, crackers” etc.

Normal service will resume soon…

Remember the whole story about a bad bad internet being in young hands? Those young hands being 12 to 13 year olds who hack, phish and play with keyloggers like it’s out of fashion!

Well today they got pawned! So much that it could go down as the best thing of 2007. The best example what we need to keep doing in 2008 and beyond. Because if we don’t, the internet will just get worse and it will not be a nice and safe place to be for adults and children.

So with that out the way, as brief as I can be, get yourself over to VitalSecurity.Org for a slamdunk to remember where PaperGhost gives the host of Helgi’s forum a 60 minutes warning and eventually get’s his objective!

Making the World Burn – by PaperGhost. Chat about this here.

I thought the following was quite amusing ahead of the big fight this Saturday the 8th of December between Ricky Hatton and Floyd Mayweather.

(Click to Enlarge)

Is this a sign for the fight? Probably not, yet it brought a smile to my face. I wish Ricky Hatton all the best tomorrow and I hope he brinks back the belt. I’ll certainly be watching.

There truely is only one Ricky Hatton

Chat about the boxing in our forum if you wish. It should be a great fight!

You know, ever since I reported about the guys behind IEDefender here and here. And about the main program itself, they have tried to knock us down on a somewhat large, but lame scale. By that I mean, an attempted DDoS.

A few weeks later and these kids have come out with a sister version to IE Defender. Dubbed AntiSpy Pro. They basically look the same:

IE Defender

AntiSpy Pro

Other than a name change, the rest of the details are the same. EstDomains Inc provide the added lameness with the server data going to Ukrtelegroup Ltd. It’s website is;

www(dot)antispy-pro(dot)com

If you got infected with this and need help, then make sure you visit our Malware Removal support forum. And if English isn’t your first language then visit other ASAP sites with support sites for different languages.

We also have an automated removal guide – Automated Removal guide (AntiSpy Pro or AntiSpyPro removal instructions).

Currently the guide is not complete. But do you want to express your opinion about this? Then tell us! All comments are welcomed!

You know, the one where I probably went over-the-top, telling you we are doomed! Well our friend PaperGhost has a follow up:

Rise Up With Fists, Strike Down With Vengeance – Go read – It’s fun! Then chat with us about it in our forums.