RemoveIT Pro

[rdsu]

Hi,

did someone tried this free malware removal program?
http://www.incodesolutions.com/removeit.htm

Quote:

Remove many viruses that other popular antivirus software cannot discover like file
mouse.exe etc...
If you can't clean your computer from worms & viruses, addwares & spywares
try with this software.

I run it and it found 3 virus, but I think they are fp...
http://img232.imageshack.us/img232/7...results6qi.png

I also run NOD32, ewido, CounterSpy and Spybot-S&D and they found nothing...

[kjempen]

It doesn't show which files it claims to be infected?

Never tried this program before, but I'm interested in trying it.

EDIT: By looking at their web site, it seems a bit this tool identifies "threats" based on the filename and location of a file? Doesn't seem like a very trustworthy tool to me. Someone correct me if I'm wrong.

[ErikAlbert]

This is from their website :

Quote:

Q - How can i clean worms like conime.exe and wupdmgr.exe?
A - Restart computer in safe mode then manually delete this files conime.exe
and wupdmgr.exe from this directories

You do a scan and you find BOTH files on your computer. Weird coincidence LOL.
I don't trust this one.

[Texcritter]

Hi Vamp

Tried it and got exactly the same 3 warnings as you did, seems a bit fishy to me

[kjempen]

Quoted from their web site:

"Q - How can i clean worms like conime.exe and wupdmgr.exe?


A - Restart computer in safe mode then manually delete this files conime.exe
and wupdmgr.exe from this directories
c:\Windows\System32\dllcache
c:\Windows\System32"

I tried the scanner, and it told me I had these infections: "Sys32.conime" and "Sys32.wupdmgr". I went and looked in the folders as described in the answer given above, tried scanning them at jotti's and VirusTotal - the files came out clean. So I'm guessing that these are false positives.

[ErikAlbert]

Quote:

Q - How can i end some active process and delete they source file?

Is that English ? they = their IMHO.

Their website hasn't even a professional look. Amateurs !!!

[auriell]

wupdmgr.exe - windows update manager

conime.exe - (Console IME) is an executable from the software Microsoft® Windows® Operating System version 5.2.0 by Microsoft Corporation

But if you google for the files, firts result you will see the files are trojans (but they surely not). Maybe some trojans can replace the files with themselves.

This program and the site look like one big crap.

Quote:

Our team was formed in the year 1999, and till now we have developed highly integrated system software
for The Windows Platform.

Ridiculous! This crap is almost more dangerous than any of the malware i've seen in the past 3 weeks (if the user really does what it suggests)

[rdsu]

Seems a rogue program...

I like to test programs and this is one I will never try it again...

Once Again:

There's NO valid AV Vendor who's in the business and nobody heard something about him - nor they claim to find things which "normal" AV programs couldn't detect.

It's by far MORE DANGEROUS to install such unknown "Security Applications" just for the sake that they are called "Antivirus", "Firewall", "Antispyware" or whatsoever than ignoring such crap!

[auriell]

If you want to avoid such situations in the future look at this list of crap or at least suspicious apps:

http://www.searchengines.pl/phpbb203...7&#entry196097

[ErikAlbert]

Quote:

Originally Posted by VaMPiRiC_CRoW

Seems a rogue program...

It's the first time, I see a free rogue software, usually they ask money for it.
I learn something new every day.

Some information for conime.exe

Conime.exe is a process which is registered as the BFGhost 1.0.
Remote administration backdoor tool.
This backdoor application can allow attackers to access your computer,
stealing passwords and personal data.
It is a registered security risk and should be removed immediately.

Quote:

Originally Posted by ri008

Some information for conime.exe

Conime.exe is a process which is registered as the BFGhost 1.0.
Remote administration backdoor tool.
This backdoor application can allow attackers to access your computer,
stealing passwords and personal data.
It is a registered security risk and should be removed immediately.

You cannot make conclusion if something is malware or not based on a filename! Even if a trojan uses some "common" names, doesn't mean that there are not other valid programs which could use the same name!

Rename Notepad.exe into Conime.exe and add a registry autostart entry for it, because you would like to have Notepad opened during every system start.
Does it automatically become malware because of this?!