New AV is here >

Discussion in 'other anti-virus software' started by StevieO, Mar 22, 2006.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Here's a new one to me, RemoveIT Pro 2.1 SE

    . . .
    http://www.incodesolutions.com/index2.html


    StevieO
     
    Last edited by a moderator: Mar 31, 2006
  2. Eldar

    Eldar Registered Member

    Joined:
    Jul 12, 2004
    Posts:
    2,126
    Location:
    Vilvoorde (Belgium)
    Only $15 or the free version. :eek:
    It's also pretty new on the market, because the forum has no posts, no members at present. :rolleyes:
     
  3. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    the only registered members are from bots that registered for making publicity to their sites (casinos, ad spaceholders, etc.) :/ could be avoided a bit by applying more strict rules for registration to the forum
     
  4. Happy Bytes

    Happy Bytes Guest

    Sure, all have to try it - it deletes valid SYSTEM FILES!
     

    Attached Files:

  5. Happy Bytes

    Happy Bytes Guest

    I pressed stop after the first false postive - there are a lot of more system files detected.

    By the way this is a valid Microsoft XML Parser DLL. The guy who develops this bullshit application (It's nothing else) does not even know what is malware and what not and all people are happy that such "new antivirus" finding things which other AV's are missing. Go, make a donation for screwing up your system :rolleyes:
     

    Attached Files:

  6. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    RemoveIT Pro could be classified as Trojan Horse.
     
  7. Happy Bytes

    Happy Bytes Guest

    That's not but we would need another Class like "Idiotware"
     
  8. Happy Bytes

    Happy Bytes Guest

    I really cannot understand that people start using software which they don't know just because of the sake for having a "security software" name.

    I said it already MANY TIMES in this forum - With unknown and untrustworthy Security Applications you can do more harm to your machine than having no programs at all installed! And this has nothing to do with "bashing products" or "not giving the author any chance" - it's insane to develop such applications without any expertise. You can really badly screwup a machine with this.
     
  9. Eldar

    Eldar Registered Member

    Joined:
    Jul 12, 2004
    Posts:
    2,126
    Location:
    Vilvoorde (Belgium)
    I for sure am not going to try this one out. :thumbd:
    Best stick to the trusted ones.
    Thanks for the warning and the test Happy Bytes. :)
     
  10. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Oh great i never liked that Microsoft XML Parser anyway. Maybe it could eliminate XP activation as well, along with a few other things hey !

    Nice looking GUI though, worth getting just for that.

    I suppose it might be better to choose an AV that misses things, rather than one that produces FP's !


    StevieO
     
  11. Happy Bytes

    Happy Bytes Guest

    I disassembled it to bring some light into the dark. It's indeed "dangerous".
    It scans for fixed filenames! That means if there is a malware which uses for example 123.dll in the systemfolder it will detect and delete ANY FILE - regardingless what it is - with the name 123.dll.

    I just tryed it as follows: i renamed the own install log ( a normal text file ) of this pumpkin-application into "msxml3a.dll" and copied it into system32.

    Voila: Detected! It detects it's own files if it has the matching name to the malware! That's also the reason why there is no proper virus name. The author only collects files where he ASSUMES that they are malicious. then he adds this filename in a database (simple encrypted) and scans for this filenames.

    I cannot believe what crap people developing - thats really the worst i saw so far and just believe me i saw a lot of weird things
     
  12. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I agree, some people will try anything. Doesn't seem to mater if it screws-up the computer.
     
  13. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Happy bytes you do know it's Very naughty to disassemble or reverse engineer software ?

    I've heard of self repairing Apps, but self destructing ! Maybe they could turn it into a nice little shredder App instead.


    StevieO
     
  14. Happy Bytes

    Happy Bytes Guest

    That's my daily work. :D
     
  15. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    an analysts needs to disassemble malware, good thing he did :).
    btw, nice trojan definition which could apply can be found on http://www.research.ibm.com/antivirus/SciPapers/Whalley/inwVB99.html

    etc.

    :p
     
  16. Happy Bytes

    Happy Bytes Guest

    Well it is NOT a trojan. The author does not even know that he's that bad. So basically it becomes a dangerous application based on unexpirience from the author, but not on purpose. A trojan always has a purpose to disguest something. Here we have a new kind of malware - i would name it "Idiotware" but unfortunately there isn't such a category now :D Or "PDA" Potentially dangerous Application o_O
     
  17. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    Glad to know that! My PCs always run faster with FEWER system files! I really need to give this AV a test drive!

    Dave
     
  18. Happy Bytes

    Happy Bytes Guest

    If you donate 5 bucks to me i can send you a copy of DEL-Command :D
     
  19. Grumble

    Grumble Registered Member

    Joined:
    Apr 25, 2004
    Posts:
    185
    Location:
    the sunshine state
    Gotta love Happy Bytes and his 'bullshit walks' attitude! :D :D :D
     
  20. Happy Bytes

    Happy Bytes Guest

    I don't know you, but i love you too :D
     
  21. controler

    controler Guest

  22. Happy Bytes

    Happy Bytes Guest

    The worm has nothing to do with this app.
     
  23. controler

    controler Guest

    Ok sorry this must be a different version.

    "There is virus Win32.Alcra.F that has name RemoveIT Pro 2.4 SE.zip and it spreads it self via sharing networks. So please beware if you downloading this zip file or some other zip file via sharing network and keep your antivirus up to date." ( »www.incodesolutions.com/index2.html )"

    con
     
  24. Happy Bytes

    Happy Bytes Guest

    What is so difficult to understand? The worm has nothing to do with this version what you can download on their website.
     
  25. controler

    controler Guest

Loading...
Thread Status:
Not open for further replies.