Hi, did someone tried this free malware removal program? http://www.incodesolutions.com/removeit.htm I run it and it found 3 virus, but I think they are fp... http://img232.imageshack.us/img232/7505/removeitresults6qi.png I also run NOD32, ewido, CounterSpy and Spybot-S&D and they found nothing...
It doesn't show which files it claims to be infected? Never tried this program before, but I'm interested in trying it. EDIT: By looking at their web site, it seems a bit this tool identifies "threats" based on the filename and location of a file? Doesn't seem like a very trustworthy tool to me. Someone correct me if I'm wrong.
This is from their website : You do a scan and you find BOTH files on your computer. Weird coincidence LOL. I don't trust this one.
Quoted from their web site: "Q - How can i clean worms like conime.exe and wupdmgr.exe? A - Restart computer in safe mode then manually delete this files conime.exe and wupdmgr.exe from this directories c:\Windows\System32\dllcache c:\Windows\System32" I tried the scanner, and it told me I had these infections: "Sys32.conime" and "Sys32.wupdmgr". I went and looked in the folders as described in the answer given above, tried scanning them at jotti's and VirusTotal - the files came out clean. So I'm guessing that these are false positives.
wupdmgr.exe - windows update manager conime.exe - (Console IME) is an executable from the software Microsoft® Windows® Operating System version 5.2.0 by Microsoft Corporation But if you google for the files, firts result you will see the files are trojans (but they surely not). Maybe some trojans can replace the files with themselves. This program and the site look like one big crap.
Ridiculous! This crap is almost more dangerous than any of the malware i've seen in the past 3 weeks (if the user really does what it suggests)
Once Again: There's NO valid AV Vendor who's in the business and nobody heard something about him - nor they claim to find things which "normal" AV programs couldn't detect. It's by far MORE DANGEROUS to install such unknown "Security Applications" just for the sake that they are called "Antivirus", "Firewall", "Antispyware" or whatsoever than ignoring such crap!
If you want to avoid such situations in the future look at this list of crap or at least suspicious apps: http://www.searchengines.pl/phpbb203/index.php?showtopic=16318&st=0&p=196097&#entry196097
It's the first time, I see a free rogue software, usually they ask money for it. I learn something new every day.
Some information for conime.exe Conime.exe is a process which is registered as the BFGhost 1.0. Remote administration backdoor tool. This backdoor application can allow attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately.
You cannot make conclusion if something is malware or not based on a filename! Even if a trojan uses some "common" names, doesn't mean that there are not other valid programs which could use the same name! Rename Notepad.exe into Conime.exe and add a registry autostart entry for it, because you would like to have Notepad opened during every system start. Does it automatically become malware because of this?!