Exterminate It! Antimalware situation

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

> So, you would need not

Post by Nulander » Mon May 24, 2010 8:55 pm

> So, you would need not only a dedicated testing machine, but a dedicated person
> also. Sounds like a full time paid position to me. I doubt seriously if WOT wants to do
> that.

I know that we must be as much as precise we can but the idea was to inserting and summarizing all the findings and evidence that we find when the case is submitted on the main forum. Like a "Scam n°X - File" in a Police Department.
Findings, evidence, suspects, innacuracy, doubts confirmed by oddly findings etc.
Even because you have to consider this: a safe software is always pretty clear on their activities. I have never found applications that, sometimes, start to act oddly are in an unexpected manner, even because, this could raise serious considerations about the presence of undocumented functions or strange bugs inside the software. In the first cause, someone could start to yell about the presence of a Trojan, and, in the second case, finding out that a software is full of bug don't bring a good reputation and publicity to its producer. Don't you?

-----
MF IT-UESC - Protecting your Digital Experience. Now.

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

Dear Antony70, the issues

Post by Nulander » Wed Jun 09, 2010 1:17 am

Dear Antony70, the issues related to "Exterminate It!" security tool has been discussed deeply in this place: http://www.mywot.com/en/forum/6452-exterminate-it-antimalware-situation and even in another forum: http://forums.malwarebytes.org/index.php?showtopic=5928

The results are clear. nosirrah, that I have never had the pleasure to met on that forum, has given an answer that better could not be to describe how dangerous is the system adopted by your company in order to obtain a payment for the efforts faced to produce the software you're claiming.

In order to ease you the reading, I'm reporting it here, for another time:

"I did a scan and your software wants $ to remove what it has found , this is unconscionable . If the user has malware that will capture their payment information then you have just traded a couple of bucks for potentially destroying their credit ." In his answer there's even a suggest about how to solve this issue:

"Allow removal for free (there is nothing wrong with even a 5 day trial for this , hell a 1 day trial is better than typing your credit card # into an infected machine) .
Prevent an infected scan result from allowing a user to make a purchase online (I do not care how you go about preventing this) ."

For what I have seen by myself, the tool presents TOO much FP's to be considered reliable. It is really prone to User Interface Failure problems and expecially "Warning Fatigue", due to the continue presence of dangerous detections (most of them with no real confirmation on the field), that could not only potentially lead to unpredictable results on the system (what happend if a dude decide to remove all the FP's nuking up the system? Are you going to refund them even for the tech-support costs on bare-metal restoring need to bring the box again in working status?), but could induce the use to deactivate the AV due to the high presence of warnings, causing a Security Fail Condition in his/her box, that is unacceptable.

For what I care, the rating is Deep-Red and remain as it is, due to the dangerous condition that the user could be involved on paying the tool in a compromised enviroment, and the unacceptable presence of FP's.

The only thing you can argue and I can be with you, is that the comment placed on the scorecard to Exterminate It is too generic and should be fixed (and it will be soon).
-----
MF IT-UESC - Protecting your Digital Experience. Now.

MysteryFCM
Posts: 4912
Joined: Mon Jul 14, 2008 4:47 pm

.....

Post by MysteryFCM » Wed Jun 09, 2010 1:37 am

Just an FYI, I re-tested the software recently, which is why it isn't listed in hpHosts anymore (still wouldn't dream of recommending it though).

Testing of the software on a clean install of Windows, and a non-clean install of Windows, produced no F/Ps. This doesn't mean it doesn't have any on other systems, just that I did not see any whilst testing on the test system (XP Pro SP3).

One of the demands I made, prior to allowing removal from hpHosts, was that they offered an alternative option, to pay for the program (i.e. one that didn't require the user pay via the machine they've just told them is infected), and this was included. If it's been removed again, please let me know.

Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

It's returned and placed a

Post by Nulander » Wed Jun 09, 2010 1:47 am

It's returned and placed a comment on my personal board even if I had previously placed a disclaimer saying that these types of topics should be treated publicly in order to avoid any problem and leave a clear and accessible track of what has been digged out.

Dear MassimilianoF,

We are Exterminate It! antimalware application and exterminate-it.com website development team.

It is absolutely unclear to us why you've marked exterminate-it.com website as distrustful/dangerous and provided it with lowest rating?

1. Exterminate It! software is signed with VeriSign Code Signing Certificate, which means that our software and content is safe.

2. Our website marked by VeriSign Trusted Seal and scanned daily for infection.
Scanning Results could be obtained here:
https://trustsealinfo.verisign.com/splash?dn=www.exterminate-it.com&lang...



3. Exterminate It! marked as green on SiteAdvisor:
http://www.siteadvisor.com/sites/exterminate-it.com/



4. Exterminate It! website rated as green on Norton SafeWeb:
http://safeweb.norton.com/report/show?name=exterminate-it.com



5. Our website isn't represented in HpHosts database:
http://hosts-file.net/?s=exterminate-it.com


We are ready to provide you with free one week trial code for Exterminate It! software. So, you will have possibility to try fully functional software.

Here is free one week Exterminate It! trial code:

** Removed **

Please note that this activation code is anonymous and there is no E-mail address associated with it.
It means that you will need to check Submit State responses using our Support System manually.
In order to receive better Submit State usage experience please provide us with your E-mail address.

Hopefully after reviewing our software you would change your mywot opinion and rate for: http://www.exterminate-it.com

appropriately.

Best Regards,
Exterminate It! Development Team

CURIOLAB S.M.B.A.
Center Boulevard 5, 208
Copenhagen S, 2300
Denmark

P.S. P.S. Please note that there is only one comment from myself on the wot regarding Exterminate It! website.
Recently (1-2 weeks ago) we started to ask our clients to leave their opinion on mywot website because we found existing Exterminate It!
reviews non-objective and this is normal / legal from mywot management point of view.”

-----
MF IT-UESC - Protecting your Digital Experience. Now.

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

I could suggest to submit

Post by Nulander » Wed Jun 09, 2010 1:58 am

I suggest them to submit their software to a serious AV-testing service (not West Coast Labs) to officially prove that everything is ok. Only producing an adequate amount of information that prove its trustworthyness could lead to a "scorecard heal" situation. I can't stand right now to setup a testing machine to check the software due to leak of time and resources to do so.

If the software is full legit and recovered by suspicious behaviors, Antony could easily produce and post all the related documentation of tests, how they have been done, reproduced and the results of them. Because it must be proven either that the company is on the right tracks, has learnt the lesson and won't act oddly again in the future, when the sea waves will be calmed down again.
-----
MF IT-UESC - Protecting your Digital Experience. Now.

Guest

Wait a minute . . . wait a minute

Post by Guest » Wed Jun 09, 2010 10:48 am

I did a scan (in my Windows VM, of course) with this "Exterminate it!" thing.

It found 16 tracking cookies . . . which I'm sure I had . . . thus, so far so good. I had expected it to be the typical rogue and "detect" hundreds of registry errors and tell me they were "serious". But it didn't, so I was impressed at that point.

But when I pressed the "Exterminate" button, it immediately told me I'd have to pay to remove . . . simple tracking cookies!

So, by my way of thinking . . . call it what you want, "payware", "rogue", whatever . . . this beast is definitely a scam when there is plenty of free software out there that will detect and remove simple tracking cookies.

Guest

thanks

Post by Guest » Wed Jun 09, 2010 11:17 am

thanks for your analysis of this scareware AKA "Exterminate it"

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

Ok Bob

Post by Nulander » Wed Jun 09, 2010 1:27 pm

Ok Bob but, even if this tool has become the most valuable software tool in all the entire universe, before any positive rating, it must be proven that there's no more odd behaviors by its company.
What assure to me that it will behave good now? And if they're using an embedded ClamAV engine inside of it, with only some adds? Or reverse engineer another AV tool like what happened with IO 360?

They must bring evidence that the software is really "legit". And test must be available to everyone, in order to see their solidity even with copies spread on the main Software-Portals like FileHippo, SoftPedia etc., other than considering themselves and their capacity to test the software for real.

PS: I'm not saying that I don't consider the results of Steven, that is an authority in this field, but I feel that a double-check for this company and their tools is a must considering what happened in the past with them. BobJam, just to mention, have had another result about the part related to the "Payment method" adopted by the authors of Exterminate It!, that show how their old gathering processing system is still in use.
-----
MF IT-UESC - Protecting your Digital Experience. Now.

Guest

Am confused

Post by Guest » Wed Jun 09, 2010 2:02 pm

@ MasimillianoF,

"Ok Bob. but . . . before any positive rating"
Are you suggesting that I recommended rating this beast green? I'm sure I'm misunderstanding, because I most certainly did not.

User avatar
Nulander
Posts: 2136
Joined: Fri Mar 26, 2010 3:09 am

No, simply adding more value

Post by Nulander » Wed Jun 09, 2010 4:19 pm

No, simply adding more value to your comment (but I didn't know how to start the post :P) and reaffirm how the dude asking for green comments should heal the reputation of his company showing serious evidence of the legitimacy (intended as software not harmful, that protect the user during payment processing etc.) and methods used to support such review.
-----
MF IT-UESC - Protecting your Digital Experience. Now.

Post Reply

Who is online

Users browsing this forum: Google [Bot] and 3 guests