Exterminate It! Antimalware

blog

Known threats:696,754 Last Update:April 09, 23:37

Testimonials

Exterminate It is just a superior product. I was having all kinds of problems with Zlob.Fam, MyWebSearch and TrojanSpy.Win32.DKS. Even Norton could not get rid of them. I tried all knids of ways to get rid of them and nothing worked. This save me so much time and as well as reformatting and recovering my PC.
Thank you so much and I will reccommend your product to all of friends.

Mark K.

I consider myself pretty good with a computer, but after 10 hours of trying to do this myself, the sysguard.exe whipped me. I couldn't find all the files and when I thought I had them all, they would replicate and play hide and go seek I have never endorsed a product in a comment, but if you want to rid yourself of this stuff, pay the $24.99 and download Exterminate-It It fixed my system in 5 minutes!

Mike T.

Just want to say that apparently your Exterminate It has worked like a charm. I was infected with a most troublesome Malware Trojan that kept replicating every time McAfee found, blocked and removed it... most annoying for several days... until Mr. Google led me to your door. What a God send!

With thanks,

Tom S.

Exterminate It! Blog

Dear Exterminate It! Customers,

As some of you might already notice, starting from the middle of March 2019, ExterminateIt.exe (our main executable file) starts to be detected / automatically removed by some Antimalware Vendors:

  • Windows Defender – Misleading:Win32:Lodi (32-bit and 64-bit)
  • ESET-NOD32 – A Variant Of Win32/ExtermIt.A Potentially Unw… (32-bit and 64-bit)
  • Palo Alto Networks – Generic.ml (32-bit only)

We assure you that this is false positive detection and we have notified all the vendors above of the false positive detections and requested detection removal.

Please note that right now there are 2 different versions of Exterminate It! executable 32-bit and 64-bit depending on your operating system version. The current false positive detection state of Exterminate It! versions on virustotal.com website can be found: here 32-bit executable detection and here 64-bit executable detection.

Reasons for Detection

We have experienced such issues in the past and it’s resolution and they were related to the AppEsteem Corporation Rules which specifies the Deceptor Requirements. Some Antimalware vendors use those rules blindly for detections.

This time cause of calling Exterminate It! as deceptor app is newly introduced ACR-004 rule.
ACR-004:The app does not provide free fixes for any free scans that can’t be fixed permanent.”

The issue is related with Cookies removal which is more “delete the traces” than “permanent fix” procedure.
The description of ACR-004 you could find by using this link on AppEsteem website .

Once again – AppEsteem detection has hit Exterminate It! reputation and results in losses, without any prior warning before re-listing the Exterminate It!, with more than 10 years history as “Deceptor.” on their website.

To solve the problem with the above-mentioned detection, we will modify Exterminate It! Antimalware that no scanning results will be provided when Application is running in the “non-activated” mode.

Restore Exterminate It! Executable:

As whitelisting those detections may take some time, to continue using Exterminate It! on your PC along with the enlisted Security Products, please follow this temporary workaround:

Restore the removed Exterminate It! executable file (ExterminateIt.exe) installed by default at:

  • (32 bit system) – C:\Program Files (x86)\Exterminate It!
  • (64 bit system) – C:\Program Files\Exterminate It!
    using the Undo / Quarantine / etc. functionality depending on the product:

  • Windows Defender:
    • Double click on Shield icon located in the system tray
    • Click on Virus and Threat Protection
    • Click on Scan History
    • Click on Misleading:Win32/Lodi items
    • Click on Restore button for every Misleading:Win32/Lodi item detected
  • ESET-NOD32:

Download Exterminate It! Installation bypassing the Microsoft Smart Filter:

Exterminate It! Download is blocked by Microsoft Smart Screen Filter when you downloading it with Microsoft Edge browser.

To install Exterminate It! despite this blocking try to download Exterminate It! using another browser.
Otherwise do the following:

  1. Download Exterminate It! using this link: https://downloads.exterminate-it.com/install/ExterminateItSetup.exe
  2. You are getting popup “ExterminateItSetup.exe is unsafe to download and was blocked by Windows Defender SmartScreen”.
  3. Click on View downloads button
  4. In the Current Downloads part of the list Right Click on ExterminateItSetup.exe list item and choose Download unsafe file.
  5. File will appear in the Past Downloads part of the list. Right click on it and choose the Run Anyway.

Afterwards you should be able to install Exterminate It! on your PC.

We will keep you informed about further detection changes in our Blog

Dear Exterminate It! Customers,

we would like to thank you for your patience and your trust! and share some good news with you:

  • Exterminate It! Antimalware has successfully passed AppEsteem’s re-evaluation process.
  • Almost all false positive detections of Exterminate It! by third-party Antivirus / Antimalware products were resolved.

Right now there are two false positive detections left. We contacted the appropriate companies – resolution is in progress.

Check this link for further information: virustotal.com.

We are proud to present our new version of Exterminate It! with the following improvements:

  1. Exterminate It! has 32-bit and 64-bit versions now which are packed into the same installation. Thus the efficiency of scanning on 64-bit Windows got better and on 32-bit systems got faster.
  2. Exterminate It! fully supports Unicode.
  3. Update speed was increased dramatically.
  4. Several minor bugs were fixed.

We recommend to all our Customers who runs 32-bit Exterminate It! on 64-bit Windows to re-download / re-install Exterminate It! using the following link:

https://www.exterminate-it.com/download/ExterminateItSetup.exe

Please note that new version should be activated automatically after re-installation.
If you experience any issues with the new version please contact our support:

https://www.exterminate-it.com/support

We look forward to serving you better!

Dear Exterminate It! Customers,

As some of you might already know starting from the beginning of February Exterminate It! has been erroneously detected as Potentially Unwanted Software (PUP) by the following Security Products:

  • Windows Defender – Misleading:Win32:Lodi
  • Webroot – removed Exterminate It! from detection after contacting their support
  • Avira – PUA/Exterminate.EL.2
  • ESET-NOD32 – Win32/UwS.ExtermIt.A
  • K7AntiVirus – Riskware ( dec001281 )
  • K7GW – Riskware ( dec001281 )
  • Panda – PUP/ExterminateIt
  • Sophos AV – Troj/Decept-IX

We have notified all the vendors above of the false positive detections and requested detection removal.

The current false positive detection state of Exterminate It! can be found on virustotal.com.

Reasons for Detection

We sent the requests asking about the reason Exterminate It! was detected as PUP and two vendors provided the accurate information (we are grateful to Webroot and ESET for their detailed answers).

Apparently, Exterminate It! is detected as PUP because of the counter we provide at the end of the scan.
On the summary dialog we display number of detected threats including cookies. According to one of the responses our application is listed in the application blacklist called “Deceptors” provided by AppEsteem.

This is the violation title: “ACR-003:The app lists tracking cookies as “threats.” This misleads consumers and can scare them into purchasing the app to remove these items.”

We appreciate AppEsteem’s evaluation, but it would be nice if in the future they send us the warning before listing the Exterminate It!, which has been present on the antimalware market for more than ten years, as “Deceptor.”

To solve the problem with the erroneous detections, we will provide two separate counters for cookies and threats in the next version of Exterminate It!. We have also considered the suggestions they’ve provided and implemented the 30 days refund policy.

Restore Exterminate It! Antimalware on PC

As whitelisting those detections may take some time, to continue using Exterminate It! on your PC along with the enlisted Security Products, please follow this temporary workaround:

Restore the removed Exterminate It! executable file (ExterminateIt.exe) installed by default at: C:\Program Files (x86)\Exterminate It! using the Undo / Quarantine / etc. functionality depending on the product:

  • Windows Defender:
    • Double click on Shield icon located in the system tray
    • Click on Virus and Threat Protection
    • Click on Scan History
    • Click on Misleading:Win32/Lodi items
    • Click on Restore button for every Misleading:Win32/Lodi item detected
  • Avira:
    • Open the Avira Control Center program
    • Choose the ‘Administration’ option and then click the ‘Quarantine’ to access the Quarantine management panel
    • Roll out the list of quarantined items and click on the PUA/Exterminate.EL.2 items
    • Click ‘Restore’ button
  • ESET-NOD32:
  • Panda:
    • Click on Antivirus and then the View details link in the Quarantine section
    • In the Window displayed – select all PUP/ExterminateIt related entries and click on Restore button
  • Webroot:
    • Update the software to the most recent version. To restore the Exterminate It! executable file check the items below.
    • Open on the cog icon next to PC Security
    • Click the Quarantine tab
    • Click the check box next to the filename, then click Restore
    • To apply this change, please run another scan of your computer

Dear Customers,

Today we switched the Exterminate It! Installation to the new Code Signing Certificate.

Please note that during first time Exterminate It! installation downloading and running you might encounter the Microsoft Smart Screen popups regarding “Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.”.

When you click at More Info link located at this warning you should see that Exterminate It! Installation is signed with Curiolab S.M.B.A. company signature.

Please ignore this warning for Exterminate It! Setup Executable and do the following:

1. Press More Info link on first Smart Screen Warning
2. Press Run Anyway on second Smart Screen Warning

This warning will disappear after some time.
We appreciate your patience.