Exterminate It! Antimalware

blog

Known threats:700,086 Last Update:March 16, 12:51

Testimonials

Exterminate It is just a superior product. I was having all kinds of problems with Zlob.Fam, MyWebSearch and TrojanSpy.Win32.DKS. Even Norton could not get rid of them. I tried all knids of ways to get rid of them and nothing worked. This save me so much time and as well as reformatting and recovering my PC.
Thank you so much and I will reccommend your product to all of friends.

Mark K.

I consider myself pretty good with a computer, but after 10 hours of trying to do this myself, the sysguard.exe whipped me. I couldn't find all the files and when I thought I had them all, they would replicate and play hide and go seek I have never endorsed a product in a comment, but if you want to rid yourself of this stuff, pay the $24.99 and download Exterminate-It It fixed my system in 5 minutes!

Mike T.

Just want to say that apparently your Exterminate It has worked like a charm. I was infected with a most troublesome Malware Trojan that kept replicating every time McAfee found, blocked and removed it... most annoying for several days... until Mr. Google led me to your door. What a God send!

With thanks,

Tom S.

Exterminate It! Blog

A rootkit is a program or a set of programs designed to provide priveleged access to the computer system and, at the same time, to hide itself or it’s associated files from detection.

Historically, root kit tools appeared on Unix-like operating systems as programs that provided intruder with most privileged (root) access to the system. Today, rootkits exist for all most popular operating systems from Windows to Linux. Windows rootkits allow the attacker to gain most privileged access to the system.

Rootkits can be divided on kernel-mode and user-mode:

  1. Kernel-mode rootkits replace or modify parts of the operating system or add code to the operating system. Usually, rootkits of that type are implemented as device drivers (Windows) or loadable kernel modules (Linux). Kernel-level rootkits obtain unrestricted access to all system resources and, as a matter of fact, became a part of an operating system. That is why kernel-mode rootkits are invisible for most anti-spyware and anti-virus applications. This is most dangerous and hard to remove type of rootkits. When you are trying to remove kernel-mode rootkits, you need to operate at the lowest system level. This should be done very carefully, because every wrong action can lead to system crash. Exterminate It! successfully works on this level.
  2. User-mode rootkits intercept and replace system calls in order to protect themselves from detection and hide information about intruder. Such rootkits are implemented as dynamic link libraries (DLLs) on Windows operating system.
    User-mode rootkit hooking can be performed in different ways:
    • DLLs (libraries with executable code) can be loaded to different processes and could act on their behalf.
    • File / process patching can be used on disk or directly in memory.

Such rootkits could change behavior of regular applications.

Rootkits differ from other malicious software in their function. The main function of the rootkit is to maintain control over the infected computer system, hide itself and associated malware files and to provide access for the intruder.

Rootkit do not infect other programs like virus and it do not spread over the local network like worm. It hides from detecting software and keeps “doors open” for a malefactor, who can use infected system for malicious actions such as sending SPAM, DDoS attacks, information stealing, etc. However, a worm spreading over local area network or trojan disguised as legitimate software, may install rootkit on infected computer. Most recent infection sometimes are using combined approach when trojan installs the rootkit and afterward rootkit protects other trojans installed from the Internet.

Technically rootkit software is very complex. It can be developed only by highly qualified specialists, because a bug in such software (especially kernel-mode rootkits) may cause total system crash and make crashed system useless for malefactor’s needs. Also rootkit should effectively resist modern anti-malware scanners.

Due to their nature, rootkits are very hard to detect and even harder to remove. Re-installation of operating system only may help in some complex cases. But all is not so bad. Fortunately, some anti-malware applications already implemented anti-rootkit functionality and Exterminate It! is one of them.

Exterminate It! provides rootkit unhooking, direct disk scanning and removal techniques which are working in most cases. Also custom solutions can be provided in case of difficult rootkit infections. So you won’t be left alone in face of rootkit infection.

Note that this functionality is in beta now, but you already can turn it on on Exterminate It! Options page. Anti-rootkit functionality is available in activated Exterminate It! copies only.

Activation system is improved in this release. Deactivation issues caused by enabling / disabling network devices were fixed.

Antirootkit functionality is still under development, but new Beta version is already available in Exterminate It! and can be used in activated copies. Rootkit unhooking and hidden files search features were improved.

Several stability issues were fixed

What’s new:

  • Files Removal Functionality – implemented rootkit-proof file removal;
  • Direct Disk Scan for Rootkit Hidden Files functionality (beta);
  • Added detailed Rootkit Driver Options;
  • Added automatic missed OS version info uploading in order to improve Rootkit Unhooking functionality;
  • Kernel Files Database Updated;
  • Minor User Interface bug-fix and various UI improvements.

Right now we are working on improving our activation system to prevent software de-activation.

Also we are working on improving our own Antirootkit functionality. First parts includes:

  • hidden files scan
  • rootkit unhooking functionality

The problem of malicious software (or just spyware) is very important today for each computer user regardless of technical skills level. Computer of a novice can be infected as well as computer of an advanced user. Malicious software technologies are constantly developing. No one can be protected with certainty.

Anti-spyware (or anti-malware) programs can help to remove known infection, but even the best of them are useless if infection is new or use system vulnerability, which was not known earlier. What if your preferable anti-spyware tool detects nothing, but you see constantly displaying advertisement pop-ups, or your computer become very slow, or you see unknown processes in the tasks list, or unknown toolbar appeared in your web browser? Most likely you will try other anti-spyware programs. If that will not help, you will post you problem to various security- and spyware- related forums. You will post system scans created by some third-party tools and wait. Because you have one choice only: to wait until some anti-spyware software developers will notice your posts, analyze your scans, and create update for their anti-spyware tool. The process may take from some days to some weeks.

Exterminate It! anti-spyware tool uses own unique approach that enables quick removal of an infection even if it was not known earlier. Submit State feature is specially implemented to solve various complex problems like unknown spyware infections. What you only need to do is to press the “Submit State” button. Exterminate It! will display text box where you can type description of your problem and any symptoms that you have noticed. After that you need to press “Submit” button. Exterminate It! will scan your system, create Submit State log1, and send it to server. Exterminate It! development team will review obtained data in 24 hour and prepare fix that will be available through Update feature. So the process is quite fast, automatic, and does not require special knowledge.

Submit State feature even more powerful. You can use it even if malicious program blocks any access to the Internet. You need to create Submit State log file2 as described above, copy it to some removable storage device, and submit through the http://www.exterminate-it.com/offline-submitstate page from any computer that is connected to the Internet.

So, as you can see, Exterminate It! anti-spyware tool provides simple in use, but powerful feature, which allows to remove quickly even most complex infections.

1 Submit State log file does not include any personal information.

2 Submit State log file (sstate.log) is located in the Exterminate It! application folder.

A new version of our state-of-the-art Exterminate It! antimalware has been released.

Exterminate It! can fight efficiently against wide range of known malware threats such as trojans, rootkits, worms, etc..

We have implemented new activation system among other improvements. Some of our customers experienced difficulties with activation of Exterminate It! software.

As a matter of fact, these difficulties were caused by incorrect implementation of service functions in the drivers of some HDD (Hard Disk Drive) and RAID manufacturers. These problems lead to Exterminate It! deactivation after system restart.

So, we developed new improved activation technology, which spares our customers possible inconveniences with activation.

We constantly work to improve Exterminate It! antimalware tool and doing our best to serve the needs of our customers.