Rogue remover

A new tool available from Rubber Ducky here http://www.malwarebytes.org/rogueremover.php

A sample of the targets

Ads Alert, Adware Bazooka, Adware Filter, Adware Punisher, AdwareDelete, AdwarePatrol, AdwareRemover, AdwareSheriff, AdwareSpy, AlertSpy, AlfaCleaner, Anti Virus Pro, AntiSpyware Soldier, AntiVermins, AntiVirus Golden, BraveSentry, CleanX, Doctor Adware, Doctor Adware Pro, Easy Spyware Killer, ETD Security Scanner, HitVirus, KillAndClean, KillSpy, PAL Spyware Remover, PestBot, PestCapture, PestTrap, RazeSpyware, RebrandSoft AdwareSpyware Remover, Remedy AntiSpy, Spy Defence, Spy iBlock, Spy-Kill, SpyAxe, SpyCut, SpyDeface, SpyDestroy Pro, SpyFalcon, SpyHeal, Spyinator, SpyLax, SpyNoMore, SpySheriff, SpyTrooper, Spyware Disinfector, Spyware Quake, Spyware Remover (SpyAdvanced), Spyware Stormer, SpywareBot, SpywareCleaner, SpywareStrike, SpywareThis, SystemDoctor 2006, The Spy Guard, TitanShield AntiSpyware, Ultimate Defender, VirusBlast, VirusBurst, WinAntiSpyware 2006, WinAntiVirus 2006

Full list here http://www.malwarebytes.org/rogueremover_history.php

The author also produced Qoofix, Aboutbuster and E2takeout

Hi essexboy,

I don’t know if you uploaded the program file to virustotal or jotti for analysis, because the DrWeb pre-link scanner comes up with this:

2006-11-29 21:13:06 MSK  	

Download News Support

File size: 349.8K

download.php?id=1 - archive ZIP

download.php?id=1/COMCTL32.OCX - OK
download.php?id=1/RogueRemover.dll - OK
In file >download.php?id=1/RogueRemover.exe probably found virus BACKDOOR.Trojan

I want to know it is a 100% clear download to run it on my machine. Can you clarify,

Damian

If you can’t trust Malwarebytes who can you trust. There is another link at MajorGeeks http://www.majorgeeks.com/RogueRemover_d5360.html

Yep it is good I have run on my system Damian and spoken to the Author

Funny thing essexboy, because the second link is not flagged by DrWeb’s, so that must mean that it is with the download site or in what comes additional with that proggie. Tell them about my findings, and do not advise the first download link. The program may be super but the download may be corrupted. DrWeb’s do not lie, and it cannot be a FP in this case.

the old pol

Results of the unzipped executable downloaded from the author’s site:


http://img147.imageshack.us/img147/3746/rogueremover1yv6.png


http://img243.imageshack.us/img243/949/rogueremoverph6.png

I think its a false positive Damian. I also scanned with AdAware, Super AntiSpyware, and Spyware Terminator and nothing was found.