Giveaway of the Day Forums » Tag: spyware

Giveaway of the Day Forums » Tag: spyware - Recent Posts http://www.giveawayoftheday.com/forums/tags/spyware Giveaway of the Day Forums » Tag: spyware - Recent Posts en-US Sun, 12 Feb 2012 14:14:25 +0000 http://bbpress.org/?v=1.0.2 Serina on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/10#post-99119 Fri, 03 Feb 2012 19:10:14 +0000 Serina 99119@http://www.giveawayoftheday.com/forums/ Thanks! jcollake on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/10#post-95571 Tue, 27 Sep 2011 21:49:43 +0000 jcollake 95571@http://www.giveawayoftheday.com/forums/ Please see the new project intended to fix and PREVENT false positive and mis-rated sites through TRANSPARENCY and ACCOUNTABILITY. By submitting reports to a CENTRAL location, security vendors can find them easily, communicate with affected parties, and USERS can see which security vendors are trying to AVOID COLLATERAL DAMAGE. Remember, once a false positive or mis-rating happens, the damage is already done. So, in addition to fixing them rapidly, security vendors must be interested in working to AVOID them. Some are, some aren't. This non-profit, all volunteer site will help show which security vendors care the most. Please see: <a href="http://falsepositivereport.com" rel="nofollow">http://falsepositivereport.com</a> hotdoge3 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/10#post-95044 Tue, 13 Sep 2011 00:39:50 +0000 hotdoge3 95044@http://www.giveawayoftheday.com/forums/ Try and see if bad or not ? you not say the name of the file exe dll so on may help ? <a href="http://www.virustotal.com/" rel="nofollow">http://www.virustotal.com/</a> <a href="http://virusscan.jotti.org/en-gb" rel="nofollow">http://virusscan.jotti.org/en-gb</a> scan on line and see if it virus or not no driver on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/10#post-95033 Mon, 12 Sep 2011 19:48:38 +0000 no driver 95033@http://www.giveawayoftheday.com/forums/ On August 18th I downloaded the PDF to Excel Converter and when I started installing it Symantec Endpoint Protection immediately tagged the setup.exe from the pdftoexcelconverter.zip file as infected with Bloodhound.Sonar.9. The file was quarantined and I figured it had probably been intercepted. I haven't ever used the software that I downloaded, and forgot about it. The last two weeks I have gotten a daily alert that another file on my computer, which is part of a service from our IT department, is also infected. Can anyone look into this for me? I still have the original zip file that I downloaded and can provide it if anyone wants or needs verification that it contains a virus. hotdoge3 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/10#post-92618 Sun, 03 Jul 2011 02:46:32 +0000 hotdoge3 92618@http://www.giveawayoftheday.com/forums/ <a href="http://www.virustotal.com/" rel="nofollow">http://www.virustotal.com/</a> <a href="http://virusscan.jotti.org/en-gb" rel="nofollow">http://virusscan.jotti.org/en-gb</a> scan on line and see if it virus or not luca23 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-92541 Fri, 01 Jul 2011 12:26:36 +0000 luca23 92541@http://www.giveawayoftheday.com/forums/ Ho appena installato "Immagine Downloader" ed è stato consigliato dal mio AVG is 9.0 che conteneva un malware. uso windows 7 sp1. l'antivirus è aggiornato,l'ultimo aggiornamento è stato fatto oggi,il 17\2011 Luckyman on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-92538 Fri, 01 Jul 2011 11:10:08 +0000 Luckyman 92538@http://www.giveawayoftheday.com/forums/ Hi, I just installed "Picture Downloader" and was advised by my AVG Anti-Virus Free software that it contained a trojan horse. 1) I use AVG Anti-Virus Free 9.0.901 with virus database 271.1.1/3737 2) PD.exe contained a Trojan horse called SHeur3.CHKN 3) I'm running Windows Vista SP2 My scanner signature/database is up to date and current. kenojunk on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-91297 Fri, 27 May 2011 08:07:34 +0000 kenojunk 91297@http://www.giveawayoftheday.com/forums/ I have the very same Malware message as Samizdat, except with Google Chrome right after downloading Photostitcher, and it ultimately prevented me from accessing internet with ANY browser. Turned out I had a nasty virus in OS that required reimage. hotdoge3 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-91245 Wed, 25 May 2011 08:59:58 +0000 hotdoge3 91245@http://www.giveawayoftheday.com/forums/ noscript, you don't need flashblock as noscript will stop flash as for uninstall firefox with revo uninstaller, I don't like as no need and you can refit firefox and it will pick up all the old ad-ons if you think ad-ons are bad you can click Help Restart with Add-ons Disabled test and add one at a time to find the bad one Vany@ on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-91187 Mon, 23 May 2011 14:34:38 +0000 Vany@ 91187@http://www.giveawayoftheday.com/forums/ hi AP. maybe i'm of some help. excuse me if i post something that has already been posted by someone. first of all. check if you has a multiple AV/antispyware with resident shield enabled. if you have it disable ALL (SO WE CAN VIEW if it's their fault) i've read you has AVG 2011. it has done the same thing to me. check the quarantine and disable the check of the web temporarily. the try again. if it's fault of avg who checks and quarantine the files probably you pc has been infected by some malware who infect all the files you download (and so you avg quarantine it) check even your zero day protection sw (generally it acts in background) particularly if you use threathfire (very good but invasive) however i don't think is this the reason. yeah. all this was a preliminary check to exlude the most common reason and establish you pc is sane (check also with malwarebytes, spyware doctor and super antispyware in a row). i think indeed you use firefox with a lot of security extension malconfigured. for example noscript, adkiller, flashblock, flasblock, betterprivacy and ghostery all this very useful extension are designed to "monitor and eventually block java content in some way. you see ... the download is performed by a script and so if you has malconfigured your extension these can conflict each other. try disabling ALL reboot your firefox (or chrome) and try to download again. it can be also a fault in the updating of your firefox. i love firefox is my favourite browser but he can be erratic in his update process. ultimately if all fails try to uninstall firefox with revo uninstaller (which removes all trace of the sw with the last option) and reinstall firefox. then try to download if all is fine was a updating error. now reinstall your extension and configure them one by one trying if there is a download issue. hoping to help. hotdoge3 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-91167 Mon, 23 May 2011 04:40:34 +0000 hotdoge3 91167@http://www.giveawayoftheday.com/forums/ update now look's like false positives. may be in a few days all good with a update <a href="http://www.virustotal.com/file-scan/report.html?id=28c3e2aa9c5e67cf6f41e00eee10e7f5b588964fbb24485ce9a6c5ceca5a579e-1306014612" rel="nofollow">http://www.virustotal.com/file-scan/report.html?id=28c3e2aa9c5e67cf6f41e00eee10e7f5b588964fbb24485ce9a6c5ceca5a579e-1306014612</a> File name:ASTROAVENGER.EXE Submission date:2011-05-21 21:50:12 (UTC) Result:2 /42 (4.8%) ClamAV and Ikarus are not good. graylox on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-91141 Sat, 21 May 2011 19:54:20 +0000 graylox 91141@http://www.giveawayoftheday.com/forums/ Well NoVirus has only 6 test tools yet. I have tested with VirusTotal and got 3 red out of 43. <a href="http://www.virustotal.com/file-scan/report.html?id=28c3e2aa9c5e67cf6f41e00eee10e7f5b588964fbb24485ce9a6c5ceca5a579e-1305967450" rel="nofollow">http://www.virustotal.com/file-scan/report.html?id=28c3e2aa9c5e67cf6f41e00eee10e7f5b588964fbb24485ce9a6c5ceca5a579e-1305967450</a> And this is the report of Jotti's Malwarescan. <a href="http://virusscan.jotti.org/en/scanresult/b14b37d74fdfbc33344223923f9616cf3cad081e" rel="nofollow">http://virusscan.jotti.org/en/scanresult/b14b37d74fdfbc33344223923f9616cf3cad081e</a> You can be sure, that these three are false positives. GOTD always scans the packages their give away - otherwise it would be a bad reputation. Please read the FAQ: <a href="http://www.giveawayoftheday.com/faq/">Viruses detection</a> graylox mark94 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-91140 Sat, 21 May 2011 15:57:04 +0000 mark94 91140@http://www.giveawayoftheday.com/forums/ Hi, sorry for my bad english (I'm german^^). Today I've downloaded "Astro Avenger" and my virus scanner told me that "AstroAvenger.exe" is spyware. I'm using "Ashampoo Anti-Malware". Further informations: System: Win7 64bit File Info Report date: 2011-05-21 17:44:41 (GMT 1) File name: astroavenger-exe File size: 1785856 bytes MD5 Hash: 590dbdb889fb347a71372f70f75e570f SHA1 Hash: 4e69d6b78858a3e81a3db4d56722b1e75e215713 Detection rate: 2 on 6 (33%) Status: INFECTED Detections AVG - [/color] Avira AntiVir - [color=red] ClamAV - [/color] Emsisoft - [color=red]Trojan.Win32.Buzus!IK TrendMicro - [/color] Zoner - [color=red]Trojan.Ardamax.JLF Scan report generated by <a href="http://novirusthanks.org">NoVirusThanks.org</a> Yours Sincerely Mark hotdoge3 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-91095 Thu, 19 May 2011 23:16:13 +0000 hotdoge3 91095@http://www.giveawayoftheday.com/forums/ had Malwarebytes said bad Adware on my Antivirus so I said fix it and it take off the ad for %30 off Price to buy may be some ad's not so bad ? samizdat on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90990 Mon, 16 May 2011 09:24:00 +0000 samizdat 90990@http://www.giveawayoftheday.com/forums/ Like I said, I hope GOTD would contact fireheart and maybe even scan it with Malwarebytes' Anti-Malware first. It's Fireheart that ultimately should contact Malwarebytes who pride themselves in finding malware that other programs don't find. I have the #1 AV as rated by AV-Comparatives.org (F-Secure) and it didn't find anything. It's funny how people give positive reviews of anti-malware products as 'It found malware that other programs didn't!' yet when one of the top #2 'second line of defense' anti-malware products finds something, it's discarded because other programs didn't find anything. Like I stated earlier, adware doesn't scare me and I left it on my computer. My wife loves it and uses it at start-up on hers, but I think GOTD should notify Fireheart that a leading anti-malware program is reporting a product they distributed as malicious. That's not asking too much. I could understand blowing this off if some unknown program found it but this is a respected product. It's in both companies best interest that they communicate about this. A lot of people would have just let malwarebytes remove the program and left a nasty revie of GOTD at WOT. This was just a friendly FYI that I thought would be appreciated and handled swiftly. I guess I will email Fireheart. Sigh :-) PS - I noticed the 01-11-2011 giveaway, Inpaint's registration has already expired. I wonder where I post that info. It will clean up pics but when you try to save it it tell you to purchase it now. Shame...I liked that program. graylox on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90964 Sun, 15 May 2011 02:31:18 +0000 graylox 90964@http://www.giveawayoftheday.com/forums/ Hotdoge I don't know what scan you have posted - the link is broken, therefore I deleted it. This is the scan of fireheart.exe by VirusTotal: <a href="http://www.virustotal.com/file-scan/report.html?id=3b24ab1c90364d1a2f20ef3bbccfac2415f6710e4c61cd2c0333c6eae224cae0-1305087721">fireheart.exe</a> <blockquote>File name: fireheart.exe Submission date: 2011-05-11 04:22:01 (UTC) Current status: finished Result: 0 /42 (0.0%)</blockquote> And this is the scan on the NoVirusThanks site UrlVoid: <a href="http://vscan.novirusthanks.org/analysis/d2c8013aef802756c6d01291de827868/ZmlyZWhlYXJ0LWV4ZQ==/">fireheart-exe</a> <blockquote>File Info Report date: 2011-05-15 04:41:56 (GMT 1) File name: fireheart-exe File size: 2316800 bytes MD5 Hash: d2c8013aef802756c6d01291de827868 SHA1 Hash: 2bf8050d10a0d6178dd54d3d5edfef31c767071d Detection rate: 0 on 6 (0%) Status: CLEAN Detections AVG - [/color] Avira AntiVir - [color=red] ClamAV - [/color] Emsisoft - [color=red] TrendMicro - [/color] Zoner - [color=red] Scan report generated by <a href="http://novirusthanks.org">NoVirusThanks.org</a></blockquote> graylox graylox on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90869 Wed, 11 May 2011 05:04:03 +0000 graylox 90869@http://www.giveawayoftheday.com/forums/ @ samizdat We didn't get any other report about this issue. GOTD scans all their zip files before they release them. I too have installed this programme and scanned with several AV & AntiMalware tools and didn't find anything. It is most likely a false positive, you should report it to Malwarebytes' Anti-Malware as it is related to your system and you have the log file. graylox samizdat on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90868 Wed, 11 May 2011 04:43:51 +0000 samizdat 90868@http://www.giveawayoftheday.com/forums/ hotdoge3, VirusTotal doesn't find anything but those programs are looking for viruses. Yes, some find adware but Malwarebytes' Anti-Malware, Ad-Aware, SuperAntiSpyware, etc. are different from anti-viruses in their approach to finding malware and adware. This may be a false positive but I thought I would bring it to the attention of giveawayoftheday.com since they distributed the software and Malwarebytes' Anti-Malware is one of the top three 2nd line of defense in malware and adware. As for symptoms on my computer? I just use Firefox with several ad-ons to block ads and pop-ups. I haven't seen an internet ad or pop-up in a long time, so, even if I was infected, I wouldn't see any symptoms. The best thing to do would be for GOTD to contact the software company, notify them of the detection and if it's a false positive, Malwarebytes' Anti-Malware will correct this. Adware doesn't scare me so I left it on my system but hopefully, in a week, my scan results will be different. hotdoge3 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90865 Wed, 11 May 2011 00:34:17 +0000 hotdoge3 90865@http://www.giveawayoftheday.com/forums/ That Found Malware ? Looks like Adware to me not that bad PC do you get Adware pop-ups ? try as scan with, <a href="http://www.virustotal.com/" rel="nofollow">http://www.virustotal.com/</a> or <a href="http://virusscan.jotti.org" rel="nofollow">http://virusscan.jotti.org</a> samizdat on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90837 Tue, 10 May 2011 10:59:19 +0000 samizdat 90837@http://www.giveawayoftheday.com/forums/ Subject: Fire Heart Desktop Gadget Giveaway Date: 05-01-11 OS: Windows 7 x64 Program That Found Malware: Malwarebytes' Anti-Malware (Using Full Scan) Results: Adaware.Dropper <img src="http://www.picdepict.com/images/34084395324608086629.png"> notblocklox on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90759 Sun, 08 May 2011 13:42:13 +0000 notblocklox 90759@http://www.giveawayoftheday.com/forums/ Hi kenojunk, welcome to the forums. You can be assured, that you didn't get the malware with the giveaway package. Before the giveaways go online they are all scanned thoroughly. Otherwise no customer would come back. There have been accusations several times - but in all the years I never saw a real virus. They were all false positives or the users got it on other sites. As you said, it can have been sleeping in your system since some time. Good luck finding it. graylox kenojunk on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90755 Sun, 08 May 2011 13:32:17 +0000 kenojunk 90755@http://www.giveawayoftheday.com/forums/ Has anyone experienced any virus/trojan issues with an GOTD programs lately? Last thing I downloaded was the PhotoStitcher on 5/2/11, and after that I got hit something that invaded my entire OS. It looked like a virus alert & kept me from even using any browsers. Had to reimage my hard drive even after trying to clean it up. I don't download much & am very careful about what I do download or click on. I realize it could have been attached to something else for a period of time before activating. Just investigating to figure out where it came from... hotdoge3 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90728 Sat, 07 May 2011 06:13:47 +0000 hotdoge3 90728@http://www.giveawayoftheday.com/forums/ not fix only update & update next windows 8 come & it not be fix as well <a href="http://www.microsoft.com/technet/security/bulletin/MS11-029.mspx?pubDate=2011-04-12" rel="nofollow">http://www.microsoft.com/technet/security/bulletin/MS11-029.mspx?pubDate=2011-04-12</a> Microsoft Security Bulletin MS11-029 - Critical Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) Published: April 12, 2011 and good luck with finding the file to download all you get it will up date with luck on my PC Agent Ransack find PS NEW Setup 12 February 2011 and all auto updates XPsp3 fist .NET Framework 1.1 & 2 a no to 3 , 3.5 & 4 not like. C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\gdiplus.dll 1,606.00 KB 20/03/2009 10:10:46 a.m.(ver 5.1.3102.1360) 5.1.3102.1360 (xpsp2.040109-1800) gdiplus (Free ashampoo WinOptimizer 6 Timestamp Friday, 20 March 2009 ashampoo GmbH & Co. KG) C:\WINDOWS\system32\gdiplus.dll 1,667.00 KB 25/07/2010 9:23:22 p.m. C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\GdiPlus.dll 1,661.00 KB 28/08/2010 8:35:48 p.m. C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll 1,684.00 KB 28/08/2010 8:35:54 p.m. C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll 1,708.00 KB 14/08/2009 1:55:04 a.m. C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll 1,708.00 KB 23/10/2010 12:51:27 p.m. Fredward on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/9#post-90131 Sat, 16 Apr 2011 09:11:10 +0000 Fredward 90131@http://www.giveawayoftheday.com/forums/ DANGER: GDI+/JPEG Vulnerability - Yes, Again in 2011 (Here's the utter joke) Microsoft Security Bulletin MS04-028 Issued: September 14, 2004 Updated: December 14, 2004 Version: 3.0 (/end joke) Today is Saturday, April 16th, 2011 and yes I am referencing a document from BACK IN 2004 ! I'm going to bet everyone reading this on the forum (bar the few who still have gdiscan.exe from SANS), has this Vulnerability again, Yes I said Again. Even though you patched up on patch Tuesday several years ago, the chances are pretty high you have this same vulnerability again, and it's again a ticking time bomb. And the sad part is there's no simple patch then, today, nor into the future. Just a scan from my own system, and I came up with these. C:\Program Files\Alchemy Mindworks\Pagan Daybook 3\GDIPLUS.dll Version: 5.1.3097.0 <-- Vulnerable version C:\Program Files\CS Odessa\ConceptDraw 7 Professional\gdiplus.dll Version: 5.1.3079.3 <-- Vulnerable version C:\Program Files\Daniusoft\Video Converter\gdiplus.dll Version: 5.1.3097.0 <-- Vulnerable version C:\Program Files\iSkysoft\FLV Converter\gdiplus.dll Version: 5.1.3097.0 <-- Vulnerable version C:\Program Files\Maizesoft\Maize Studio\gdiplus.dll Version: 5.1.3097.0 <-- Vulnerable version C:\Program Files\Pinnacle\VideoSpin\Programs\gdiplus.dll Version: 5.1.3097.0 <-- Vulnerable version C:\Program Files\Power CD DVD Recovery\GdiPlus.dll Version: 5.1.3101.0 <-- Vulnerable version C:\Program Files\TVUPlayer\GDIPLUS.DLL Version: 6.0.3260.0 <-- Vulnerable version As you can see some of these came from right here on GOTD / GGOTD While, nothing sinister there, what is sinister is some of these are media related, and could have zapped me. I have some opinion, then I will give the fix -- for now, I say for now, because who knows what happens EVERY TIME YOU INSTALL SOMETHING I GUESS WE NEED TO RESCAN?! I post here in hopes that the software developers can be forced to get the message. And at the same time it's not an excuse to upgrade to a new version. Each of these developers ought to provide a fix, without an upgrade! This is important, as it should not be allowed to punish the users (with an upgraded, and now non-functional de-registered vaporware trial) because of their own sloppy mistakes and work! The second thing here is the Microsoft end of the deal beginning with their lame excuse for a fix. <a href="http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx" rel="nofollow">http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx</a> Frankly at this point I would not even go to Microsoft for the fix, because god only knows what you might do to your system. Yet, We need to go there for the fix. Yeah psyop mind game I hear ya, that's what I call it too.. What We need from Microsoft is the file gdiplus.dll that's it. Go Get it. Extract it, get that file gdiplus.dll your going to copy it to each place the scanner found. <a href="http://www.microsoft.com/downloads/en/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A&displaylang=en&pf=true" rel="nofollow">http://www.microsoft.com/downloads/en/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A&displaylang=en&pf=true</a> Then there's the SANS Scanner. Wonderful they pumped the tool out during all the confusion back in the day. But then for some unknown reason for a few years, it was unavailable. I mean literally a 404 error. Then suddenly today in 2011 I noticed it's back again from the twilight zone. <a href="http://isc.sans.edu/tools/gdiscan.html" rel="nofollow">http://isc.sans.edu/tools/gdiscan.html</a> You want to download the GUI cause it will just make things simpler. Okay, you have your scanner, you have the file to fix the files scanned. You run your scanner, you rename the existing files to something else gdiplus.dll to gdiplus.dll.JUNK Pick your own named system, I don't care, delete them if you want. If you backup, then you can rollback if need be, but I don't have a need personally, so I would just delete for security sake. Then copy the new gdiplus.dll to the same directory. Rescan, Rinse, Repeat until the errors are gone. I'm sure I'm missing something, and so you are welcome to fill in the blanks. It really is lame that I have to even take the time to bring this to people's attention, but what can I say, I just found it, what am I to do, be quiet about it, watch as my friends get zapped by it? If this thing doesn't work in your Windows 7, I don't know what to tell you to do, try setting the compatibility mode to XP, or else upgrade to WIN XP SP3 (Yeah, I am being very sarcastic.) URL / TOOLS / RECAP ------------------- Well laid out fix Info. Helps to understand what's happening. <a href="http://www.lafn.org/webconnect/mentor/GdiJpegVulnerability/index.html" rel="nofollow">http://www.lafn.org/webconnect/mentor/GdiJpegVulnerability/index.html</a> GDI Scan (tool) from SANS <a href="http://isc.sans.edu/tools/gdiscan.html" rel="nofollow">http://isc.sans.edu/tools/gdiscan.html</a> Microsoft Security Bulletin MS04-028 Horribly laid out info, adds confusion. <a href="http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx" rel="nofollow">http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx</a> Platform SDK Redistributable: GDI+ <a href="http://www.microsoft.com/downloads/en/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A&displaylang=en&pf=true" rel="nofollow">http://www.microsoft.com/downloads/en/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A&displaylang=en&pf=true</a> In any effect, Go patch up, your welcome, enjoy! , or not. ;o) hotdoge3 on "Samsung has denied allegations it installed secret spyware" http://www.giveawayoftheday.com/forums/topic/9534#post-90002 Sat, 09 Apr 2011 23:17:39 +0000 hotdoge3 90002@http://www.giveawayoftheday.com/forums/ <a href="http://www.v3.co.uk/v3-uk/news/2039070/false-alarm-samsung-laptop-keylogging-claims-debunked" rel="nofollow">http://www.v3.co.uk/v3-uk/news/2039070/false-alarm-samsung-laptop-keylogging-claims-debunked</a> Vipre mistook Microsoft's Live application multi-language support folder, ‘SL' folder, as StarLogger." The 'SL' folder refers to the Slovakian language version of the app. <a href="http://www.zdnet.com/blog/hardware/lessons-we-can-all-learn-from-the-false-postive-keylogger-fiasco/12152?tag=nl.e539" rel="nofollow">http://www.zdnet.com/blog/hardware/lessons-we-can-all-learn-from-the-false-postive-keylogger-fiasco/12152?tag=nl.e539</a> hotdoge3 on "Samsung has denied allegations it installed secret spyware" http://www.giveawayoftheday.com/forums/topic/9534#post-89976 Fri, 08 Apr 2011 09:33:53 +0000 hotdoge3 89976@http://www.giveawayoftheday.com/forums/ Thanks for that Khai good work. Robert on "WinUtilities Pro 9.98 - spyware?" http://www.giveawayoftheday.com/forums/topic/9530#post-89755 Fri, 01 Apr 2011 09:59:51 +0000 Robert 89755@http://www.giveawayoftheday.com/forums/ Not a big thing really. IMHO the stub installer downloads and starts the scripts (if they are missing),when the users consents to install the 'Ask Toolbar'.(ask Toolbar Install checker) The checker usually runs in the background when the installer of the main program is launched. <img src="http://dl.dropbox.com/u/1093856/ask.gif"> But in no way the 'Ask Toolbar' is installed without the users consent. Not in (today's) WinUtilities Pro 9.98 anyway. :) If still in doubt ,any decent file monitor application will allow you to block 'APNstub.exe'/Askstub.exe/AsktoolbarInstaller.exe" without interfering with the setup of the main program. Unfortunately some programs revert to cripleware if you chose not to install the toolbar or install it anyway. Again,not yesterday's WinUtilities. Deserthead47 on "WinUtilities Pro 9.98 - spyware?" http://www.giveawayoftheday.com/forums/topic/9530#post-89753 Fri, 01 Apr 2011 08:38:07 +0000 Deserthead47 89753@http://www.giveawayoftheday.com/forums/ Re - 'See comment 2 on download page' Seems I misread,thought it said 'there is a box to check' goodgotd on "WinUtilities Pro 9.98 - spyware?" http://www.giveawayoftheday.com/forums/topic/9530#post-89748 Fri, 01 Apr 2011 07:36:04 +0000 goodgotd 89748@http://www.giveawayoftheday.com/forums/ I did not approve the ask toolbar- and didn't get it. at first program start, it wanted to check for update, I denied it, and it works fine, hasn't tried a connection since, so I call it good. GulBroz on "WinUtilities Pro 9.98 - spyware?" http://www.giveawayoftheday.com/forums/topic/9530#post-89747 Fri, 01 Apr 2011 07:02:12 +0000 GulBroz 89747@http://www.giveawayoftheday.com/forums/ 'cause it's reported in "Description" or "Company Name" (don't remember which one) in Sysinternal Process Explorer...