Giveaway of the Day Forums » Tag: unlocker

Giveaway of the Day Forums » Tag: unlocker - Recent Posts http://www.giveawayoftheday.com/forums/tags/unlocker Giveaway of the Day Forums » Tag: unlocker - Recent Posts en-US Thu, 26 Nov 2009 06:27:15 +0000 http://bbpress.org/?v=1.0.2 <![CDATA[Search]]> q http://www.giveawayoftheday.com/forums/search.php nrshapiro on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-68097 Mon, 23 Nov 2009 18:04:02 +0000 nrshapiro 68097@http://www.giveawayoftheday.com/forums/ Norton Internet Security 2010 will not allow activate.exe to run. It won't allow it to stay either--deleting it. I could disable NAV of course, but then if activate.exe did contain a virus I'd be screwed, especially since it needs to be run with admin privileges. So I think GOTD needs to work this out with Norton. Steve on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-68005 Sat, 21 Nov 2009 02:56:51 +0000 Steve 68005@http://www.giveawayoftheday.com/forums/ <a href="http://www.giveawayoftheday.com/photo-stamp-remover/" rel="nofollow">http://www.giveawayoftheday.com/photo-stamp-remover/</a> OS = Windows XP Pro, sp3, IE8, all patches. Stamp Remover has been on this machine since the giveaway, although I don't think I ever used it after the giveaway. SAV 9.0.7.1000, scan engine 91.2.1.10, virus definitions version 11/18/2009 rev. 3. auto-protect scan detected c:\program files\photo stamp remover\StampRemover.exe as a threat called "downloader". default action = clean (failed). backup action = quarantine (failed). final action taken by SAV = delete. The file was deleted successfully. Very suspsicious if you ask me, especially since I wasn't even using the software. I was starting another software (radioget) at the time. TeXaCo on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-67025 Sun, 01 Nov 2009 16:55:24 +0000 TeXaCo 67025@http://www.giveawayoftheday.com/forums/ After installing IOBIT 360 reported it the dll file as a trojan. Then after scanning my whole system, it came up with 15 other files from regtidy as a virus. As the program was taking me to (I'm assuming the software website). Avira blocked the website from being displayed saying it was known to be a malicious website and WOT also blocked it. Now I know there have been false positives in the past but this seems to be too much to be false. perz on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-66963 Sat, 31 Oct 2009 21:46:02 +0000 perz 66963@http://www.giveawayoftheday.com/forums/ RegTidy trojan detected and identified by Avira AntiVir Premium: Virus or unwanted program 'TR/Drop.arte.410624 [trojan]' detected in file 'C:\Program Files\RegTidy 2009\RegTidy.dll. Action performed: Deny access leofelix on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-66949 Sat, 31 Oct 2009 19:27:32 +0000 leofelix 66949@http://www.giveawayoftheday.com/forums/ RegTidy is a misleading application, it will brings to false positive detection, more it can mess up you system. <a href="http://www.emsisoft.com/en/malware/?Adware.Win32.RegTidy" rel="nofollow">http://www.emsisoft.com/en/malware/?Adware.Win32.RegTidy</a> <a href="http://www.mywot.com/en/scorecard/regtidy.com" rel="nofollow">http://www.mywot.com/en/scorecard/regtidy.com</a> I wonder GOTD team didn't check it watcher13 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-65804 Wed, 14 Oct 2009 19:03:20 +0000 watcher13 65804@http://www.giveawayoftheday.com/forums/ Not sure. It has a small AV module. Maybe it was checking for updates. As you probably saw, it also had links to other bundled software and "recommended" softwares. If you didn't deselect all that stuff, it might have been trying to contact one of them. Also, I haven't got around to installing yet, but I read over in the comments section that it still has nag screens to get you to upgrade. It may have been trying to download one of them. I'm thinking it's one or two of these annoying, but semi-harmless functions. prs on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-65801 Wed, 14 Oct 2009 17:56:29 +0000 prs 65801@http://www.giveawayoftheday.com/forums/ Today,s offer has rave reviews from the regulars. Would hate to let this go. I posted this in the comments section today and I find that my comment is "moderated" So here goes. Had this evaluated at virustotal and jotti.org. The result is 1/41 and 1/21 detecting Trojan. Kaspersky in those two lists is happy. Zone Alarm on my computer informs me that AnVir is trying to contact two particular destination IP. What does that mean ? notblocklox on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-65795 Wed, 14 Oct 2009 16:28:03 +0000 notblocklox 65795@http://www.giveawayoftheday.com/forums/ No, my Kasper is quite happy with AnVir. prs on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-65789 Wed, 14 Oct 2009 14:16:04 +0000 prs 65789@http://www.giveawayoftheday.com/forums/ Todays offering by AnVir had my Kaspersky Internet Security crying foul. It is detected as a Trojan. I added AnVir to exclusions. Anyone else have this trouble ? gtoal on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-65788 Wed, 14 Oct 2009 13:57:56 +0000 gtoal 65788@http://www.giveawayoftheday.com/forums/ Today's signature update to McAfee just flagged the 22 Jan PDFZilla executable as "Generic.dx!fua" (and deleted it). rezidue on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-63537 Sun, 06 Sep 2009 22:48:10 +0000 rezidue 63537@http://www.giveawayoftheday.com/forums/ VirusTotal scan of webgalery.exe from <a href="http://www.giveawayoftheday.com/softorbits-html-web-gallery-creator/">SoftOrbits HTML Web Gallery Creator given away on September 4, 2009</a> Trojan-Downloader.Win32.Adload.jot <a href="http://www.virustotal.com/analisis/1d243e423585d8295a62d5d465644c66767c0a7b5454a12ea5cce3cc0e3691cf-1252275170" rel="nofollow">http://www.virustotal.com/analisis/1d243e423585d8295a62d5d465644c66767c0a7b5454a12ea5cce3cc0e3691cf-1252275170</a> rezidue on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-63142 Sun, 30 Aug 2009 00:04:15 +0000 rezidue 63142@http://www.giveawayoftheday.com/forums/ <a href="http://www.giveawayoftheday.com/2009/08/14/">Batch Image Resizer given away on August 14, 2009</a> Backdoor.Win32.Hupigon.htas Please note the wrapper was removed for this scan to verify that it had nothing to do with the bundled Software Informer application. <a href="http://www.virustotal.com/analisis/f2fb709f74ecf276846fffb5e0da1edc784bcf124b48b124958bda6892cbbe7d-1251589760" rel="nofollow">http://www.virustotal.com/analisis/f2fb709f74ecf276846fffb5e0da1edc784bcf124b48b124958bda6892cbbe7d-1251589760</a> In fact out of the 9 offerings from SoftOrbits.com only 4 applications scanned 100% clean at VirusTotal, the rest scan as containing a trojan or adware. Sorry I didn't see this sooner, Regards, Damian ants on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-62712 Sat, 22 Aug 2009 06:43:16 +0000 ants 62712@http://www.giveawayoftheday.com/forums/ Update! After the Gold Audio Suite build has been updated no infection is detected. The demo version at vendors site is not changed. ants on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-62710 Sat, 22 Aug 2009 05:51:07 +0000 ants 62710@http://www.giveawayoftheday.com/forums/ Hello! Posting this here, because comments are not moderated. This is about the Gold Audio Suite, August 21, 2009 Hello, giveawayfans! What do we get today? A virus or a false positive? Someone here advised to disable security - not wise; I have uploaded erdmpg4.dll to some sites doing a file scan. ca 50% of scanners find it infected with something named 'induc' clean, say: ArcaVir, A-Squared,AntiVir, CPSecure, Ikarus, NOD32, Panda,Quick Heal, VBA32, Comodo, eSafe, Jiangmin, K7AntiVirus, McAfee-GW, PCTools infected, say: avast!, AVG, bitdefender, ClamAV, Dr.Web, F-Prot, F-Secure, GDATA, Kaspersky, Sophos, VirusBuster, Authentium, Microsoft, Norman, Prevx, Symantec, Trend micro, McAfee5715, Fortinet, Sunbelt Went to Sophos site, they say: " W32/Induc-A Aliases Virus.Win32.Induc.a Category Viruses and Spyware Type Virus ................ W32/Induc-A is a virus that infects Delphi files at compile-time. As such, these files cannot be disinfected and need to be recompiled cleanly. ................ Because infected executables are produced at compile time by infected Delphi development environments, we are seeing many cases of infected files coming from genuine software vendors. These are not false positives. Clients and software developers seeking to understand why their software is being detected as W32/Induc-A should see this [http://www.sophos.com/blogs/sophoslabs/v/post/6195] blog article. ................ How it spreads * Infected files Affected operating systems Windows Protection available since 18 August 2009 15:14:59 (GMT) Last updated 20 August 2009 05:28:01 (GMT) Detected by All Sophos products ..............." Some information from eset - NOD32 site: Thanks to ESET’s early warning system - ThreatSense.Net , the first 24 hours from the virus’s release, ESET has received over 30,000 unique infected samples, where in many cases the original software was a legitimate application prior to infection. According to Juraj Malcho, the Head of ESET Virus Lab, “the concern is over the period during which the virus went undetected and was able to infect a large number of PCs, resulting in the infiltrated software being distributed to users directly by their vendor. To our dismay, often the reaction of the software vendor has been that the detection of a virus is a false-positive. ”It is likely that the first samples of the virus date back to April 2009. The reason why the virus was left unnoticed for such a long time period is that Delphi code tends to be quite voluminous and the virus body itself quite small. ...................... ...................... This was written before post #11 in comments BuBBy on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/6#post-58677 Fri, 19 Jun 2009 01:49:47 +0000 BuBBy 58677@http://www.giveawayoftheday.com/forums/ Welcome to the forums, hytah. So you are saying you wouldn't recommend AVG free to protect your PC? :) Preventing AVG from running - it probably did you a favour. (I am serious. Anyone reading this who is running AVG - you can do better. Visit <a href="http://free-av.com/" rel="nofollow">http://free-av.com/</a> for something that is at least a little better) I'd have a look at the download stats - but if there were conservatively 10,000 downloads of the same file - and you were the only one to get a trojan, that would be interesting. I'd say it came from somewhere else - or it is a false positive. If I had that giveaway - I could at least test it myself, but I gave that giveaway a miss. Perhaps investigate sending the infected files to <a href="http://virustotal.com" rel="nofollow">http://virustotal.com</a> - see what comes back. hytah on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-58675 Fri, 19 Jun 2009 00:48:23 +0000 hytah 58675@http://www.giveawayoftheday.com/forums/ This may be old news but AoA Audio Extractor (from a few months ago) is showing a Backdoor.Trojan with Symantec Endpoint Protection Vers. 11.04 Not sure why its just hitting now. The program has been working fine otherwise. I'm not saying it came from the software but a full scan placed it in one location only: C:\Program Files\AoA Audio Extractor. Whatever it was it was powerful enough to shutdown my AVG free and to prevent a re-install of it.It also irked me enough that I created an account to post my findings here. nogard0 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-58124 Tue, 09 Jun 2009 15:32:55 +0000 nogard0 58124@http://www.giveawayoftheday.com/forums/ 2 online sites that do scanning with multiple scanners are <a href="http://www.virustotal.com/" rel="nofollow">http://www.virustotal.com/</a> & <a href="http://virusscan.jotti.org/en" rel="nofollow">http://virusscan.jotti.org/en</a> all you so is browse your computer for the file and submit. they will scan with at least 20 different scanners. gonwk on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-57572 Sun, 31 May 2009 19:22:54 +0000 gonwk 57572@http://www.giveawayoftheday.com/forums/ Hi BuBBy, Thanks for the AV-Comparative site. And I will include my VirusTotal result in my post the Next time. BTW, it seems eSafe to be a more sensetive AV as you did mention. Thanks, G! :) BuBBy on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-54637 Sun, 12 Apr 2009 06:27:40 +0000 BuBBy 54637@http://www.giveawayoftheday.com/forums/ MSCOMCTL - has nothing to do with Network Communications - it is "Microsoft Common Controls" - chopped up and jammed into a single abbreviation. If you get a suspected 'hit' on Virus Total - please mention what it found and with which antivirus engines. Naturally some engines are much more prone to false positives. If you are getting detections from some of the better AV engines - such as NOD32 or Kaspersky, Nortons or McAfee - and the same detection from multiple engines - then there might be something worth following up. If you are using Norman antivirus, I'd suggest you make yourself familiar with the latest <a href="http://av-comparatives.org/">AV Comparatives</a> report, which will give you some indication of which AntiVirus products are stronger and more accurate when it comes to scanning files and identifying threats (unfortunately Norman isn't one of them). gonwk on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-54492 Thu, 09 Apr 2009 21:33:14 +0000 gonwk 54492@http://www.giveawayoftheday.com/forums/ After my Comodo Defense + blocked a COM operation that I had not initiated when I simply wanted to do a Test WMV to MP3 conversion ... I decided to check Reezaa MP3 Converter, dated 04/09/09 a little closer ... so I ran "MP3 Converter.exe" and "MSCOMCTL.OCX" through VIRUSTOTAL and it gave me "Suspicious Files" ... so! G!:) lefty78312 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-52183 Tue, 03 Mar 2009 11:02:05 +0000 lefty78312 52183@http://www.giveawayoftheday.com/forums/ According to TrojanHunter, the PDF Converter contains a trojan, and it wouldn't let me run the program. I should have written down the name of the trojan. WobblyWombat on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-51275 Wed, 18 Feb 2009 11:22:27 +0000 WobblyWombat 51275@http://www.giveawayoftheday.com/forums/ OK, I submitted three 2flyer files that were being flagged (see my last post, two above) and got a response that they are confirmed as false positives, and are safe. Avira will rectify this detection in Antivir. Rizla01 and Rags - I suspect either you've been infected elsewhere, or are also getting false positives... rags on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-51162 Mon, 16 Feb 2009 12:34:59 +0000 rags 51162@http://www.giveawayoftheday.com/forums/ Hi rizla01, I had the same problem ... computer started running at geriatric speed and avast found trojans linked to this program. Clean up has put the oomph back in the cpu, so something was most definitely there. Whether it came with the program, I'm not computer savvy enough to know. WobblyWombat on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-51117 Sun, 15 Feb 2009 20:54:20 +0000 WobblyWombat 51117@http://www.giveawayoftheday.com/forums/ I keep getting detections for 2flyer (3 or 4 .scr files) Virustotal has 11/39 reporting positive, I've reported a suspected false positive to Avira Virus Lab... we shall see, but 11/39 is just a touch too high to ignore IMHO. Violet4714 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-50948 Sat, 14 Feb 2009 06:36:58 +0000 Violet4714 50948@http://www.giveawayoftheday.com/forums/ hi, rizla01... no problems with "2 Flyer ScreenSaver Pro" here... some problems were reported in another Giveaway thread: <a href="http://www.giveawayoftheday.com/forums/topic/4756" rel="nofollow">http://www.giveawayoftheday.com/forums/topic/4756</a> rizla01 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-50931 Fri, 13 Feb 2009 22:59:14 +0000 rizla01 50931@http://www.giveawayoftheday.com/forums/ Has anyone had a virus connected with the Screensaver maker program recently offered on here. I just had to do a massive clean up of a virus attaching itself to the files that were installed along with this program. Papakid on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-49579 Tue, 20 Jan 2009 05:17:29 +0000 Papakid 49579@http://www.giveawayoftheday.com/forums/ Pretty sad that people can't grasp the concept of a false positive and that their scanners could be wrong. I'm sure the Admins here are sick and tired of explaining it to people that don't read or follow instructions to comply to the purpose of this thread. Why should they allow warnings to be posted when it is in all likelihood a false positive--making your warning a cry of wolf? My suggestion to everybody is to send samples of files that are being flagged as bad to the software companies that are flagging them. Tho they don't all make it as easy as it should be, they all have a way for you to send them files so that they can update their definitions. If you do that, what they are calling some kind of virus or malware today will be an OK file tomorrow once the corrected definitions have been updated. Or if it is a real threat it will be confirmed and get flagged again. A squared and Antivir give out the most False Positives, so you should question their results--especially if no other scanners are reporting the file as bad. I know because(and for other reasons) I run Antivir myself. I don't like the FP's but I can live with them because I know what they are and how to deal with them. For AntiVir, go to this page: <a href="http://analysis.avira.com/samples/index.php" rel="nofollow">http://analysis.avira.com/samples/index.php</a> Their help file mentions submitting by email and from Quarantine, but this webpage is the most efficient and easy. I get immediate confirmation by email that the file is submitted and a confirmation that it is a false positive or not in 24 hours. For A Squared you can find how to submit files here: <a href="http://www.emsisoft.com/en/support/faq/?id=62" rel="nofollow">http://www.emsisoft.com/en/support/faq/?id=62</a> I've never run this program as I never much cared for it--things like them saying be 100% sure it's a false positive before you submit. The reason you're submitting is because you aren't sure but suspect a FP. It's their job to be sure. But glancing at their forums they do ask people to submit FP's via the Contacts page. There also is a new feature where quarantine can be configured to rescan flagged files after updating to correct FP's. But some one needs to report FP's for the defs to be corrected so this method is too passive for my tastes. I can kind of understand the discouragement of reporting FP's. Most people don't know what a FP is, so if everyone reported everything that got flagged it would bog down the system. So use some common sense to justify your suspicions before sending. If only one file has been found, it could be a FP. It is more common for malware to come in groups and they are very complex which mean several files are needed. And if you get one file but no symptoms, such as a sudden slow down and a rash of popups, among others, then it's likely a FP. As the Admins here suggest, scanning at Jotti or VirusTotal will give more immediate results, since you want to know what you're dealing with here in order to install the giveaway software in the timeframe required. If only your scanner is flagging the file, then it is 90% probably a FP. There may be more scanners to flag it and still it could be a FP--some use the same scanner engine and share definitions--I think you'll find when AntiVir flags a file the same two other scanners do as well--can't quite remember but I Think Gateway is one. Ashraf on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-49444 Sat, 17 Jan 2009 22:17:02 +0000 Ashraf 49444@http://www.giveawayoftheday.com/forums/ Kaspersky found it to be clean. playboy85 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-49429 Sat, 17 Jan 2009 15:37:54 +0000 playboy85 49429@http://www.giveawayoftheday.com/forums/ There is a trojan in todays giveaway (1/17/09) of uMark Professional. A-Square found Trojan-Dropper.Win32 when I opened the setup file. I tried to post this to the comments section to warn people but apparently GAOTD has certain words flagged so the comments dont appear if comments contain virus or trojan???? None of my posts would take. Pretty sad, allowing people to get infected and not allow them to be warned. grumpy44134 on "Review Trojan/Virus Reports" http://www.giveawayoftheday.com/forums/topic/719/page/5#post-46945 Sun, 07 Dec 2008 16:07:39 +0000 grumpy44134 46945@http://www.giveawayoftheday.com/forums/ AVG anti-virus found Trojan horse back door virus in mgWindow.exe (12/6/08) after I installed it!