Help - Search - Members - Calendar
Full Version: Virus in download from a tutorial link
BleepingComputer.com > Bleeping Computer Applications and Guides > Tutorials
   
kwegar
Oct 22 2009, 12:40 PM
in the tutorial

"How to delete or rename files and folders that are in use or locked in Windows"

there is a virus in the download link file.

Eset 3.0.xxx stopped the download


22/10/2009 10:33:27 AM HTTP filter file http://ccollomb.free.fr/unlocker/unlocker1.8.7.exe a variant of Win32/Adware.ADON application connection terminated - quarantined

Wanted to let someone know.



garmanma
Oct 22 2009, 04:31 PM
Would you kindly link us to which tutorial you are referring to?
Animal
Oct 27 2009, 01:40 PM
I'm assuming this one? http://www.bleepingcomputer.com/tutorials/tutorial131.html

An easy way to double check the validity of the DL, is to verify the MD5 checksum info against the DL. Unlocker provides that information on their page. My presumption at this point is that is a false positive by ESET. We are looking into it, as of this post. Thank you for bringing it to our attention.
Grinler
Oct 27 2009, 04:06 PM
We do not actually directly link to the download, but confirmed and the md5s do match up on the site and the download from the site. I checked the executable against virustotal and since nod32 is the only one showing it as a problem, my guess is this is a false positive.

CODE
a-squared     4.5.0.41     2009.10.27     -
AhnLab-V3     5.0.0.2     2009.10.27     -
AntiVir     7.9.1.44     2009.10.27     -
Antiy-AVL     2.0.3.7     2009.10.27     -
Authentium     5.1.2.4     2009.10.27     -
Avast     4.8.1351.0     2009.10.27     -
AVG     8.5.0.423     2009.10.27     -
BitDefender     7.2     2009.10.27     -
CAT-QuickHeal     10.00     2009.10.27     -
ClamAV     0.94.1     2009.10.27     -
Comodo     2748     2009.10.27     -
DrWeb     5.0.0.12182     2009.10.27     -
eSafe     7.0.17.0     2009.10.27     -
eTrust-Vet     35.1.7086     2009.10.27     -
F-Prot     4.5.1.85     2009.10.27     -
F-Secure     9.0.15370.0     2009.10.27     -
Fortinet     3.120.0.0     2009.10.27     -
GData     19     2009.10.27     -
Ikarus     T3.1.1.72.0     2009.10.27     -
Jiangmin     11.0.800     2009.10.26     -
K7AntiVirus     7.10.881     2009.10.27     -
Kaspersky     7.0.0.125     2009.10.27     -
McAfee     5784     2009.10.27     -
McAfee+Artemis     5784     2009.10.27     -
McAfee-GW-Edition     6.8.5     2009.10.27     -
Microsoft     1.5202     2009.10.27     -
NOD32     4549     2009.10.27     Win32/Adware.ADON
Norman     6.03.02     2009.10.27     -
nProtect     2009.1.8.0     2009.10.27     -
Panda     10.0.2.2     2009.10.27     -
PCTools     4.4.2.0     2009.10.19     -
Prevx     3.0     2009.10.27     -
Rising     21.53.13.00     2009.10.27     -
Sophos     4.46.0     2009.10.27     -
Sunbelt     3.2.1858.2     2009.10.27     -
Symantec     1.4.4.12     2009.10.27     -
TheHacker     6.5.0.2.055     2009.10.27     -
TrendMicro     8.950.0.1094     2009.10.27     -
VBA32     3.12.10.11     2009.10.27     -
ViRobot     2009.10.27.2007     2009.10.27     -
VirusBuster     4.6.5.0     2009.10.26     -
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.