• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
GettingtotheBottom

Crazy Drake Possible False Positive

7 posts in this topic

I recently downloaded a PC game called Crazy Drake from eGames, but Ad-Aware came up with a Trojan (Trojan.Win32.Generic!BT to be exact) and some Conducent/Timesink Adware. Since it wasn't the official eGames website, I thought I might have gotten a purposely infected file. I then decided to buy the actual game new from eBay. When I installed it, Adaware STILL came up with the same stuff. This makes me believe that it could be something from the game that it thinks is malicious, but really isn't.

 

Here is the website I got it from:

http://egames2.blogspot.com/2011/09/crazy-drake.html

 

Here's another link in case the first doesn't work:

http://www.mediafire.com/?lmlxlhrwi6ndedr

 

Thanks in advance!

Share this post


Link to post
Share on other sites

Hi GettingtotheBottom,

 

Thanks for your report. I'll investigate and let you know what's happening.

 

Regards,

 

Andy

Lavasoft Malware Lab

Share this post


Link to post
Share on other sites

The free game is ad supported by the Conducent TimeSink ad gateway, hence the various detections. I don't have access to the non-free version of the game, but it appears that the adware elements are part of this version too.

 

I suggest the removing the TimeSink elements and adding the actual game file to the ignore list. Try the following:

 

1. Uninstall the game completely & reboot

2. After reboot, disable Real Time Protection on Ad-Aware

3. Install the game

4. Run a full scan

5. After the scan, click on the Infected Files tab

6. For Trojan-Dropper.Win32.Agent (aka c:\Program Files\eGames\Crazy Drake Game\egames.exe), select Ignore in the Action column

7. Click Clean

8. On the Ad-Aware Home screen, click Settings (top right, second from the bottom of the list that starts "Scan..")

9. Click on Ignore List on the left side of the screen & add c:\Program Files\eGames\Crazy Drake Game\egames.exe to the ignore list

10. Enable Real Time Protection

11. Done

 

Let me know how you get on.

 

Andy

Lavasoft Malware Lab

Share this post


Link to post
Share on other sites

Thanks for the help. Unfortunately it says that I need addon2VB.dll to run the program (even though I checked and I have it), so I'll have to see if I can fix that.

Share this post


Link to post
Share on other sites

Hi,

 

Sometimes it helps to copy the file, that the program can't find, to the folder of the program.

Share this post


Link to post
Share on other sites

It doesn't work. I already tried that. You apparently have to keep the Timesink adware because I turned off real-time protection and it was able to find the .dll file. However, when I turned on real-time protection and tried to run it and Adaware Quarantined the Timesink and it immediately couldn't find the .dll. Also, were you able to run the program? I tried a whole bunch of compatibility modes for it on Windows 7 but none I tried worked (unless you were using Vista or XP).

Share this post


Link to post
Share on other sites

Which of the links did you download? You could simply try running Crazy Drake in DOSBox. I'd suggest either one of the DOS downloads or the Entertainment Suite 2 setup. The blog also has a link to these instructions on removing Conducent TimeSink.

Edited by Lorenzo The Comic

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0