Unlocker safe?

Discussion in 'malware problems & news' started by imperium, Mar 6, 2007.

Thread Status:
Not open for further replies.
  1. imperium

    imperium Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    73
    Location:
    England
    Hi folks, I recently downloaded a program called Unlocker and installed it but received a few Zone Alarm alerts regarding its drivers. Here is the log:

    OSFW,2007/03/05,22:23:00 +0:00 GMT,UNKNOWN(0),UNLOCKER1.8.5.EXE,C:\DOCUMENTS AND SETTINGS\New User\MY DOCUMENTS\UNLOCKER1.8.5.EXE,DRIVER,CREATE,SRC,UNLOCKERDRIVER5
    OSFW,2007/03/05,22:23:12 +0:00 GMT,UNKNOWN(0),UNLOCKERASSISTANT.EXE,C:\PROGRAM FILES\Unlocker\UNLOCKERASSISTANT.EXE,EXECUTION,GLOBALWINDOWSHOOK,SRC
    OSFW,2007/03/05,22:24:46 +0:00 GMT,UNKNOWN(0),A~NSISu_.exe,C:\Documents and Settings\New User\Local Settings\Temp\A~NSISu_.exe,MESSAGE,Unknown Sub Event(3),DST,C:\Program Files\Unlocker\UnlockerAssistant.exe
    OSFW,2007/03/05,22:25:02 +0:00 GMT,UNKNOWN(0),UNLOCKER1.8.5.EXE,C:\DOCUMENTS AND SETTINGS\New User\MY DOCUMENTS\UNLOCKER1.8.5.EXE,DRIVER,CREATE,SRC,UNLOCKERDRIVER5
    OSFW,2007/03/05,22:25:06 +0:00 GMT,UNKNOWN(0),UNLOCKERASSISTANT.EXE,C:\PROGRAM FILES\Unlocker\UNLOCKERASSISTANT.EXE,EXECUTION,GLOBALWINDOWSHOOK,SRC
    OSFW,2007/03/05,22:42:14 +0:00 GMT,UNKNOWN(0),Unlocker.exe,C:\PROGRAM FILES\Unlocker\Unlocker.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\UnlockerDriver5
    PE,2007/03/05,22:42:18 +0:00 GMT,Unlocker.exe,C:\PROGRAM FILES\Unlocker\Unlocker.exe,209.172.57.40:53,N/A
    OSFW,2007/03/06,19:45:00 +0:00 GMT,UNKNOWN(0),Unlocker.exe,C:\PROGRAM FILES\Unlocker\Unlocker.exe,DRIVER,LOAD,SRC,\Registry\Machine\System\CurrentControlSet\Services\UnlockerDriver5
    PE,2007/03/06,19:45:26 +0:00 GMT,Unlocker.exe,C:\PROGRAM FILES\Unlocker\Unlocker.exe,213.123.84.216:53,N/A

    I have heard many good things about this software and don't suspect it of being malware but because of these Alerts have to remain cautious. Are these drivers and processes safe to allow. Any information greatly appreciated. Thankyou.
     
  2. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: I used unlocker before and had no issues. After seeing your post, reminding myself of reinstalling again. I d/l newest version 1.85. During its installation, I did receive two alerts from ZASS(ZA Pro is its firewall component), asking permission to install its driver and modification by its unlockerassistant.exe. I oked both. I run prevx1, AVG AS plus and SAS realtime, they did not alert me. I guess unlocker is probably a safe app to use.
     
  3. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
  4. imperium

    imperium Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    73
    Location:
    England
    :thumb: Thanks guys.
     
  5. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    because of the nature of the ap it needs to tie in at a pretty low level to terminate other applications or system processes, thus it will show up in any HIPS or other security ap monitoring driver\kernel level access\installation.

    Its really useful though because of the RClick shell integration and is generally one of the first shell extensions I load on an install ;)
     
  6. EASTER.2010

    EASTER.2010 Guest

    It's a real annoyance at times when even a folder with no files refuses to let go of Explorer, so UnLocker is very good to cut those strings.
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    It is a great app. You just have to be aware of what it is doing. The DLL in KAV that puts their logo on the welcome screen is tied into winlogin.exe. I had a bad uninstall and couldn't get rid of the dll even in safe mode. Unlocker did the job just fine, but windows really took it personally. Only time I've ever seen a blue screen that simply said "Windows is unable to function and is shutting down" Pow.:D
     
  8. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    yet another example of the great advantages a small parallel install holds
    especially when monkeying with sensitive system files ;)

    Unlocker can allow you to do a great many things, but hacking the ntoskrnl.exe isnt one of them :p
    Im surprised it allowed you to turn loose winlogin.exe :thumb:
     
  9. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Thanks for this application. Seems a keeper.
    What does it not do and what program completes it? *puppy*
     
  10. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    some system files and dynamic link libraries are simply unaccessible\uneditable when the OS is running, Unlocker will generally allow you to turn loose anything that can be, but does have limits. Those files need to be edited\deleted from outside the OS, one of the easiest ways is to have a parallel install, another OS install that can see the first and allows you to edit in my first example the NT kernel (ntoskrnl.exe)

    while I was referring to hacking system files in order to modify the look feel or function with customization, its equally applicable for say repair or recovery, really handy to simply replace the registry hive on a damaged install (WINNT\System32\config being the original with WINNT\repair being the last known good), or say you suspect a kernel mode rootkit. if you had a backup of the ntoskrnl you could replace it from a parallel install.
     
  11. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,124
    Location:
    Pennsylvania.
    I could not rename one of my folders and this program helped me rename it. :D
     
Thread Status:
Not open for further replies.