Перейти к содержимому


Фото
- - - - -

False positive..

Автор fenzodahl512 , июл 01 2008 10:09

  • Please log in to reply
8 ответов в этой теме

#1 fenzodahl512

fenzodahl512

    Newbie

  • Members
  • 1 Сообщений:

Отправлено 01 Июль 2008 - 10:09

Hello.. Firstly, I want to thank you for this great product.. It helps me a lot..

Actually I believe I have a false positive to report in..

Somehow, Dr Web has mistakenly detect Malwarebytes' mbam.exe as a probably Backdoor..

mbam.exe;C:Program FilesMalwarebytes' Anti-Malware;Probably BACKDOOR.Trojan;Incurable.Moved.;


link below:

http://www.geekstogo.com/forum/System-shut...81#entry1273481

Thank you so much for your concern..


Regards
fenzodahl512

#2 SergM

SergM

    Guru

  • Moderators
  • 9 387 Сообщений:

Отправлено 01 Июль 2008 - 12:06

Problem file it is necessary to send with the comments on address http://support.drweb.com/sendnew/ False operation will correct.

#3 davis

davis

    Newbie

  • Members
  • 2 Сообщений:

Отправлено 02 Декабрь 2008 - 04:49

Hi,

The old version Dr.Web had a quarantine options. If it moved or cured some legit files or folders with false positive, we can move it back automatically or manually.

But the new version seems to delete the options. So, if this program deletes some legit files from hidden System Restore partition. we cant get it back.

Is that i miss something? or the new program is just the way as it should be?



Best Regards,

#4 pig

pig

    Бредогенератор

  • Helpers
  • 10 855 Сообщений:

Отправлено 02 Декабрь 2008 - 12:51

Action "Move" still remains. No changes were made with actions "Cure" and "Delete".

#5 davis

davis

    Newbie

  • Members
  • 2 Сообщений:

Отправлено 03 Январь 2009 - 20:12

Hi pig,

Thank you for your response. but my question is Dr.Web clean some files from system restore partition( we can't access), and those files are false positive. We can't get it back.

The old version of Dr.Web has Quarantine options that we can get some files back no matter which partition is. In my case, the Dr.Web cure some files from D:\i386 folder. It appears false postitive. Those files were in the system restore partition. I can't remove the file extention and get it back from the Quarantine folder.

Can you tell me straight how to move the files back from the Quarantine folder? Thanks.

Regards,

#6 pig

pig

    Бредогенератор

  • Helpers
  • 10 855 Сообщений:

Отправлено 04 Январь 2009 - 02:53

The old version of Dr.Web has Quarantine options that we can get some files back

What does it mean? I don't remember anyone else "Move" action that provides some quarantine functions.
Почтовый сервер Eserv тоже работает с Dr.Web

#7 icr

icr

    Newbie

  • Posters
  • 4 Сообщений:

Отправлено 05 Январь 2009 - 19:28

Well heres another FP ;)
Dr.Web Detected BitDefender 2008 Setup as Trojan.Downloader...... ;) and Deamon Tools Setup as an Adware.Shopper...... ;)
Both are downloaded from their respective sites ;) http://forum.drweb.com/public/style_emoticons/default/blink.png :D

#8 Borka

Borka

    Забанен за флуд

  • Members
  • 19 512 Сообщений:

Отправлено 05 Январь 2009 - 23:19

Dr.Web Detected BitDefender 2008 Setup as Trojan.Downloader...... ;) and Deamon Tools Setup as an Adware.Shopper...... ;)
Both are downloaded from their respective sites ;) http://forum.drweb.com/public/style_emoticons/default/blink.png ;)

Did you send this samples to Dr.Web's Virlab?
С уважением,
Борис А. Чертенко aka Borka.

#9 pig

pig

    Бредогенератор

  • Helpers
  • 10 855 Сообщений:

Отправлено 06 Январь 2009 - 02:37

Deamon Tools Setup as an Adware.Shopper

AFAIK Daemon Tools contains adware.
Почтовый сервер Eserv тоже работает с Dr.Web
Назад к Common questions (English)

Читают тему: 1

0 пользователей, 1 гостей, 0 скрытых

  1. Dr.Web forum
  2. English forums
  3. Common questions (English)
  4. Privacy Policy
  5. Terms & Rules ·