Перейти к содержимому


Фото
- - - - -

Disappointment


  • Please log in to reply
17 ответов в этой теме

#1 mondeo1

mondeo1

    Newbie

  • Posters
  • 58 Сообщений:

Отправлено 28 Декабрь 2009 - 19:41

Hello

My good friend called me because his Dr.Web Demo-version expired today. He wanted to buy full version. When I arrived to assist him the behaviour of PC was suspicious. How big was our disappointment when we checked the computer with Malwarebytes. MB found 140 items. Really! No viruses or trojans but adware and spyware... :(

#2 drumut

drumut

    Member

  • Moderators
  • 325 Сообщений:

Отправлено 28 Декабрь 2009 - 20:16

I think this is why we call them antimalware and Dr.Web is an antivirus. On the other hand let me ask you a few questions because i wonder. Has your friend made a complete scan with dr.web before which includes adaware, dialer etc..? Has enhanced mode enabled? Can you send *.ini file of dr.web here.
OS : Debian Sid , all i have all i need!

#3 HHH

HHH

    Massive Poster

  • Posters
  • 2 714 Сообщений:

Отправлено 28 Декабрь 2009 - 20:52

My good friend called me because his Dr.Web Demo-version expired today. He wanted to buy full version. When I arrived to assist him the behaviour of PC was suspicious. How big was our disappointment when we checked the computer with Malwarebytes. MB found 140 items. Really! No viruses or trojans but adware and spyware... :(

Please visit http://support.drweb.com/sendnew/

#4 userr

userr

    The Master

  • Moderators
  • 16 310 Сообщений:

Отправлено 28 Декабрь 2009 - 20:54

mondeo1

MB found 140 items. Really! No viruses or trojans but adware and spyware...

Really? Are they real files, or cookies, traces in Registry, etc. ? Do you have these files? Can you show http://www.virustotal.com/ results ?

#5 mondeo1

mondeo1

    Newbie

  • Posters
  • 58 Сообщений:

Отправлено 28 Декабрь 2009 - 22:06

Hi

I swear! This is a bare fact. I didn't make any picture but i think that Malwarebytes creates some "resume". I am going to visit him tomorrow and i will share this file. If you check Dr. Web´s key functions you will see that Dr. Web should protect you also before adware and spyware. Btw. Malwarebytes doesn't look for cookies.

#6 userr

userr

    The Master

  • Moderators
  • 16 310 Сообщений:

Отправлено 28 Декабрь 2009 - 22:22

mondeo1
Is there any copy of these malware files? Does MB have some kind of quarantine ?

#7 Eugeny Gladkih

Eugeny Gladkih

    the Spirit of the Enlightenment

  • Dr.Web Staff
  • 5 234 Сообщений:

Отправлено 28 Декабрь 2009 - 23:12

Hello

My good friend called me because his Dr.Web Demo-version expired today. He wanted to buy full version. When I arrived to assist him the behaviour of PC was suspicious. How big was our disappointment when we checked the computer with Malwarebytes. MB found 140 items. Really! No viruses or trojans but adware and spyware... :(


and all of 'em were in `infected' folder, yep?

#8 mondeo1

mondeo1

    Newbie

  • Posters
  • 58 Сообщений:

Отправлено 28 Декабрь 2009 - 23:13

mondeo1
Is there any copy of these malware files? Does MB have some kind of quarantine ?


I hope because after the scan put up the message in "txt" format. Yes, MB have quarantine. But I suppose that default action is "delete" and not "quarantine"...

#9 mondeo1

mondeo1

    Newbie

  • Posters
  • 58 Сообщений:

Отправлено 29 Декабрь 2009 - 13:31

Hi

Here is the report...

Прикрепленные файлы:



#10 Konstantin Yudin

Konstantin Yudin

    Смотрящий

  • Dr.Web Staff
  • 18 140 Сообщений:

Отправлено 29 Декабрь 2009 - 18:16

Hi

Here is the report...

intresting for me only one file C:\WINDOWS\SYSDLG01.EXE other it's trash.
With best regards, Konstantin Yudin
Doctor Web, Ltd.

#11 mondeo1

mondeo1

    Newbie

  • Posters
  • 58 Сообщений:

Отправлено 29 Декабрь 2009 - 20:50

Hi

Here is the report...

intresting for me only one file C:\WINDOWS\SYSDLG01.EXE other it's trash.


Thanks for the reply. And the rest? False positive? I can tell you that the system (WinXP) was slow. Mozilla did not work. After the MB scan was everything OK again.

#12 mrbelyash

mrbelyash

    Беляш

  • Helpers
  • 25 897 Сообщений:

Отправлено 29 Декабрь 2009 - 21:40

Hi

Here is the report...

intresting for me only one file C:\WINDOWS\SYSDLG01.EXE other it's trash.


Thanks for the reply. And the rest? False positive? I can tell you that the system (WinXP) was slow. Mozilla did not work. After the MB scan was everything OK again.

Send file C:\WINDOWS\SYSDLG01.EXE in virus laboratory
https://vms.drweb.com/sendvirus/?lng=en

wiki https://drw.sh/endjcv | Утилиты https://drw.sh/dgweku | Лечить удаленно https://drw.sh/wmzdcl | Скрытые процессы https://drw.sh/tmulje | Логи https://drw.sh/ruy | Песочница https://drw.sh/exhbro


#13 drumut

drumut

    Member

  • Moderators
  • 325 Сообщений:

Отправлено 31 Декабрь 2009 - 17:27

I didn't find any information about SYSDLG01.EXE on internet, i really wonder it.
OS : Debian Sid , all i have all i need!

#14 C.S.J

C.S.J

    Member

  • Moderators
  • 194 Сообщений:

Отправлено 02 Январь 2010 - 06:56

Hi

Here is the report...

intresting for me only one file C:\WINDOWS\SYSDLG01.EXE other it's trash.

wow, alot of trash from MBAM then, i always thought it was a decent anti-malware. :(

(as a second opinion on-demand scanner i mean)

#15 mrbelyash

mrbelyash

    Беляш

  • Helpers
  • 25 897 Сообщений:

Отправлено 02 Январь 2010 - 07:07

I didn't find any information about SYSDLG01.EXE on internet, i really wonder it.

download Gmer http://www.gmer.net/gmer.zip
run and find hidden file
Отправленное изображение

wiki https://drw.sh/endjcv | Утилиты https://drw.sh/dgweku | Лечить удаленно https://drw.sh/wmzdcl | Скрытые процессы https://drw.sh/tmulje | Логи https://drw.sh/ruy | Песочница https://drw.sh/exhbro


#16 Konstantin Yudin

Konstantin Yudin

    Смотрящий

  • Dr.Web Staff
  • 18 140 Сообщений:

Отправлено 12 Январь 2010 - 12:50

I didn't find any information about SYSDLG01.EXE on internet, i really wonder it.

restore file from MBAM quarantine ;)

C:\WINDOWS\SYSDLG01.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.

With best regards, Konstantin Yudin
Doctor Web, Ltd.

#17 mondeo1

mondeo1

    Newbie

  • Posters
  • 58 Сообщений:

Отправлено 12 Январь 2010 - 13:05

I didn't find any information about SYSDLG01.EXE on internet, i really wonder it.

restore file from MBAM quarantine :)

C:\WINDOWS\SYSDLG01.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.


why? ;)

#18 Dr33

Dr33

    Newbie

  • Posters
  • 45 Сообщений:

Отправлено 13 Январь 2010 - 01:23

To send it to Dr Web Lab ;)


Читают тему: 0

0 пользователей, 0 гостей, 0 скрытых