Использование Javascript отключено

Javascript отключен. В результате, некоторые функции могут не работать. Для возобновления полноценного функционирования форума, включите Javascript.

Malware Or False-positive?

Автор Rappaping , авг 05 2011 16:30

Please log in to reply

8 ответов в этой теме

#1 Rappaping

Newbie

Posters
3 Сообщений:

Отправлено 05 Август 2011 - 16:30

FIRST FILE
------------
Link download file:
http://www.reohix.com/Software/Sleep%20Moon.msi

Link VirusTotal scanning result:
http://www.virustotal.com/file-scan/report...8abc-1312550694

SECOND FILE
---------------
Link download file:
http://software-files-l.cnet.com/s/softwar...ckSetup_exe.exe

Link VirusTotal scanning result:
http://www.virustotal.com/file-scan/report...86b3-1312548864

Наверх

#2 sergeyko

Guru

Dr.Web Staff
3 928 Сообщений:

Отправлено 05 Август 2011 - 16:53

FIRST FILE
------------
Link download file:
http://www.reohix.com/Software/Sleep%20Moon.msi

Link VirusTotal scanning result:
http://www.virustotal.com/file-scan/report...8abc-1312550694

SECOND FILE
---------------
Link download file:
http://software-files-l.cnet.com/s/softwar...ckSetup_exe.exe

Link VirusTotal scanning result:
http://www.virustotal.com/file-scan/report...86b3-1312548864

The first file is most likely a false, yes, please send it to us at vas.drweb.com.
The second one is being detected not only by Dr.Web according to your link and it seems correct, but to make sure you'd better send it to us as well.
Thanks.

Sergey Komarov
R&D www.drweb.com

Наверх

#3 Borka

Забанен за флуд

Members
19 512 Сообщений:

Отправлено 05 Август 2011 - 17:34

The first file is most likely a false, yes, please send it to us at vas.drweb.com.

What does it mean?

Sure not vMs.drweb.com ?

С уважением,
Борис А. Чертенко aka Borka.

Наверх

#4 sergeyko

Guru

Dr.Web Staff
3 928 Сообщений:

Отправлено 05 Август 2011 - 17:38

The first file is most likely a false, yes, please send it to us at vas.drweb.com.
What does it mean? Sure not vMs.drweb.com ?

A mistype, of course, sorry! VMS.drweb.com is correct.

Sergey Komarov
R&D www.drweb.com

Наверх

#5 Rappaping

Newbie

Posters
3 Сообщений:

Отправлено 05 Август 2011 - 21:26

http://online.us.drweb.com/cache/?i=1264e8...1ab73aad164a5f0

http://online.us.drweb.com/cache/?i=f33bbc...5b076d811f4f2a6

Наверх

#6 Rappaping

Newbie

Posters
3 Сообщений:

Отправлено 06 Август 2011 - 12:19

Can anyone tell me eif these files are malware ore false positives?

Scanning them in the DrWeb sandbox I've received the same results I received in the DrWeb scanner of VirusTotal (as you can see in the links I've posted).

According to me it is obvious!
What I'm looking for posting in this forum, is the revision of the files by DrWeb official stuff, as rhey can say me if REALLY the files are malware or not.

Thank you in advance.
Best regards.

Наверх

#7 userr

Newbie

Members
16 310 Сообщений:

Отправлено 06 Август 2011 - 12:41

What I'm looking for posting in this forum, is the revision of the files by DrWeb official stuff, as rhey can say me if REALLY the files are malware or not.

only virlab can say, are these files malicious or not. Have you sent the files to Dr.Web virlab http://vms.drweb.com/sendvirus ? (sergeyko told you to do this). Have you received any reply?
Best regards.

Наверх

#8 userr

Newbie

Members
16 310 Сообщений:

Отправлено 06 Август 2011 - 12:58

Rappaping
btw, cnet_FreeAlarmClockSetup_exe.exe contains an advertising software Adware.Zugo.38 - according to Dr.Web it's not-a-virus anyway

Наверх

#9 userr

Newbie

Members
16 310 Сообщений:

Отправлено 08 Август 2011 - 17:02

Rappaping
So, I've sent your files to the Dr.Web virlab.

Sleep_Moon_Xpress.exe - it was false positive. fixed, no detect from Dr.Web now.
cnet_FreeAlarmClockSetup_exe.exe - it is an advertising software Adware.Zugo.38

Наверх

Назад к Common questions (English)

Malware Or False-positive?

#1 Rappaping

#2 sergeyko

#3 Borka

#4 sergeyko

#5 Rappaping

#6 Rappaping

#7 userr

#8 userr

#9 userr

Войти