Dr.Web CureIt! vs TDL3 - Page 2

Re: Dr.Web CureIt! vs TDL3

#877 by nullptr
Sun Apr 25, 2010 3:14 pm

EzzO wrote:Can you try to cure TDL 3 with beta CureIT and show the results?

Tested with xp sp3 running in Virtual PC. All up so far I've tested 6 times.
- Dwprot service remained active after disinfection for all but one of the tests. There's no simple way to remove this service for the average user.
- Never press 'Yes to all' because in the 2nd sweep the scanner does of system32\drivers you'll end up stuck in a loop on the infected driver.
- If you're using the protected scan mode and you get stuck in the loop, then bad luck ...reset the pc
- Successfully removed infection on all occasions.

Username

nullptr

Posts

209

Joined

Sun Mar 14, 2010 6:35 am

Re: Dr.Web CureIt! vs TDL3

#887 by EzzO
Mon Apr 26, 2010 7:37 am

nullptr
thank you so much. Bugs will be resolved in short period of time (I hope). If you want and if you have time, can you post that bugs in special beta section on Dr.Web users' forum? Thanks.

Username

EzzO

Posts

15

Joined

Sun Apr 25, 2010 6:20 am

Re: Dr.Web CureIt! vs TDL3

#890 by EzzO
Mon Apr 26, 2010 9:56 am

bugs fixed :)

Username

EzzO

Posts

15

Joined

Sun Apr 25, 2010 6:20 am

Re: Dr.Web CureIt! vs TDL3

#892 by nullptr
Mon Apr 26, 2010 2:52 pm

EzzO -the version with time stamp of 26 April 2010, 3:16:20pm still has the same bugs. Which build are they fixed in?

Username

nullptr

Posts

209

Joined

Sun Mar 14, 2010 6:35 am

Re: Dr.Web CureIt! vs TDL3

#896 by EzzO
Tue Apr 27, 2010 1:12 pm

nullptr wrote:EzzO -the version with time stamp of 26 April 2010, 3:16:20pm still has the same bugs. Which build are they fixed in?

the bugs fixed version will be as soon as possible, Dr.Web said that bugs is fixed, waiting for new CureIT! :)

Username

EzzO

Posts

15

Joined

Sun Apr 25, 2010 6:20 am

Re: Dr.Web CureIt! vs TDL3

#1863 by EP_X0FF
Mon Aug 09, 2010 5:11 am

TDL3 driver infection undetected by latest CureIt! from Dr.Web as well by latest Dr.Web AV itself (the same with any beta version available).

Infected driver file -> rasacd.sys

Scanner ver 6.00.2.05140
Engine ver 5.00.2.03300

[main]
version=3.273
quote=Dude, meet me in Montana XX00, Jesus (H. Christ)
botid=
affid=10000
subid=0
installdate=9.8.2010 4:52:20
builddate=9.8.2010 1:45:15
rnd=1935655697
[injector]
*=tdlcmd.dll
[tdlcmd]
servers=hxxps://nichtadden.in/;hxxps://91.212.226.67/;hxxps://li1i16b0.com/;hxxps://zz87jhfda88.com/;hxxps://n16fa53.com/;hxxps://01n02n4cx00.cc/;hxxps://lj1i16b0.com/
wspservers=hxxp://zl00zxcv1.com/;hxxp://zloozxcv1.com/;hxxp://71ha6dl01.com/;hxxp://axjau710h.com/;hxxp://rf9akjgh716zzl.com/;hxxp://dsg1tsga64aa17.com/;hxxp://l1i1e3e3oo8as0.com/;hxxp://7gafd33ja90a.com/;hxxp://n1mo661s6cx0.com/
popupservers=hxxp://clkh71yhks66.com/
version=3.941

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: Dr.Web CureIt! vs TDL3

#1900 by EP_X0FF
Wed Aug 11, 2010 11:23 am

After update it detects again :)

Scanner v6.00.3.08091

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact