T61 and prior T series ThinkPad Laptops

Reply
Topic Options
pkeegan
Active Member
pkeegan
Posts: 8
Registered: 01-25-2009
Location: denver
0

malwarebytes reporting dmload.sys as trojan

Options

08-04-2009 09:02 AM

When I perform a full scan on a T60, that has Rescue & Recovery installed, with Malwarebytes it reports dmload.sys as a trojan.

I have run it on serveral different T60s in our office with the same result.

 

Is this a false positive?

Message 1 of 2 (1,002 Views)
 
Reply
Lenovo Technology Partner
MarkATL
Posts: 262
Registered: 07-08-2009
Location: Atlanta, GA
0

Re: malwarebytes reporting dmload.sys as trojan

Options

08-04-2009 10:04 AM

 

 

This is a good question. I've seen cases where this file has been infected indeed. You can read the technical information on this link.

 

http://www.threatexpert.com/report.aspx?md5=32569d670eea67d8f25c111a5416677a

 

If this is the case, I'd highly recommend running your Antivirus program in safe mode first to see if it can detect and remove (or quarantine) it for you. I had that nasty TDSS backdoor trojan on my own machine a couple a days ago. I used Avira to get it removed. 

 

So to answer your question, I'd say no. It's not false.

 

Now if you want to repair that file, you can follow the steps below given by a friend of mine. But I must caution you though -IF that file IS infected, this will NOT help you.

 

 

  1. Browse to the following file path:
    C:\Windows\ServicePackFiles\i386
  2. Search for the file "dmload.sys"
  3. Right click the file and hit Copy.
  4. Go to the following file path:
    C:\Windows\System32\drivers
  5. Right click in the folder and select Paste.
  6. Please confirm the overwrite.
  7. Now please reboot your system.
Your best bet is running your unit in safe mode and trying to remove or quarantine any infected files.

Hope this will give you some insite.

 

Regards,

Mark

 

 

 

Do NOT PM me with technical issues. Post in the forum for assistance. Thanks
Message 2 of 2 (995 Views)
 
Reply