A "Dr. Web" warning....

[GlennSprigg]

I used to only use 'AVAST' anti-virus, but they got too sneaky, and with underlying tricks.
NOW i use 'Comodo', which is not for the feint-hearted, but very powerful, intricate & accurate. 

Anyway, I recently temporarily perused 'Dr. Web', and quickly decided to delete it completely. (Or so I thought).
After re-booting, COMODO warned me that an executable called 'dwservice.exe' was trying to access an online server.
I blocked it permanently, but after research, found out it was to do with 'Dr. Web'.  The report says...
"DWService enables remote access to systems via just a standard web browser."  Hmmm...   

We've all of course heard of the likes of 'TeamViewer' etc etc, but this was a new one on me!!
I'll never trust those pricks again, as far as I can kick them !!   

[wraper]

"DWService enables remote access to systems via just a standard web browser."

DWService you googled has nothing to do with any files from Drweb which may be named similarly. Doesn't it hit you that quote comes from a completely unrelated website? https://www.dwservice.net/en/overview.html

I'll never trust those pricks again, as far as I can kick them !!   

Rather don't trust your judgment skills.

[GlennSprigg]

"DWService enables remote access to systems via just a standard web browser."

DWService you googled has nothing to do with any files from Drweb which may be named similarly. Doesn't it hit you that quote comes from a completely unrelated website? https://www.dwservice.net/en/overview.html

I'll never trust those pricks again, as far as I can kick them !!   

Rather don't trust your judgment skills.

'wraper'...  we all have varying degrees of 'knowledge', and am sorry if you do not trust me...  No loss or gain! 
Anyway, prior to my obviously ill-informed rant, I did numerous look-ups regarding that executable. 
Here is yet 'another' one unrelated to my past queries...

It's strange that I had just installed/deleted/rebooted 'Dr. Web' just prior to 'Comodo's finding. Yes, there is a Site
attributed to that executable also, but maybe Dr. Web UTILIZE their services??  Not to mention the .exe starting with 'DW'.
Please don't just feel I'm some trouble making retard, in your sights from such Ivory towers....   

[Mr. Scram]

If you actually want control of, visibility into, and relative security of what's running on your computer,
just run unix / linux.  With windows / mac / chrome / android / whatever similar there will guaranteed be a never ending stream
of unexplained, undocumented, and frankly unnecessary things installed on your machine which are either themselves unwanted / malware
or very commonly open the doors for such to come in by their bad design.

I mean really for all the "forced updates" they give do you ever even get a meaningful change log as to what has changed, and why?  No? Yeah.

Valid advice yet wholly useless to most. Suggesting Linux in response to any and all Windows issues isn't helpful. I wish the evangelical sort would realise this as they're doing more harm to the Linux community than good.

[GlennSprigg]

I blocked it permanently, but after research, found out it was to do with 'Dr. Web'.  The report says...
"DWService enables remote access to systems via just a standard web browser."  Hmmm...   

what research? https://download.geo.drweb.com/pub/drweb/windows/workstation/12.0/documentation/html/av/en/index.html?settings_avnetwork.html have you checked your RCA is "already enabled"? or is it that Comodo only playing sentimental with you..

Rather don't trust your judgment skills.

why he opted to discard AVAST is a mystery.. if any malicious file is attempted into my system, avast will immediately block it before it even get copied, not after reboot.

[/b]

Firstly, I was told by 'wraper' that this .exe. is not necessarily to do with Dr. Web...  Which was wrong.

When you say...  "have you checked your RCA is "already enabled"? or is it that Comodo only playing sentimental with you."...
Obviously, it IS a part of Dr. Web then. And I never noticed any warning/option to have such a 'module/function' enabled.
In my limited capacity, I don't understand the 'snydness' of... "Comodo only playing sentimental with you." ??

When you say... "malicious file is attempted into my system, avast will immediately block it before it even get copied, not after reboot"...
Well, obviously, when 'Dr. Web' was first installed, and I gave it Permission to run & install, all such modules were 'Allowed' to be
present in my system.  However, after supposedly totally UN-installing it, (not completely though as it should have!), there were
REMNANTS left, as in that .exe file, that Comodo NOW rightly detected and blocked!! (Not sitting on it's laurels before-hand!!)

Now a lot of 'trusted' software will, during a re-boot, COMPLETE it's total un-installation THEN, if it could not do so fully while the System was
running. However, my main/initial complaint, is that it left this Module behind, and actively running after a re-boot!!! How can I be clearer!!
To those even 'less' initiated than my mere self, this is not acceptable, and deserves reporting as such!

In GENERAL though, regarding what you say about AVAST...  YES, for many years it has been a 'leader' for those in the know, as a serious
contender, and quite thorough, with a very low footprint on your system. That's why I used them for YEARS!  However!, because they are
a Business and not a charity, their current emphasis is vastly towards constant nagging & pushing for upgrades, beyond what I would label
as friendly/unobtrusive...  They CONSTANTLY now throw 'warning' messages to 'scare' the uninitiated, almost declaring their systems totally
corruptible and open to attacks, if they do not immediately upgrade!!!  (And quoting tons of false virus/threat warnings!).

'Comodo', (with whom I have zero affiliation with!), ARE a very high end organization. As I stated, it is not for the feint-hearted, as the setup
fine-tuning and utilization can be daunting at first, and not for someone 'new' to computers in general at first.  From the start, it never 'Assumes'
anything, and it 'learns' as you go along, regarding YOUR choices & understanding, of what's going on continuously. Assuming you 'know'...
Eventually, you hear less & less from it, and it's all back to 'normal', and although 'in control', it will not let you make a mistake!!!

[Kleinstein]

There is still chance the dwservice.exe file is actually not really from Dr. Web, but only pretends so. Malware may not be honest about the creator.
It is still suspicious to have this file left behind and active.
If it is a 3rd party malware than DrWeb should have complained before - so anyway is the fault of DrWeb. Likely in leaving behind some active service (even if not really active).  Anti virus products are prime canditates for adding additional backdoors to the system, as they need some access to low level services and often there is no 2nd system to check.

[wraper]

Firstly, I was told by 'wraper' that this .exe. is not necessarily to do with Dr. Web...  Which was wrong.

I told that what you googled is completely unrelated with the file you had. dwservice.exe from Dr.Web (I guess acronym of Dr.Web service) you had on your computer has nothing to do with remote access program called DWService. Is it that hard to understand? When I ever claimed that dwservice.exe file is unrelated to Dr.Web?
DWService you googled does not even have any files with such name. It uses dwagent.exe

However, my main/initial complaint, is that it left this Module behind, and actively running after a re-boot!!! How can I be clearer!!

As I read it, your main complaint was that it left a remote access backdoor, which it did not. BTW Dr.Web has a removal tool if antivirus did not uninstall properly. Also It's entirely possible that Dr.Web did not uninstall properly because you had 2 antiviruses installed simultaneously (Dr.Web+Comodo), which is a big no-no.

Yes, there is a Site attributed to that executable also

There isn't.

but maybe Dr. Web UTILIZE their services??

LMAO

Not to mention the .exe starting with 'DW'.

The same way as terrarium and terrorism.

[GlennSprigg]

Firstly, I was told by 'wraper' that this .exe. is not necessarily to do with Dr. Web...  Which was wrong.

I told that what you googled is completely unrelated with the file you had. dwservice.exe from Dr.Web (I guess acronym of Dr.Web service) you had on your computer has nothing to do with remote access program called DWService. Is it that hard to understand? When I ever claimed that dwservice.exe file is unrelated to Dr.Web?
DWService you googled does not even have any files with such name. It uses dwagent.exe

However, my main/initial complaint, is that it left this Module behind, and actively running after a re-boot!!! How can I be clearer!!

As I read it, your main complaint was that it left a remote access backdoor, which it did not. BTW Dr.Web has a removal tool if antivirus did not uninstall properly. Also It's entirely possible that Dr.Web did not uninstall properly because you had 2 antiviruses installed simultaneously (Dr.Web+Comodo), which is a big no-no.

Yes, there is a Site attributed to that executable also

There isn't.

but maybe Dr. Web UTILIZE their services??

LMAO

Not to mention the .exe starting with 'DW'.

The same way as terrarium and terrorism.

?  We are obviously not on the same page, and reading/re-reading your comments just leaves me confused & utterly flummoxed !!   
Obviously I'm not getting what you are saying, but neither are YOU piecing together anything 'I' am trying to say either???...
We can go round & round in circles, or simply just STOP! I'm sure the other 230 odd readers of this post can grasp what I'm saying!   

[wraper]

?  We are obviously not on the same page, and reading/re-reading your comments just leaves me confused & utterly flummoxed !!   
Obviously I'm not getting what you are saying, but neither are YOU piecing together anything 'I' am trying to say either???...
We can go round & round in circles, or simply just STOP! I'm sure the other 230 odd readers of this post can grasp what I'm saying!   

Name_of_the_file.exe from one application being the same as the name of some other program (which is called Name_of_the_file without .exe) does not mean they have anything in common. Capish?

[GlennSprigg]

?  We are obviously not on the same page, and reading/re-reading your comments just leaves me confused & utterly flummoxed !!   
Obviously I'm not getting what you are saying, but neither are YOU piecing together anything 'I' am trying to say either???...
We can go round & round in circles, or simply just STOP! I'm sure the other 230 odd readers of this post can grasp what I'm saying!   

Name_of_the_file.exe from one application being the same as the name of some other program (which is called Name_of_the_file without .exe) does not mean they have anything in common. Capish?

'Capish'... Now you are resorting to Italian in order to 'belittle'... sigh...
You NOW just reversed everything that you said... AGAIN!!!...  'Mama-Mia!!'   
Go away....

[wraper]

You NOW just reversed everything that you said...

From the beginning I said that your file has nothing to do with what you googled

"DWService enables remote access to systems via just a standard web browser."

DWService you googled has nothing to do with any files from Drweb which may be named similarly. Doesn't it hit you that quote comes from a completely unrelated website?

How this is any different from what I said in other posts?

You NOW just reversed everything that you said... AGAIN!!!...  'Mama-Mia!!'

Well, the second part of my initial post turned out to be especially true. 

[GlennSprigg]

Once again... Simply GO AWAY !!!!!  
Can't you find some Ants to burn with a Magnifying Glass...
Or some local little kids to bully or something??? 

Or maybe some Moderator can simply block this post/thread !   

[wraper]

Once again... Simply GO AWAY !!!!!  

Check the authority of your "Ivory towers", or find a safe space. It's very popular these days.

Or some local little kids to bully or something???

Nobody is bullying you. I'm simply a bit astonished you cannot understand or read a few simple sentences. It's like a mishmash in your brain. You fail to filter what google shows you (not nearly everything it shows is relevant). You repeatedly failed to understand what I explained. And you are overly defensive. My first post might be a bit harsh and uncalled in the end, and I should not have written it that way. At that moment to me it seemed extremely lame that you took a first thing google showed, made no mental action to check it's relevance, and made very far reaching conclusions. But your further action is way worse IMHO.