Jump to content
Sign in to follow this  
B00kwyrm

\HP\finalvbto executable

Recommended Posts

Here's the story...

Neice's computer. Kids got a crapload of crap via gamesites. Mostly (PUP.MyWebSearch).

I pulled the drive, put it in an external (sata to usb) enclosure, and started running diagnostics, including MBAM.

MBAM cleared these, no problem, but also flagged this particular file as a trojan. (supect it is a false positive)

  • F:\hp\finalvbto.exe (Trojan.Bat.Disabler) -> No action taken. [b1044afa0d503105055fc15fba4627d9]

I think this could be a legitimate HP program,

but since the computer is out of warranty, I do not have access to the same support,

Only resort is the community forums, and so far have not received helpful replies there.

So far, I have not been able to prove anything one way or the other, but I don't want to lose the file if it is legitimate.

What I have learned is that virscan.org has checked a file by this name (not certain it is the same, but...)

and a FEW of the virus checkers are flagging it.

The vast majority are not flagging it, including those I most trust.

You can see the report here.

So... per instructions, (still on my win7(64) machine with the questionable drive in the external enclosure),

I reran MBAM, and I will attach that log, as well as a zip of the file in question.

FYI... I have also run the following Virus /Malware scans, (in this order) which also are not flagging this file.

  • Microsoft Security Essentials
  • ESET's Online Scan
  • Trend Micro Client/Server Security Agent

FYI... MSE is on one of my computers (xpsp3), and Trend Micro on another (win7-64).

I do not have two AV installed on one machine.

I have not done anything to run an MD5 (or SHA) check on the file,

as I do not have information about whether this file is a legitimate hp file,

let alone the additional information re: file sizes or MD5.

I hope you can help me resolve this question.

Thanks.

mbam-log-2012-08-22 (09-46-08).txt

finalvbto.zip

Share this post


Link to post
Share on other sites

I don't see a way to edit my post.

This is just an update...

I have verified that the file checked at Virscan is the same as the one I am questioning...

File Size: 23,040 Bytes

MD5 Checksum: 0C97A70C39AB36C77CB48840C5D35907

SHA-1 Checksum: AC8106EE73C28C950544610AE1B1EA366339759D

Generated by MD5 & SHA-1 Checksum Utility @ http://raylin.wordpress.com/downloads/md5-sha-1-checksum-utility

Still no help on the HP Community Forum.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.