KernalCha0s Posted January 9, 2018 ID:1198375 Share Posted January 9, 2018 Hello! So I am fairly new to this forum however I wanted to show you guys something that nor Malwarebytes nor Windows Defender could detect on my PC. I was taking a look around, and noticed within my C:\\ProgramFiles(x86) an unusual folder called sp59755 and sp60655. So I decided to open them up and see what the heck was inside. I noticed very unusual exe that I had never seen before. So I have manually deleted those files however, turned back around and retrieved them from a shadow copy and am now going to run them on a VM. Has anyone ever seen this before? I have attached a screenshot of the contents inside the folder down below. Link to post Share on other sites More sharing options...
Porthos Posted January 9, 2018 ID:1198389 Share Posted January 9, 2018 18 minutes ago, KernalCha0s said: So I decided to open them up and see what the heck was inside. I noticed very unusual exe that I had never seen before. So I have manually deleted those files however, turned back around and retrieved them from a shadow copy and am now going to run them on a VM. Has anyone ever seen this before? I have attached a screenshot of the contents inside the folder down below. Those are legit files from an HP BIOS update. Link to post Share on other sites More sharing options...
KernalCha0s Posted January 9, 2018 Author ID:1198390 Share Posted January 9, 2018 I do not have any HP product? And I am not familiar with HP Bios having HideW.exe? Is there any source that reports these are safe? Link to post Share on other sites More sharing options...
David H. Lipman Posted January 9, 2018 ID:1198398 Share Posted January 9, 2018 KernalCha0s: Please reference the following on how to provide sample submissions such that Malwarebytes' Anti-Malware (MBAM) can detect targeted but presently undetected threats. Malware Hunters groupPurpose of this forum Link to post Share on other sites More sharing options...
Porthos Posted January 9, 2018 ID:1198408 Share Posted January 9, 2018 21 minutes ago, KernalCha0s said: I do not have any HP product? And I am not familiar with HP Bios having HideW.exe? Is there any source that reports these are safe? I just downloaded one of your SP files directly from HP and extracted it the files are the same and yes HP uses them. I have attached them for you. There are 4 unknown AV programs that falsely detect that file. https://www.virustotal.com/en/file/04c32a4615ada48103bcabc3b859e2626ce873bfa82fb5b1d25a23ab9ee3619f/analysis/1515532757/ I will ask your post to be moved to the correct section so the staff can confirm what I have said. sp60655.zip Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now