Homepage
Forum
Drivers
HMM
MTM
Feed
Hi,
My Antivirus detected these two items as malware "pck themida"
C:\Program Files\MLPS\apps\DMFSD\Data1.cab
C:\SWTOOLS\APPS\DMFSD\Data1.cab
I just did some search on SWTOOLS and this MLPS directory and found a link to Lenovo's site. So are these files related to Lenovo and are they harmless?
Laptop: L512, Win 7 pro
Detected Data1.cab as malware ?
-
newthinker
- Posts: 8
- Joined: Tue Apr 05, 2011 1:01 pm
- Location: Leningrad, Russia
Detected Data1.cab as malware ?
How green is my thinkpad?
L512, i3-380M, 320GB hdd, 4GB, Win 7 Pro
L512, i3-380M, 320GB hdd, 4GB, Win 7 Pro
Re: Detected Data1.cab as malware ?
most likely a false positve considering Lenovo files... but, to be totally safe, run them past http://virusscan.jotti.org/en
Is your AV detecting the virus INSIDE the cab? cab files are just archives of other files, like a ZIP file... if it is detecting the .CAB as a virus, it is for sure a false positive. If detecing on a file inside the cab, you can extract it, and check it on jotti. (may need to disable your virus engine 1st, as long as you don't run the exe/dll or open the doc/pdf/whatever... your safe. I generally don't use virus software (rely on common sense and jotti)... ain't had a virus since my workstation at work got the "I Love You" virus back in the 90's
If jotti shows on more then a few, it's a virus (some engines pick up certain legit tools as a virus, just gotta look up the virus if only a few see it as one). Virii with "gen" in the name are often harmless. I've seen anti virus show virii on files that I personally compressed with UPX. It's hit on certain command line tools as a PUP (potentially unwanted program)... You can't totally rely on anti virus apps.
Is your AV detecting the virus INSIDE the cab? cab files are just archives of other files, like a ZIP file... if it is detecting the .CAB as a virus, it is for sure a false positive. If detecing on a file inside the cab, you can extract it, and check it on jotti. (may need to disable your virus engine 1st, as long as you don't run the exe/dll or open the doc/pdf/whatever... your safe. I generally don't use virus software (rely on common sense and jotti)... ain't had a virus since my workstation at work got the "I Love You" virus back in the 90's
If jotti shows on more then a few, it's a virus (some engines pick up certain legit tools as a virus, just gotta look up the virus if only a few see it as one). Virii with "gen" in the name are often harmless. I've seen anti virus show virii on files that I personally compressed with UPX. It's hit on certain command line tools as a PUP (potentially unwanted program)... You can't totally rely on anti virus apps.
(2)701C,(1)760EL,(6)760XL,(1)760XD
(4)CD Drives (5)int floppies (3)ext floppy (4)2.1GB
(10)CF/IDE w/2 or 4GB 133x CF (1)760XL restore CD
(1)Belkin USB 2.0 32bit Cardbus (2)WPC54G(S) Wifi Cardbus
(1)Belkin F5D5020 NIC (1)Giga-Byte GN-WLM01 Wifi
(1)Backpack CD (1) Xircom REM56G-10 + misc
(4)CD Drives (5)int floppies (3)ext floppy (4)2.1GB
(10)CF/IDE w/2 or 4GB 133x CF (1)760XL restore CD
(1)Belkin USB 2.0 32bit Cardbus (2)WPC54G(S) Wifi Cardbus
(1)Belkin F5D5020 NIC (1)Giga-Byte GN-WLM01 Wifi
(1)Backpack CD (1) Xircom REM56G-10 + misc
-
newthinker
- Posts: 8
- Joined: Tue Apr 05, 2011 1:01 pm
- Location: Leningrad, Russia
Re: Detected Data1.cab as malware ?
Just like you i think it's false positive.
the cab file located in SWTOOLS directory is 253 MB, you can forget about uploading such a big file to virus total or jotti sites. The AV scanner detects the cab file itself as malware , not indicating any files inside the CAB file.
Still i would like to know more details about these files/directories, if other thinkpad users have them as well i suppose it can be trusted. Don't think Lenovo would install some malware on their products
the cab file located in SWTOOLS directory is 253 MB, you can forget about uploading such a big file to virus total or jotti sites. The AV scanner detects the cab file itself as malware , not indicating any files inside the CAB file.
Still i would like to know more details about these files/directories, if other thinkpad users have them as well i suppose it can be trusted. Don't think Lenovo would install some malware on their products
How green is my thinkpad?
L512, i3-380M, 320GB hdd, 4GB, Win 7 Pro
L512, i3-380M, 320GB hdd, 4GB, Win 7 Pro
Re: Detected Data1.cab as malware ?
this is "Corel DVD MovieFactory"... look inside the setup.ini located in the same directory
(2)701C,(1)760EL,(6)760XL,(1)760XD
(4)CD Drives (5)int floppies (3)ext floppy (4)2.1GB
(10)CF/IDE w/2 or 4GB 133x CF (1)760XL restore CD
(1)Belkin USB 2.0 32bit Cardbus (2)WPC54G(S) Wifi Cardbus
(1)Belkin F5D5020 NIC (1)Giga-Byte GN-WLM01 Wifi
(1)Backpack CD (1) Xircom REM56G-10 + misc
(4)CD Drives (5)int floppies (3)ext floppy (4)2.1GB
(10)CF/IDE w/2 or 4GB 133x CF (1)760XL restore CD
(1)Belkin USB 2.0 32bit Cardbus (2)WPC54G(S) Wifi Cardbus
(1)Belkin F5D5020 NIC (1)Giga-Byte GN-WLM01 Wifi
(1)Backpack CD (1) Xircom REM56G-10 + misc
-
- Similar Topics
- Replies
- Views
- Last post
-
-
Keyboard & Thinkpoint Inert On Bootup After Bad Malware Fighter DeInstall
by jimwg » Tue May 16, 2017 11:01 am » in ThinkPad R, A, G and Z Series - 4 Replies
- 452 Views
-
Last post by Thinkpad4by3
Tue May 16, 2017 4:09 pm
-
Who is online
Users browsing this forum: No registered users and 1 guest