I have a HP Touchsmart running Windows 7 Home Premium.When I first got it, I uninstalled Symantec Anti-Virus program, including using the Symantec removal tool. I thought it was gone. I will admit I didn’t check to make sure.
I did a Quick Scan. It detected Win32: Malware-gen in C:\Program Files\Symantec\VIP Access SDK\uninstall.exe as a HIGH threat.
I did a file search and still have a Symantec program installed. I know I didn’t install one and am the only one that uses this computer.
I haven’t done anything yet because I don’t know what to do.
I ran a Quick Scan yesterday, and it didn’t find anything. Don’t know if that matters or not.
I did a google search on Symantec\VIP Access SDK. On one of the many web sites it says:
What is VIP Access SDK?
This program is the Symantec Validation and ID Protection Service (VIP) Access Software Development Kit (SDK) software for supported notebook models running a supported operating system. This package provides middleware which, when used with HP SimplePass software, enables One-Time Password (OTP) authentication on selected web sites using the Intel Management Engine.
About VIP Access SDK (from Symantec)
“Symantec Validation and ID Protection Service is a leading cloud-based strong authentication service that enables enterprises to secure access to networks and applications while preventing access by m”
I did a file search, and I do have HP SimplePass on my computer. I have never used it. I did a google search. From what I have read, it’s a program that scans my finger as a password.
Because of the type of program it is, could that be the reason why the Symantec removal tool wouldn’t remove it?
I haven’t run the OTL diagnostic tool yet. Something tells me that it could possibly be a false positive. In the past, I’ve had a few false positive related to HP programs/files.
I haven't run the OTL diagnostic tool yet. Something tells me that it could possibly be a false positive. In the past, I've had a few false positive related to HP programs/files.
and that is why i suggest OTL diagnostic log......
My computer was idle when a Malware Blocked pop up window appeared. It was the file system shield one. When I was typing what it said, I accidently hit something and my computer restarted, so don’t have exactly what it said. I remember it was in program files\symantec. A rundll.exe was trying to run. I looked at the file system shield log. It has C:\Program Files\Symantec\VIP Access SDK\uninstall.exe listed. Result: Error: The process cannot access the file because it’s being used by another process (32).
The log also shows C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe Threat: Win32:Evo-gen [Susp] Result: Error: The process cannot access the file because it’s being used by another process (32). This showed twice.
C:\Program Files\Symantec\VIP Access SDK\uninstall.exe Threat: Win32:Evo-gen [Susp] Result: Error: The process cannot access the file because it’s being used by another process (32).This showed twice.
The log also shows C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe Threat: Win32:Evo-gen [Susp] Result: Error: The process cannot access the file because it's being used by another process (32). This showed twice.
C:\Program Files\Symantec\VIP Access SDK\uninstall.exe Threat: Win32:Evo-gen [Susp] Result: Error: The process cannot access the file because it’s being used by another process (32).This showed twice.
Hello!
This evening (CET) avast! found something in C:\Program Files\Symantec\VIP Access SDK\uninstall.exe
Last my complete scansion was Sep 27, it was all OK.
Edit: sorry, I forgot to mention my system. HP Pavillon - Windows 7 Home Edition
Today I checked some file (I forgot some mp3 in a folder long time a go), then at dinner time I runned a complete scansion and at the end I found this warning. I checked the Symantec folder with Malwarebytes (all OK) and again with avast! (I got the warning). I’m thinking it’s a false positive because I’m sure to use safe sites and I’m the only user of this PC.