The Notebook Review forums were hosted by TechTarget, who shut down them down on January 31, 2022. This static read-only archive was pulled by NBR forum users between January 20 and January 31, 2022, in an effort to make sure that the valuable technical information that had been posted on the forums is preserved. For current discussions, many NBR forum users moved over to NotebookTalk.net after the shutdown.
Problems? See this thread at archive.org.

    "mediasrv.exe" false positive

    Discussion in 'Security and Anti-Virus Software' started by Tinderbox (UK), Dec 5, 2011.

  1. Tinderbox (UK)

    Tinderbox (UK) BAKED BEAN KING

    Reputations:
    4,745
    Messages:
    8,513
    Likes Received:
    3,823
    Trophy Points:
    431
    Does anybody else get this, The Virus Total Website gives a positive result also 4/43

    Kaspersky IS 2012 says it is OK.

    Thanks

    John.

     
    Tinderbox (UK), Dec 5, 2011
    #1
  2. TreeTops Ranch

    TreeTops Ranch Notebook Deity

    Reputations:
    330
    Messages:
    904
    Likes Received:
    124
    Trophy Points:
    56
    I googled that file and it appears to be a Computer Associates file. Most hits say it is a virus or exploit file. Do you have any CA stuff on your computer?
     
    TreeTops Ranch, Dec 5, 2011
    #2
  3. Tinderbox (UK)

    Tinderbox (UK) BAKED BEAN KING

    Reputations:
    4,745
    Messages:
    8,513
    Likes Received:
    3,823
    Trophy Points:
    431
    What is CA stuff?

    EDIT : I deleted it anyway, I dont even have bluetooth on my notebook.
     
    Tinderbox (UK), Dec 5, 2011
    #3
  4. TreeTops Ranch

    TreeTops Ranch Notebook Deity

    Reputations:
    330
    Messages:
    904
    Likes Received:
    124
    Trophy Points:
    56
    CA = Computer Associates

    However, even MS (Microsoft) uses them so I doubt that it is a virus from them. Noticed that that file is in your Blue Tooth folder. Maybe some Blue Tooth software or driver did it?

    Google that file and you will see lots of virus info on it. Some false positives some real.
     
    TreeTops Ranch, Dec 6, 2011
    #4
  5. Baserk

    Baserk Notebook user

    Reputations:
    2,503
    Messages:
    1,794
    Likes Received:
    1
    Trophy Points:
    56
    Tinderbox, the SHA1 for the file at VT, corresponds with the FP mentioned in this Avast thread link.
    You can see that at the linked VT result in that thread, a lot more AV's flagged it as malware.
    Just seems an FP, probably due to the file not being properly signed.
    I wouldn't worry as Avast, Avira, Emsisoft (and much more AV's) all give it a clean bill of health now.
     
    Baserk, Dec 6, 2011
    #5
  6. Steven

    Steven God Amongst Mere Mortals

    Reputations:
    705
    Messages:
    986
    Likes Received:
    4
    Trophy Points:
    31
    Nothing to worry about, pretty sure its a false positive.
     
    Steven, Dec 6, 2011
    #6