Is this a false/positive from NOD32?

Hi,

Since at least two weeks NOD32 found an adware call Hotbar at the following location : c:\Program Files\Your uninstaller 2004\HbUninst.exe

Is this a false/positive or a legit nasty that I should get rid off?

Thank you,
Atomas31

 

Hotbar is a legit nasty and can be removed.

Cheers

 

Sounds charming...

http://sarc.com/avcenter/venc/data/adware.hotbar.html

 

I had the same problem with uninstaller 2004. I have since removed it. I am now using advanced uninstaller.

 

I have check on the site Plexshaw has given and the file tag as hotbar doesn't correspond to those on this site?

Your uninstaller! 2004 is a legit program and no anti-spyware or anti-adware detecting anything in it so, how can NOD32 detect an adware in it? My system has no strange behavior and I have no additional and undesired bar in any of my program

Thank you,
Atomas31

 

If you want to recheck the file either, run an online scan or upload it to jotti's - http://virusscan.jotti.org/

Your Uninstaller 2004 by ursoftware looks like a legit program - so I'd test the file a jotti's

 

I upload the file to Jotti and 5 anti-virus found the files has being Hotbar and 8 indicated that they found nothing?

Even there what can I trust? Should I trust some anti-virus (the majority telling me that they found nothing) telling me that they found an Adware or my anti-spyware that telling me that they are no adware or spyware on my system?

Thanks,

 

Send the file to Eset (samples@eset.com) and ask them to recheck the findings. (zip the file and lock the archive with the password infected)

You could do the same with the other AV's that tagged it at Jotti's. ... If nothing is amiss I'd leave it for now, until you here something back. Unless you don't use the program, then I'd uninstall it, and rescan.

 

Before you submit the file, be sure that the file is still picked up with the latest virus signature database (currently 1.1143)

 

Hi folks,

I tend to think that it's a false positive because if I correctly understand to what is stated in the product intro, YU 2004 boasts to be capable of removing HotBar virus and HbUninst.exe should be the clue, hopefully. I can't testify it as my comp is clear, thank goodness.

NOD has discovered the file during ad-aware scan and quarantined it. So, I am also keen to get know the result of HbUninst.exe assessment.

BTW, apart above, YU 2004 is really great tool which after intensive using I trust to.

Regards,
Eng

 

Thanks Eng.

Cheers

 

Hi,

You are right Eng, Your uninstaller 2004 have in option to uninstall Hotbar wich like you said may be the reason of HbUninst.exe.

So do I have to send it anyway to ESET and if yes, how do I do that exactly and without removing the file since it is not actually Hotbat but the uninstaller of Hotbar using by Your uninstaller 2004?

Marcos : I just did a scan with the latest update and yes, NOD32 still pick this file in c:\program files\Your uninstaller 2004\HbUninst.exe as the adware call Hotbar.

Thank you,
Atomas31

 

dog has written this in his post #8 above, so zip, lock and send the HbUninst.exe to ESET for evaluation ... I am becoming more convinced that the might be a false positive because NOD has labelled the file as an infiltration variety of Win32/Adware.HotBar application instead of a real virus. Anyway, I am curious what the result is in the end.

Regards,
Eng