English Community

Software and Operating SystemSecurity & Malware
All Forum Topics
Options

3 Posts

06-08-2020

US

1 Signins

10 Page Views

  • Posts: 3
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 10
  • Message 1 of 22

fhybd15_version_repack.exe

2020-06-08, 13:49 PM
Our virus software marked a file in the Lenovo System update folder as harmful. Anyone else experience this or know what this is? C:\ProgramData\Lenovo\SystemUpdate\sessionSE\Repository\fhybd15\fhybd15_version_repack.exe
Reply
Options

2 Posts

06-08-2020

US

4 Signins

10 Page Views

  • Posts: 2
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 10
  • Message 2 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 17:12 PM

Cylance has been screaming at my inbox with this file. I know in the past Lenovo's updates has been flagged and shown to have malware attached to it. I just wouldn't think this would happen again 8 years later.

 

Can someone confirm? I know this only affect the docking station for user who has a P53.

Reply
Options

1 Posts

03-28-2019

US

4 Signins

30 Page Views

  • Posts: 1
  • Registered: ‎03-28-2019
  • Location: US
  • Views: 30
  • Message 3 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 17:53 PM

We are experiencing the same alerts. Who can give us a update on what this is?

Reply
Options

1 Posts

06-08-2020

US

2 Signins

5 Page Views

  • Posts: 1
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 5
  • Message 4 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 18:56 PM

We also were alerted to this file by our AV and would like confirmation if it is malicious or not.

Reply
Options

899 Posts

02-20-2009

US

1050 Signins

6286 Page Views

  • Posts: 899
  • Registered: ‎02-20-2009
  • Location: US
  • Views: 6286
  • Message 5 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 19:02 PM

What machine type are you scanning with System Update that is pulling this package file?

 

that would be a four digit number...you can pull it if you run MSINFO32, and look at the first four characters of the "System Model" field that should come up after you run the command.

 

Also, do you have any docking stations attached, or just an individual Thinkpad?

Reply
Options

2 Posts

06-08-2020

US

4 Signins

10 Page Views

  • Posts: 2
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 10
  • Message 6 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 19:40 PM
It's now happening to all laptops with docks install for my users. Below are the models we issue out to our users with this error T470: 20BM009US T480: 20L50011US P52: 20M9000FUS P53: 20QN001YUS
Reply
Options

3 Posts

06-08-2020

US

1 Signins

10 Page Views

  • Posts: 3
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 10
  • Message 7 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 19:50 PM
Others - T480 (20L6), T470 (20JN), T460 (20FM), E580 (20KT)
Reply
Options

3 Posts

06-08-2020

US

1 Signins

10 Page Views

  • Posts: 3
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 10
  • Message 8 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 20:00 PM
T490 (20N3)
Reply
Options

1 Posts

06-08-2020

US

1 Signins

5 Page Views

  • Posts: 1
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 5
  • Message 9 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 20:59 PM

We have over 50 machines - T470s, T480s, and T490s - that CrowdStrike is flagging as the same malware. Please give us some resolution quickly.

Reply
Options

1 Posts

06-08-2020

US

1 Signins

0 Page Views

  • Posts: 1
  • Registered: ‎06-08-2020
  • Location: US
  • Views: 0
  • Message 10 of 22

Re:fhybd15_version_repack.exe

2020-06-08, 21:40 PM

A number of sources identify this as malicious:

  • https://any.run/report/3a114fd947e1e569dc381e0dc9d1a41f3cea456ed79872a1bae54daa34136ab9/fbad7882-64c0-4bae-a7ca-465ec8d81759
  • https://www.virustotal.com/gui/file/3a114fd947e1e569dc381e0dc9d1a41f3cea456ed79872a1bae54daa34136ab9/detection 

 

Quoth the Raven: "Lenovo"!

Reply
Forum Home

Community Guidelines

Please review our Guidelines before posting.

Learn More

Check out current deals!

Go Shop
X

Save

X

Delete