database version 648
I did a full scan today and received the following two alerts:
1) D:\I386\Apps\APP17851\src\install\Worldwide-HP\progfiles\Apps\hpuninstall.exe
2) D:\I386\Apps\APP17851\src\install\Worldwide-HP\progfiles\Apps\onplay.exe
The program said they were both Trojan.Downloader.
I have an HP Scanner and Printer and also installed the HP Smart Web Printing on my browser so I highly doubt those two flagged programs are bad but just in case I am trying to find out here if I am incorrect.
Hewlett Packard false positives database 648
Started by Ronald Smyth, Apr 18 2008 11:47 AM
6 replies to this topic
#2
Hardhead
-
- Experts
-
- 806 posts
Elite Member
- Location:Blue Ridge, Va.
Posted 18 April 2008 - 11:54 AM
Bruce will fix these ASAP. 
Thanks
Thanks
Member Since 2004
Calendar of Updates?
#4
JeanInMontana
-
- Honorary Members
-
- 3,867 posts
Delete this account!!
- Interests:would love to see some honesty around this site.
Posted 18 April 2008 - 03:30 PM
Malwarebytes' Anti-Malware 1.11
Database version: 651
Scan type: Full Scan (C:\|)
Objects scanned: 128014
Time elapsed: 59 minute(s), 1 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Jean Dahl\Desktop\OOo_2.4.0_Win32Intel_install_en-US.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\HijackThis Scanalyser\uninstall.exe (Trojan.Downloader) -> No action taken.
C:\SWSETUP\HPGame\progfiles\Apps\hpuninstall.exe (Trojan.Downloader) -> No action taken.
C:\SWSETUP\HPGame\progfiles\Apps\onplay.exe (Trojan.Downloader) -> No action taken.
Now with quick scan
Malwarebytes' Anti-Malware 1.11
Database version: 651
Scan type: Quick Scan
Objects scanned: 30098
Time elapsed: 5 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Avira Antivir is also detecting TR/Crypt.CFI.Gen - Trojan in stysem restore. I can't find where the quarantine folder is for the program to scan them It also labels Scanalyzer as potential with the heuristics.
Attached zip of MBAM fp's grrr one is 3 mb file. Do you have an alternative place I can send it?
Database version: 651
Scan type: Full Scan (C:\|)
Objects scanned: 128014
Time elapsed: 59 minute(s), 1 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Jean Dahl\Desktop\OOo_2.4.0_Win32Intel_install_en-US.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\HijackThis Scanalyser\uninstall.exe (Trojan.Downloader) -> No action taken.
C:\SWSETUP\HPGame\progfiles\Apps\hpuninstall.exe (Trojan.Downloader) -> No action taken.
C:\SWSETUP\HPGame\progfiles\Apps\onplay.exe (Trojan.Downloader) -> No action taken.
Now with quick scan
Malwarebytes' Anti-Malware 1.11
Database version: 651
Scan type: Quick Scan
Objects scanned: 30098
Time elapsed: 5 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Avira Antivir is also detecting TR/Crypt.CFI.Gen - Trojan in stysem restore. I can't find where the quarantine folder is for the program to scan them It also labels Scanalyzer as potential with the heuristics.
Attached zip of MBAM fp's grrr one is 3 mb file. Do you have an alternative place I can send it?
Attached Files
-
3fps.zip 170.29KB
126 downloads
#6
nosirrah
-
- Administrators
-
- 5,402 posts
Forum Deity
- Location:Northampton, MA USA
#7
JeanInMontana
-
- Honorary Members
-
- 3,867 posts
Delete this account!!
- Interests:would love to see some honesty around this site.
Posted 18 April 2008 - 05:00 PM
RubbeR DuckY, on Apr 18 2008, 02:43 PM, said:
Send it to my e-mail.
Ok done sent it to MWB.org
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
