Ronald Smyth

Hewlett Packard false positives database 648

7 posts in this topic

database version 648

I did a full scan today and received the following two alerts:

1) D:\I386\Apps\APP17851\src\install\Worldwide-HP\progfiles\Apps\hpuninstall.exe

2) D:\I386\Apps\APP17851\src\install\Worldwide-HP\progfiles\Apps\onplay.exe

The program said they were both Trojan.Downloader.

I have an HP Scanner and Printer and also installed the HP Smart Web Printing on my browser so I highly doubt those two flagged programs are bad but just in case I am trying to find out here if I am incorrect.

Share this post


Link to post
Share on other sites

I will need the files to get this one resolved .

Please zip and attach them here .

Share this post


Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.11

Database version: 651

Scan type: Full Scan (C:\|)

Objects scanned: 128014

Time elapsed: 59 minute(s), 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 4

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Jean Dahl\Desktop\OOo_2.4.0_Win32Intel_install_en-US.exe (Trojan.Downloader) -> No action taken.

C:\Program Files\HijackThis Scanalyser\uninstall.exe (Trojan.Downloader) -> No action taken.

C:\SWSETUP\HPGame\progfiles\Apps\hpuninstall.exe (Trojan.Downloader) -> No action taken.

C:\SWSETUP\HPGame\progfiles\Apps\onplay.exe (Trojan.Downloader) -> No action taken.

Now with quick scan

Malwarebytes' Anti-Malware 1.11

Database version: 651

Scan type: Quick Scan

Objects scanned: 30098

Time elapsed: 5 minute(s), 29 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Avira Antivir is also detecting TR/Crypt.CFI.Gen - Trojan in stysem restore. I can't find where the quarantine folder is for the program to scan them It also labels Scanalyzer as potential with the heuristics.

Attached zip of MBAM fp's grrr one is 3 mb file. Do you have an alternative place I can send it?

3fps.zip

3fps.zip

Share this post


Link to post
Share on other sites

I removed what I found to be the problem , see if I have this all fixed of if there is still that last one .

Share this post


Link to post
Share on other sites
Send it to my e-mail.

Ok done sent it to MWB.org

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.