Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I downloaded a patch from HP (Hewlitt Packard) for a fix for HP
Director on a HP 1310 PSC printer. I scanned the downloaded exe with
Active Virus Shield (resident), AntiVirus Lab online scanner and
Kaspersky online scanner. They all came up clean.

When I went to install the patch Active Virus Shield popped an alert
that had been detected in the HPGPD.exe file
in the directory C:\DOCUME~1\XXXXXXX\LOCALS~1\Temp7354\. This has
to be the a file extracted from the original patch file. I deleted the
file and obviously that aborted the install of the patch.

Is this a false positive being generated by Active Virus Shield?
Should I skip the deletion of the above file and then submit the
HPGPD.exe file to online scanners for analysis?

I confirmed that the HP site I downloaded from was a legitimate HP

TIA for any comments.


Desert Rider wrote:
Quoted text here. Click to load it

it's impossible for us to say with certainty that it's a false positive,
but if it's definitely from hp's site then the chances of it being a
false positive are pretty good...

the best way to resolve the uncertainty would be to submit the file to
your anti-malware vendor for analysis - if it is a false alarm then they
can not only tell you but possibly even fix the problem... if it's not a
false alarm then probably they saved you from some problems down the line...

"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Site Timeline