Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Desert Rider
October 10, 2007, 7:37 pm
rate this thread
Director on a HP 1310 PSC printer. I scanned the downloaded exe with
Active Virus Shield (resident), AntiVirus Lab online scanner and
Kaspersky online scanner. They all came up clean.
When I went to install the patch Active Virus Shield popped an alert
that Trojan.Win32.KillFiles.nu had been detected in the HPGPD.exe file
in the directory C:\DOCUME~1\XXXXXXX\LOCALS~1\Temp7354\. This has
to be the a file extracted from the original patch file. I deleted the
file and obviously that aborted the install of the patch.
Is this a false positive being generated by Active Virus Shield?
Should I skip the deletion of the above file and then submit the
HPGPD.exe file to online scanners for analysis?
I confirmed that the HP site I downloaded from was a legitimate HP
TIA for any comments.
it's impossible for us to say with certainty that it's a false positive,
but if it's definitely from hp's site then the chances of it being a
false positive are pretty good...
the best way to resolve the uncertainty would be to submit the file to
your anti-malware vendor for analysis - if it is a false alarm then they
can not only tell you but possibly even fix the problem... if it's not a
false alarm then probably they saved you from some problems down the line...
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"