Hi all, I have received the following warning of a “severe threat” today using the latest version of Avast! - .File C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe is infected by Win32:Malware-gen
I have reinstalled the HP software from a years old CD Rom and Avast! is still complaining it is a severe threat. A false positive I believe? Thanks.
Regards.
Fred.
Can you submit the file to www.virustotal.com?
Can you send the file to avast for analysis?
I can do that, yes, but the CD ROM that I reinstalled the software from is a genuine HP CDROM and is at least 3 years old. It can’t be malware infected off a ~3 year old OEM CDROM?
It is called confirmation, when you confirm it is a false positive, that is the first step, it isn’t unheard of for malware to be found on official media. Whilst it is unlikely it is best to confirm.
If only GData and avast detect it - GData uses avast as one of its two scanners so counts as 1 detection and almost certainly an FP.
Send the sample to avast as a False Positive:
Open the chest and right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update. Add the link to the VT results in your submission and possibly a link to this topic
Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the File System Shield and avast Settings, exclusions lists.
Thanks DavidR, that seems like sound advice.
No problem, glad I could help.
Welcome to the forums.
I have uploaded the file to virustotal.com. Only GData and Avast report it as malware infected. I’m now happy that this is a false +ve. I’ve sent the report to avast too.
Thanks Fred for helping improving correct detection 