Since today, Avast keeps popping up a message that my HPLaserJetService.exe is a rootkit which should be removed. I tell Avast to ignore the file since I’m pretty sure this is a false positive.
Anyone else getting this message?
Since today, Avast keeps popping up a message that my HPLaserJetService.exe is a rootkit which should be removed. I tell Avast to ignore the file since I’m pretty sure this is a false positive.
Anyone else getting this message?
think there was som HP problems a year ago… try forum search
anyway, you can report / upload file to avast lab here. http://www.avast.com/contact-form.php
I too have had this reported as a possible Root kit. The file has been on my PC for years.
My operating system is Window 7 Ultimate (x64). I have had avast! free for around a year and this file has never been challenged by avast! until 2 days ago.
Currently the file is in the avast! Virus chest. Maybe not my best decision as the Windows 7 Component Services > Services (Local) entry disappeared when I exited and rebooted PC.
So far my Printer is working as normal so I am not unduly worried yet!, HOWEVER I was unable to find out exactly what HPLaserjetService.exe does via a web search nor whether I need it with Windows 7. I do not like having unresolved unknowns that “May” rear their ugly heads later when I may not associate the issue with the actual cause.
I sent a report to avast! 2 days ago and mentioned that that I believe it to be a False-Positive. I gave them my email address and asked avast! to confirm their finding (either way). So far no response and I do not know if avast! normally does or does not respond. The problem is that IF it is not avast!'s usual procedure to respond and it just updates its definitions if a False-Positive then I would not know to restore it from the Virus Vault (which I would prefer to do as obviously HP think the file is desirable or necessary).
@dko
The problem is that IF it is not avast!'s usual procedure to respond and it just updates its definitions if a False-Positive then I would not know to restore it from the Virus Vault (which I would prefer to do as obviously HP think the file is desirable or necessary).right click file in chest, and rescan....when not detected it is fixed and can be restored a copy will remain in chest after restore....this can be deleted when all is OK
avast FAQ. how to use virus chest. http://www.avast.com/faq.php?article=AVKB21
Thanks Pondus. There are so many aspects of avast! that it can sometimes be difficult to know where/what to look for.
I did exactly what the link you referred me said to do, and today HPLaserJetService.exe is accepted by avast! ;D
Now I have to reinstall my HP software to try and a restore the HP Laserjet Service to my Windows 7 “Local services”. (or not reinstall HPLaserJetService.exe and see if anything detrimental happens)
I just signed up to post in this thread, as it seems Zippy and dko did as well. I got this same error message yesterday, when I was simply printing to the Microsoft XPS writer rather than my HP Laserjet printer. Shortly after everything went through, Avast popped up to warn me that this might be a rootkit. Sensing it may be a false positive, I selected the ignore action and found this forum thread. Then today my wife was on her laptop and got the same error at startup time. She also had the printer software installed.
I only got this printer within the last couple of months, and in that time Avast hasn’t complained about anything. We just got the executable from the install CD that came with the printer. I ran a boot scan after this happened and the results said “no virus found”. However, I checked my virus chest and HPLaserJetService.exe is currently residing in there, with the virus description “Win32:Evo-gen [Susp]”. I really am hoping that this is just a false positive, although it makes me wonder what this service was doing that it would set of Avast’s alarms.
Included is a screenshot of the error.
@Cokomon
you can upload the file from virus chest as possible false positive to avast lab
see the FAQ link i posted above, on how to do it
Thanks for the response. Can I submit a file to Avast while it is inside the virus chest folder or do I have to remove it first? Also, after submitting the file will I eventually get a response as to whether or not it really was false positive? Thanks.
you can submit from inside chest…you right click the file in chest
instructions on how to use the chest here. http://www.avast.com/faq.php?article=AVKB21
you may get a responce… anyway, wait a day or two then right click the file in chest and rescan it
if not detected you can restore it…a copy will remain in chest, this yoy can delete when all is OK
I submitted the virus/rootkit to the lab. Thanks for all the help.
I hope I had the info right. I grabbed the version number off the accompanying dlls (Programs and Features didn’t seem to have a version number listed for the printer software). I also marked it as from a trusted source in so far as it was from an install disc included with the printer. Sorry if I’m bugging you, I’ve never had submit a report before and I just want to make sure I did it right.