[SOLVED] Detected Threat ... HP Digital Imaging

Threat is now in the chest and I have sent a copy to Avast.
Is this a false positive since the .exe involved seems to me to be the original installed file with a last modification in 2009.
I conducted a Boot Scan following its isolation … where do I find the results? Or is this only available on paid subscriptions, I use Avast Free.
Thanks Ron

Hello,
send the file through https://support.avast.com/ → Avast Virus Lab as False positive, please.

Milos

Done. Do you think it is a false positive? I guess that many HP/Avast users will have this issue if it is.
Cheers
Ron

you may also upload and test file here www.virustotal.com / www.metascan-online.com if tested before, click rescan for a fresh result

post link to scan result here

As you can read here it should be considered as safe under normal circumstances: http://www.processlibrary.com/en/directory/files/firepnpevent/2907/
See: https://www.reasoncoresecurity.com/firepnpevent.exe-a79c4d83d8bcc17217c4f99f4c82ceddbc724660.aspx
Re: http://processchecker.com/file/FIREPNPEVENT.exe.html
Re: http://www.backgroundtask.eu/Systeemtaken/taakinfo/788286/FIREPNPEVENT.exe/
Let us wait for a status confirmation of an avast team member, as we are not (just volunteers with relevant knowledge), but my best guess is it is above board and a false positive.

polonus

Thanks all for your inputs. I will wait until Avast comment … do they comment via this thread?
I sent the suspect file to them using the Component Status/Virus Chest/Submit to virus lab facility in the Avast programme which is the only way I know how to send it.

If it is possible I would also like an answer to the 2nd part of my initial thread:
I conducted a Boot Scan following its isolation … where do I find the results? Or is this only available on paid subscriptions, I use Avast Free.

Ron

Check the C:\ProgramData\AVAST Software\Avast\Report (or Log) folder for Win 7 or later.
I believe the file name is aswboot.log. This folder may be hidden so you may need to change the Explorer > Tools > Folder Options > View.

Thanks David … found it! Obviously being so hidden its not a file that one would usually seek. However, it does show that I have a couple of corrupted ZIP files (to do with video activity that I ‘hobby’) so I can check these.
Otherwise a clean bill of health … with the queried file still in the Chest.
Cheers Ron

You’re welcome.

A corrupt file shouldn’t an issue, avast isn’t saying it is malicious, just that it can’t unpack it to scan it.

If avast can’t unpack it, then essentially it believe it to be corrupt - but without more information - the file name and location and what avast gave as a notice (if just corrupt archive, generally nothing to worry about) ?

Thanks for comment David. Avast report in all four instances is Error 42125 ‘ZIP archive is corrupted’.
There is a lot of info on the web about this particular issue … think I will just ‘let be’ for the time being and if necessary, revisit once I have updated to W10.

https://www.google.no/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=error%2042125%20zip%20archive%20is%20corrupted%20avast

Can I ask again … will Avast comment about the uploaded file?
CYa Ron

Generally you won’t get an answer on submitted files unless avast needs more information. Though on occasion you may get a response.

Periodically rescan the file in the chest and see if avast still detects it, if not there has been a correction in the virus definitions. At which point you can Restore the file from the chest. A copy remains in the chest, once you confirm it has been restored to the original location then you can remove the copy in the chest.

Cheers David …
Ron

No problem, glad I could help.

Avast retested … no virus.
File has been restored.
Ron

Thanks for the update.