HP malware server? hpslpsvc32.dll flagged as Backdoor.Win32.PcClient.~a[at]88561940

[Guest]

[Ionel]

Hi alexnco,

And yet, when I submitted the file for review I get:
File Info
Name Value
Size 585728
MD5 dc5a6c052b6d000f9417262f40ccf8ea
SHA1 54c5d18e40db6d83fbc7a8c348aa37fc2ddd4943
SHA256 9323013eeff511d6dfa0ea124befb37c96848dc14a563f7d3e950cb2d624f23f
Process Failed

• Verdict
Auto Analysis Verdict
Unexecutable
 
My Comodo Internet Security (w/ AV) tags this file on every bootup as a backdoor virus.
Thx.

We will check this and get back to you after reaching a conclusion.

Thanks,
Ionel

[Ionel]

Hi alexnco,

And yet, when I submitted the file for review I get:
File Info
Name Value
Size 585728
MD5 dc5a6c052b6d000f9417262f40ccf8ea
SHA1 54c5d18e40db6d83fbc7a8c348aa37fc2ddd4943
SHA256 9323013eeff511d6dfa0ea124befb37c96848dc14a563f7d3e950cb2d624f23f
Process Failed

• Verdict
Auto Analysis Verdict
Unexecutable
 
My Comodo Internet Security (w/ AV) tags this file on every bootup as a backdoor virus.
Thx.

This false-positive is already fixed with DB 3596. You can check to confirm.

Thanks,
Ionel

[enhazi]

Hi All

I have a similiar problem with a Toshiba Laptop running on Vista Home premium. I had the SP2 installed and had no problems until I took I had to ship it out to the authorised service centre for a hardware failure, I got it back from the service on January 7th 2010 and they had reimaged the HDD and I had to do all the updates and found out surprisingly that CIS was preventing the SP2 for being installed.
CIS log: C:\Windows\winsxs\Temp\PendingRenames\bd08559b989dca0163270000a4044c11.x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6002.18005_none_d945a2ac2bb19ac6_dhcpcsvc.dll_8155446a[/size]
   Backdoor.Win32.PcClient.~a[at]88561940
I red all I could about this problem and I could not find a solution. I tried to upload the file to be checked online but I had no permitions to do so, thus I took ownership of the entire folder but I still could not send the file for upload.
I turned off CIS thinking that of all the "hackers" in the world Microsoft is the "less harmful", and managed to install SP2, but CIS was still reporting the backdoor present. I think I got rid of the backdoor files through AVIRA Antivir and everything seemed to be working fine but I noticed an accessive amount of reports in the CIS logs of my OS IGMP packets being blocked and in the same time ICMP packets from Microsoft Servers.

I reimaged the HDD and I'm at the point where I'm about to install SP2 again that is still failing due to the same reason.

Please if anyone can help...

Thank You in advance and Kind Regards

[haja]

Hi enhazi,

Thanks for reporting.Please add the detected file in exclusion list and then try to submit at http://internetsecurity.comodo.com/submit.php.

Regards,
Haja

[enhazi]

Hi Haja

Thank you for replying. I tried but I could not get to upload the files, however I tried to install SP2 once again and I noticed that the filename this time has changed and I did select to exclude it and I was able to upload it. Thus my SP2 was successful.
I would have like to have had some info on this issue before I installed SP2, however it is done now, waiting to get the results of the file I uploaded.

Thank you once again, regards

[Tags:]