Jump to content

Possible false positive


Recommended Posts

First of all, thanks for great software. I have been using Malwarebytes' Anti-Malware for some time, and it is now one of my trusted anti-malware software.

Yesterday, I ran the full scan (which I do every weekend) and found following file as a infected.

c:\Windows\winsxs\amd64_hpcisss.inf_31bf3856ad364e35_6.0.6001.18000_none_d59c6600292b9522\HpCISSs.sys (Trojan.FakeAlert)

As you can see, this is part of window's side-by-side library for HP driver. I checked the file's digital signature, it is issued and certified by Microsoft. I did look through the web for more information, and I believe file size seems correct. Unfortunately, I could not verify the sha1 value to be sure. Now, there is still a possibility that it is disguised malware, and that's why I did not post this in "False Positive" section of forum.

Can you please verify this? If it is indeed a malware, I will first try to remove with Malwarebytes' Anti-Malware. If it is a false positive, I will move this post (somehow) to False Positive forum.

Attached is the scan log after running as developer mode (run "mbam /developer")

Thank you

Link to post
Share on other sites

This should of been fixed yesterday. Can you update then right click scan this folder:


It is still reporting to be infected. Perhaps, my software version is old?

I am using with latest (just downloaded) database version.

Should I update the software?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.