Jump to content

MBAE Premium 2016 false positive for HP Printer Assistant


Recommended Posts

Starting April 19, 2017, two PCs running Malwarebytes Anti-Exploit Premium 2016 started generating a false positive on MSHTA running UDC_device_2.json.

That is associated with the HP Printer Assistant, which is no surprise since one machine uses an HP OfficeJet 8620 and the other uses an HP OfficeJet 8740.

Has anyone seen this false positive on Malwarebytes AV 2017? I have been intending to switch to that when MBAE Premium expires in May.

Any thoughts or suggestions?


Edited by Leo2552
Make it clearer
Link to post
Share on other sites

  • 2 weeks later...
On 5/1/2017 at 7:30 PM, Arthi said:

Hi All,

Can you try this build and let me know if it fixes it or not? 



Hi, Arthi,

On the two machines that are using HP  Printer Assistant we have uninstalled MBAE 201l6. 

However, I have no problem with MBAV 2017 on two other PCs with Epson Workforce printers.


Link to post
Share on other sites

We had Anti-Exploit block it today. Version

5/16/2017 12:35:10 Exploit payload process blocked BLOCKC:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe \C copy \Y C:\ProgramData\HP\HP ENVY 5540 series\HPUDC\TH6AL2T0G70671_USB\UDC_device.json C:\ProgramData\HP\HP ENVY 5540 series\HPUDC\TH6AL2T0G70671_USB\UDC_device_2.json

Link to post
Share on other sites

  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.