ESET detecting printer driver as Trojan ( Win32/Ponmocup.AA.Gen )

Since the latest definitions update ESET is seeing my printer driver as a Trojan.

LOG:
2/3/2012 3:47:10 PM Real-time file system protection file C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLHSMCzd.dll Win32/Ponmocup.AA.Gen trojan cleaned by deleting - quarantined D9RPJTK1-PHILN\Phil Norman Event occurred during an attempt to access the file by the application: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE.

When I reload the drivers from a DVD ESET stops the install.

Anyone have any ideas?

 

Re: ESET detecting printer driver as Trojan

submit it to Eset and maybe exclude it from detection (assuming no other malware alerts)
http://kb.eset.com/esetkb/index?page=content&id=SOLN141

 

Re: ESET detecting printer driver as Trojan

Cudni,
Can you contact top level support and advise them definitions 6855 are bad. This needs to be fixed ASAP. I fear a black eye for Eset if not.
You know have 3 reports of different DLL's being flagged as Win32/Ponmocup.AA.Gen trojan.
This Printer driver
Nero
RingCentral's Call Controler. RCSPSKSPVISTA.DLL
Get this sorted out quick.
Regards,
Dave

 

Re: ESET detecting printer driver as Trojan

I have submitted the false positive.
I do not want to add exceptions to scanning, this would seem to open up some holes in scanning.

Hopefully Eset can fix the virus signature database error quickly.

Thanks for the heads up on where to submit!

 

Hello,

Issue is under investigation. Thank you for your report.

Regards,

Aryeh Goretsky

 

Hello,

This has been resolved in virus signature database 6856. Can you please confirm?

Can you tell me which printer the report occurred with?

Regards,

Aryeh Goretsky

 

The updated signatures solved the issue.
Dell 1350cnw printer.

 

The behaviours of this Trojan are detailed here