# What is HPCee.exe?



## Alketra

My firewall is telling me that a program called HPCee.exe is trying to access the internet, and I can't find any information on what the process could be. Could you guys please, please help me decode the mystery? Is it spyware or malware? Thank you again so much!

Kristin


----------



## chauffeur2

Hi Alketra, Welcome to TSF! :wave:


My research indicates that this *HPCee.exe* _is_ indeed a malware infection; so here's what you need to do...

Go to *this link*; read the instructions carefully and follow the 5 Steps.

Once you have done this; post your Logs *here*, and wait for one of our Security analysts to assist you with the 'cleaning' of your machine.
_( Please click on the coloured links.)_

*Important Note:* Please ensure that the Logs are posted _only_ in The HJT Help Forum (The Red Link above) and _NOT_ back in this thread, as this _will_ delay your response from the Security Analysts.

Please be patient, as the HiJackThis Help Forum analysts are usually very busy; however, one of them will get to you as soon as they can.

Good luck with it. :wave:

Kind Regards,


----------



## chauffeur2

Hello again Alketra,

Could you please post back telling us if you have a Hp™ _Compaq; Presario etc._ Computer.

The reason for asking is that this also could possibly be a Hp™ System File.

If you do have a Hp™ computer; then, we will need to know exactly where this file is located...to find it, Please try this...

Go *Start* > *Run* > In the box, type in *HPCee.exe* and it will open the file...we will need to know precisely where it is on your computer.

An alternative way of finding it, is to do a Search from the Start Menu too.

Please post back with this important information first.

Kind Regards,


----------



## Alketra

I do indeed have an HP computer, and the file path is C:\Program Files\hewlett-packard\sdp\ceement\HPCee.exe


----------



## Glaswegian

Running from that location, the file is legit.


----------



## Ronald Potter

I had the same file show up in my Zone Alarm software, instead of it asking permission to access the Internet. I took your last post as the fact.


----------



## Pete.Mauss

HPCEE.EXE --> My (Pete Mauss's) HP TX2000 Tablet Notebook PC, ala MS Vista, Windows Defender Event report::wink:

VISTA Windows Defender says:

Summary:
Application Registration change occurred.

This agent monitors the various ways which permit a program, script, or executable to be started independent of an application.

Path:
C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe

Detected changes:
file:
C:\Windows\tasks\HPCeeScheduleForPete Moss III.job

file:
C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe

taskscheduler:
C:\Windows\tasks\HPCeeScheduleForPete Moss III.job

Advice:
Permit this detected item only if you trust the program or the software publisher.

Publisher:
Hewlett-Packard

Digitally Signed By:
NOT SIGNED

Product name:
CEEment

Description:
CEEment

Original name:
HPCEE.exe

Creation date:
6/20/2008 10:49 AM

Size:
86016 bytes

Version:
1.2.0.0

Type:
application

Checkpoint:
Task Scheduler

Category:
Not Yet Classified


----------



## kinbard

Hmm. Wonder if Windows Defender is flagging it because it is unsigned. Vista really doesn't like those unsigned sigs.


----------



## Pete.Mauss

:wave:


Since using this Windows Defender, I''ve learned how registry errors occur; monitored events (of shared files, scripts, executables, programs) must be either registered or unregistered to apps. that exist on the root drive. The term "sharing" here is defined very loosely. I and the hardware seem to be the ones sharing HPCEE.exe, not any apps... where would either of us be without the other, God only knows.

The message was sent to desktop alerts by Defender events options; Defender seems to be designated as the agent that flags events which occur independent of an application (i.e. unregistered). Spyware it's not. I have the option to auto remove turned off.

Digital signing, inside network configurations may be a neat way of securing firewalls, but can everything be digitally signed with a fancy certificate? 

Maybe I will look for a new line of work as a digital certificate maker. I have MS Office Ultimate 2007 :4-dontkno

Defender has the option of exploring all software and disabling, quarantining or removing or allowing their presence, in scans or during monitoring ("Defender On for all users").

So HPCEE.EXE is unconfirmed (not digitally signed - yet).

I'm allowing it. What I'm disabling since I bought this PC 30 days ago is:
1. a program called software manager ("TSR" but it won't be staying around anymore; it's terminated by Defender!)
2. Norton anti virus "TSR" (or process),
3. the fingerprint pro sales pitch TSR,
(I don't need to relive being fingerprinted; what COP invented this app??);
4. Automatic updates of any kind TSR's.

I have had to do a windows system restore twice because the Synaptics touchpad was too sensitive and made crazy changes to my files.

Windows User Account Control rules: it asks me for permission each time something new wants to run. 

I always logon (startup the pc) with a password.

The aftermarket Belkin laptop fan ($25/Walmart) I plug into a wall adaptor USB instead of the PC USB, since it was never recognized by windows device manager, and I don't trust this $1,400 ($585/Ebay) to it, since I concomitently had a failure of the touch-screen feature when it was plugged into the PC. 

My first love is reading since a kid so many years ago: I highly recommend the Adobe Digital Editions E-Book reader (free). It beats the hell out of Sony's gigantic rip-off prices on E-books and plot to rule the globe and every school library with free Sony Reader Hardware. This Tablet PC is a little heavier than the Sony Reader but is much more versatile.

Albest,


*-Pete Mauss*, _ars longa, vita brevis_


----------



## kinbard

Pete.Mauss said:


> (I don't need to relive being fingerprinted; what COP invented this app??);


:grin: 
One of the first things I did was turn off windows defender and shutdown the service. I was using a third party firewall, at first zonealarm, but quit using it because of the remote desktop session issue with it and vista, then comodo. For the last month or so I have just been using the windows firewall to see how it holds up. I've not developed an opinion on it yet.


----------



## Glaswegian

kinbard, remember the Windows firewall in XP does *not monitor outgoing traffic* - only incoming. They fixed that for Vista, but it means that a trojan could be phoning home and you'd never know about it...


----------



## kinbard

I still refuse to call the xp virus a firewall :grin: It caused more problems on our network than I can count. One of the first things we do when having issues is see if it is on. I heard vistas monitored both. I wanted to test it and see what happens. After a bit I will be going back to comodo.


----------

