Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Jul 5th, 2008, 7:13pm
   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Scanner (Moderators: Helena, Gavin_Coe, Magnus)
   Avast reports Trojanhunter.exe as Win32:Def-HGG		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Avast reports Trojanhunter.exe as Win32:Def-HGG  (Read 608 times)
Cmdr_Straker
Newbie
*





   


Posts: 2
Avast reports Trojanhunter.exe as Win32:Def-HGG
« on: Dec 20th, 2007, 4:08pm »		 Quote Quote  Modify Modify
Trojanhunter 5 been running fine for over a month on a new Dell XPS M2010 running Windows Ultimate 32-bit, 4GB RAM. Avast Home update 071220-0 a few hours ago, and all of a sudden Avast warns that there is a trojan - Win32:delf-HGG in trojanhunter.exe.
Well, I didn't believe it but quarantined it anyway.  
Removed Trojanhunter and when I went to download a new copy Avast said that the download site had the Trojan too.
Can this be right?  Shome mishtake shurely? Have contacted Avast, awaiting response.
Any ideas? Thanks
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5468
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #1 on: Dec 21st, 2007, 12:30am »		 Quote Quote  Modify Modify
Welcome to the forum Cmdr_Straker  Cheesy
 
This is most likely a false positive by Avast.  Please run your TrojanHunter.exe and the downloaded installer through jotti or virustotal and see what is reported.
 
http://virusscan.jotti.org/
 
http://www.virustotal.com/en/indexf.html
 
It should be reported back as clean.
« Last Edit: Dec 21st, 2007, 12:31am by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Cmdr_Straker
Newbie
*





   


Posts: 2
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #2 on: Dec 21st, 2007, 12:02pm »		 Quote Quote  Modify Modify
on Dec 21st, 2007, 12:30am, siliconman01 wrote:
Welcome to the forum Cmdr_Straker  Cheesy
 
This is most likely a false positive by Avast.  Please run your TrojanHunter.exe and the downloaded installer through jotti or virustotal and see what is reported.
 
It should be reported back as clean.

Thanks for the input, whilst I have managed to reinstall Trojanhunter (I had to stop Avast! to do so) and av scan, trojanhunt scan and spyware scans do not detect any issues now. Most strange. I can't submit the offending file to Avast! coz I deleted it!
 
Thanks for the links, that will be another useful test. Again, this input much appreciated.
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5468
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #3 on: Dec 21st, 2007, 12:31pm »		 Quote Quote  Modify Modify
U R most welcome.  Smiley
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
ChessNut
Newbie
*





   


Posts: 5
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #4 on: Dec 27th, 2007, 12:06am »		 Quote Quote  Modify Modify
I had the same problem and when I sent the TrojanHunter .exe file the web page changed and said the following ...
 
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file.
 
I can send other files such as InstallLicense.exe or THGuard.exe with no problems but TrojanHunter.exe gives the above message.
 
How do I get around this? Could it be that I am using the 30 day evaluation?
 
Thanks in advance
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5468
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #5 on: Dec 27th, 2007, 12:17am »		 Quote Quote  Modify Modify
Welcome to the forum ChessNut  Cheesy
 
ZIP TrojanHunter.exe and try to upload it.  
 
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
ChessNut
Newbie
*





   


Posts: 5
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #6 on: Dec 27th, 2007, 12:29am »		 Quote Quote  Modify Modify
Thanks for the tip but when I tried to zip or rar the file, I got a message saying "Cannot open Trojanhunter.exe" Then another message saying 'Access is denied"
 
To be sure I disabled Trojan Hunter before trying the zip process.
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5468
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #7 on: Dec 27th, 2007, 12:39am »		 Quote Quote  Modify Modify
I assume you are running either XP or Vista.  Please try this:
 
1.  Open Windows Explorer
 
2.  Navigate to C:\Program Files\TrojanHunter 5.0 and open the folder
 
3.  Locate the file TrojanHunter.exe
 
4.  Right click on TrojanHunter.exe
 
5.  From the drop-down menu, select  Send to|Compressed (zipped) folder
 
6.  A zipped file of TrojanHunter.exe will be created in the folder.  Send in that zipped file.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
ChessNut
Newbie
*





   


Posts: 5
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #8 on: Dec 27th, 2007, 12:56am »		 Quote Quote  Modify Modify
I followed your instructions to the letter but when I tried sending the file to a compressed/zip folder I got a message saying "file not found or no read permissions".  
 
I am running XP, when I just highlight the file it says it is 2.30 MB in size, but when I hit the properties on the file avast kicks in and warns that a virus has been detected in the file. I then just tell Avast to ignore it, but to be honest I'm starting to get a bit worried now as I don't know whether to trust Avast or not, and especially in light of the fact that when I try to send the file to either  
http://virusscan.jotti.org/  or to http://www.virustotal.com/en/indexf.html  both sites report that the file contains zero bytes as I sated in my first post.
 
Should I try removing the program and reinstalling it or will that screw up my evaluation period?
 
Thanks for all your help.
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5468
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #9 on: Dec 27th, 2007, 1:02am »		 Quote Quote  Modify Modify
It sounds like Avast has TrojanHunter.exe locked out because it thinks it is malicous.
 
Reboot your computer into SAFE MODE and make the ZIPPED file of TrojanHunter.exe and then reboot back into normal mode.  
 
Quote:
I then just tell Avast to ignore it, but to be honest I'm starting to get a bit worried now as I don't know whether to trust Avast or not, and especially in light of the fact that when I try to send the file to either

 
Avast is issuing a False Positive detection on TrojanHunter.exe
« Last Edit: Dec 27th, 2007, 1:05am by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
ChessNut
Newbie
*





   


Posts: 5
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #10 on: Dec 27th, 2007, 1:41am »		 Quote Quote  Modify Modify
Thank you for the help in getting the file zipped. It worked great.
 
 
FYI - here's the report I got back from http://virusscan.jotti.org/ listed first and then the one from http://www.virustotal.com
 
I assume that Avast and esafe are generating false positives as you stated.
 
Again - thanks for your help & patience and if I could impose on you once more ... what exactly is a 'false positive'?
 
Thanks
 
Service load:  0%   100%  
 
File:  TrojanHunter.zip  
Status:  POSSIBLY INFECTED/MALWARE (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)  
MD5:  093b3c7d181bd3c7a90f8985b96458e4  
Packers detected:  PE_PATCH.UPX, UPX  
Bit9 reports:  File not found  
 
Scanner results  
Scan taken on 27 Dec 2007 07:21:35 (GMT)  
A-Squared  Found nothing  
AntiVir  Found nothing  
ArcaVir  Found nothing  
Avast  Found Win32Cheesyelf-HHG  
AVG Antivirus  Found nothing  
BitDefender  Found nothing  
ClamAV  Found nothing  
CPsecure  Found nothing  
Dr.Web  Found nothing  
F-Prot Antivirus  Found nothing  
F-Secure Anti-Virus  Found nothing  
Fortinet  Found nothing  
Ikarus  Found nothing  
Kaspersky Anti-Virus  Found nothing  
NOD32  Found nothing  
Norman Virus Control  Found nothing  
Panda Antivirus  Found nothing  
Rising Antivirus  Found nothing  
Sophos Antivirus  Found nothing  
VirusBuster  Found nothing  
VBA32  Found nothing  
 
 
Here are the results from http://www.virustotal.com
 
File TrojanHunter.zip received on 12.27.2007 08:28:51 (CET)
Current status: Loading ... queued waiting scanning finished  
 
Result: 2/32 (6.25%)
   
 
Antivirus Version Last Update Result  
AhnLab-V3 2007.12.27.10 2007.12.26 -  
AntiVir 7.6.0.46 2007.12.26 -  
Authentium 4.93.8 2007.12.27 -  
Avast 4.7.1098.0 2007.12.26 Win32Cheesyelf-HHG  
AVG 7.5.0.516 2007.12.26 -  
BitDefender 7.2 2007.12.27 -  
CAT-QuickHeal 9.00 2007.12.26 -  
ClamAV 0.91.2 2007.12.27 -  
DrWeb 4.44.0.09170 2007.12.27 -  
eSafe 7.0.15.0 2007.12.26 suspicious Trojan/Worm  
eTrust-Vet 31.3.5406 2007.12.27 -  
Ewido 4.0 2007.12.26 -  
FileAdvisor 1 2007.12.27 -  
Fortinet 3.14.0.0 2007.12.27 -  
F-Prot 4.4.2.54 2007.12.26 -  
F-Secure 6.70.13030.0 2007.12.27 -  
Ikarus T3.1.1.15 2007.12.27 -  
Kaspersky 7.0.0.125 2007.12.27 -  
McAfee 5193 2007.12.26 -  
Microsoft 1.3109 2007.12.27 -  
NOD32v2 2748 2007.12.27 -  
Norman 5.80.02 2007.12.26 -  
Panda 9.0.0.4 2007.12.26 -  
Prevx1 V2 2007.12.27 -  
Rising 20.24.30.00 2007.12.27 -  
Sophos 4.24.0 2007.12.27 -  
Sunbelt 2.2.907.0 2007.12.27 -  
Symantec 10 2007.12.27 -  
TheHacker 6.2.9.170 2007.12.26 -  
VBA32 3.12.2.5 2007.12.26 -  
VirusBuster 4.3.26:9 2007.12.26 -  
Webwasher-Gateway 6.6.2 2007.12.27 -  
Additional information  
File size: 1010995 bytes  
MD5: 093b3c7d181bd3c7a90f8985b96458e4  
SHA1: 0a7ba3e6553b45c2255aee58f8a88276e5588ed4  
PEiD: -  
packers: UPX  
packers: UPX  
packers: PE_Patch.UPX, UPX  
 
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5468
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #11 on: Dec 27th, 2007, 1:51am »		 Quote Quote  Modify Modify
I don't know much about Avast, but if there is a user forum or a way to submit the zipped file of TrojanHunter.exe to Avast for correction of this false positive, it would be greatly appreciated.  Wink
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
ChessNut
Newbie
*





   


Posts: 5
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #12 on: Dec 27th, 2007, 2:13am »		 Quote Quote  Modify Modify
It seems that Cmdr_Straker  has beaten me to it. I just checked on the Avast forums and we are looking at getting it to Avast's attention. Again thanks for your help. Smiley
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5468
Re: Avast reports Trojanhunter.exe as Win32:Def-HG
« Reply #13 on: Dec 27th, 2007, 3:16am »		 Quote Quote  Modify Modify
U R most welcome  Cheesy
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register