Jump to content
WnSoft Forums

Trojan Horses [SOLVED]

derekgale

By derekgale
in General Discussion

 Share

Recommended Posts

derekgale New Member

derekgale

Posted
Posted

Hi,

Just run a virus scan with the current (9.0.839) Pro version of AVG, and it's moved 19 of my PTE (made with v.5.6) .exe files to the Virus Vault. It says they have a Trojan Horse infection with "BackDoor.Hupigon5.BAKO". I've read that AVG does generate false positives from time to time. Is this another one?

If not, what do I do? Just restore them to their original location?

Thanks

Derek.

Link to comment
Share on other sites
derekgale New Member

derekgale

Posted
  • Author
Posted

Ran one of the "infected files" on Virustotal and about 3 or 4 picked up the presence of the Trojan; most recorded nothing. What does this mean?

Moved "infected" files back from Virus Vault and rescanned. AVG picked up the same files as before as "infected". Clicked on link to AVG for more information about the Trojan, and I get a message saying it's not in their Virus Encyclopedia. How can that be if the program is finding it?

Derek.

Link to comment
Share on other sites
Ken Cox Advanced Member

Ken Cox

Posted
Posted

did you update AVG?

to latest version --do so and rerun

do you still have ver 5.6?

do you still have the original components -- re make the exe and retest

seems strange that it

" Ran one of the "infected files" on Virustotal and about 3 or 4 picked up the presence of the Trojan; most recorded nothing. What does this mean?"

infected files -- what files - the exe's

separate the ones that are saying ok from the rest onto different folders

your statements are not making sense to me :(

if you could supply screenshots of the affect files it may help

ken

Link to comment
Share on other sites
derekgale New Member

derekgale

Posted
  • Author
Posted

"did you update AVG?

to latest version --do so and rerun"

I am using the latest updates to AVG. Same problem - a number of apparently infected .exe files

"do you still have ver 5.6?

do you still have the original components -- re make the exe and retest"

I'm still using v 5.6, and have had no virus problems in the past. I don't really want to spend lots of time rebuilding the sequences and then remaking the .exe files. Many of the original image folders have been moved, renamed or archived.

"you could also do a free "on Line " scan from here http://housecall.trendmicro.com/ and see what turns up"

AVG moved the files it flagged as "Infected" to the Virus Vault. I have restored those files to the folder they were in before AVG moved them. I've then scanned that folder with House Call - no threats were found.

I have now got the same problem on my laptop. I turned it on today after a couple of weeks not using it, and AVG did a big update. AVG has now "found" the Trojan in some .exe files and won't let me run them. I have had no problems on my laptop before this update. I cannot have a machine that won't let me run these files, as I use these .exe files in talks that I give. I have disabled AVG's Resident Shield feature (and turned off my Internet Connection),and that allows me to run the .exe's. Not a good long term measure.

It's clear to me that AVG is generating a false positive for this Trojan.

Link to comment
Share on other sites
fh1805 Advanced Member

fh1805

Posted
Posted

This sounds very similar to what happened when Symantec introduced their SONAR technology in Norton Internet Security 2010. Lot's of false detections because of code that was attempting to second-guess what might be a virus rather than identifying what definitely was a virus.

regards,

Peter

Link to comment
Share on other sites
Mike Reed Advanced Member

Mike Reed

Posted
Posted

Hi All

I have just upgraded my AVG virus software on my lap top and am now told that I have a bucket full of Trojans known as Backdoor Hupigon5 BAKO. They all seem to relate to previous exe files of sequences I have made. Does anybody have knowledge of this beastie or is it the usual anti virus awareness of exe files?

Mike Reed

Link to comment
Share on other sites
Ronniebootwest Advanced Member

Ronniebootwest

Posted
Posted

Hi Mike,

This sounds like the usual problem of 'False Positives' that AVG is fond of reporting. One of the reasons that I have switched to using the free version provided by 'Avast' thier latest version is much improved.

You seem to have quadrupled your post, perhaps you could delete the other three!

Ron

Link to comment
Share on other sites
Igor Advanced Member

Igor

Posted
Posted

I just intalled latest AVG free antirus and it doesn't show false positives for any executable slideshow created in version 5.6 (all revisions from 5.6.0 to 5.6.4).

Here you can download and test these slideshows:

http://www.wnsoft.com/test/Slideshows_560.zip (3 MB)

Please make sure that latest updates are installed.

Could you please upload your sample slideshow into Mediafire.com I'll check up again.

If it possible write to AVG company to inform them about this false positive with PicturesToExe's slideshows.

Link to comment
Share on other sites
Mike Reed Advanced Member

Mike Reed

Posted
Posted

Hi Igor

I see that Derek gale has also reported this problem with AVG Pro. HIs explanation is exactly what I experienced. It would seem that AVG are reporting false positives with PTE exe files. I will report this matter to AVG.

Ronnie I cannot see that my message has been repeated three times.

Thanks all

Mike Reed

Link to comment
Share on other sites
Mike Reed Advanced Member

Mike Reed

Posted
Posted

Hi Derek

I too use AVG pro on my lap top and have experienced exactly the same problem as you. It followed an AVG update when the lap top was turned on after a week or so of non use.As my lap top is rarely connected to the web and until this upgrade showed no signs of problems for now I shall ignore the advice report the matter to AVG and hope for the best. You are right the Trojan does not show in AVGs dictionary of viruses so how can they detect it I ask myself!

MIke Reed

Link to comment
Share on other sites
Mike Reed Advanced Member

Mike Reed

Posted
Posted

Hi All

AVG have confirmed to me on the 19th july that the Trojan Derek and I picked up was indeed a false positive. They say that it will be removed on the next Definitions update.

Mike Reed

Link to comment
Share on other sites
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...