Virus / false positive in Everything-1.2.1.451a ?

If you are experiencing problems with "Everything", post here for assistance.
Post Reply
noctis
Posts: 4
Joined: Wed Apr 13, 2011 10:18 am

Virus / false positive in Everything-1.2.1.451a ?

Post by noctis »

Hi, both Avira and MS are complaining about a virus on my everything executable.
To be more specific, they say it has:TrojanDownloader:Win32/Unruy.H http://www.microsoft.com/security/porta ... tid=148636

attaching screenshots.

feel free to comment.
ms everything.png
ms everything.png (67.2 KiB) Viewed 4754 times
avira everything.png
avira everything.png (21.91 KiB) Viewed 4754 times
therube
Posts: 4955
Joined: Thu Sep 03, 2009 6:48 pm

Re: Virus / false positive in Everything-1.2.1.451a ?

Post by therube »

Where did you download Everything from?

MD5 hash (from my copy):

Code: Select all

2b6135751acd0dd25bbff82d82f15e56 *Everything.exe
If you get the same hash, you can be (almost) assured that you're getting false positives.
If you get a different hash, be suspect.

You can upload the file to http://www.virustotal.com/ for additional verifications.

Actually, you don't have to, it's already been done (2011-02-17), http://www.virustotal.com/file-scan/rep ... 1297926387.
(You can resubmit & they will recheck with current defs.)

If your hash compares, you should submit the false positive information to both vendors so they can updates their definitions.

(A small, free hash tool, HashMyFiles.)
noctis
Posts: 4
Joined: Wed Apr 13, 2011 10:18 am

Re: Virus / false positive in Everything-1.2.1.451a ?

Post by noctis »

pesky little s**t ....
k ... here are the results ... my file was renamed, and a space was included just before the ".exe" so it was now " .exe"
the new trojan took the original name.
this is why i got all the warning messages.
funny thing is i still ran the correct file, since everything worked ...

here's a link to the infected file report http://www.virustotal.com/file-scan/rep ... 1302720167

size was 66kb instead of 760kb ...

heaps of thanks ... better scan the whole comp to see if i have other nasties lurking around :)
Post Reply