You are here


2 posts / 0 new
Last post
Last seen: 1 year 5 months ago
Joined: 2006-03-24 11:15

TAudioConverter has 2 files which Symantec Antivirus keeps extracting and removing from my drive. Both renametool.exe and TTager.exe, are being labeled "Risk type: Virus, Risk: Trojan.Gen.SMH." Symantec says this "is a generic detection for many individual but varied Trojans for which specific definitions have not been created."

Policies above my control will not allow me to re-download TAudioConverter from Source Forge; and I don't have access to the quarantined and cleaned files, so I cant analyze them with other tools. Perhaps this ID is just a lapse on Symantec's part...

Has anyone else had this problem? Is it only Symantec throwing up the red flag?

John T. Haller
John T. Haller's picture
Last seen: 6 hours 36 min ago
Joined: 2005-11-28 22:21

Symantec has false positives rather often. Like most antivirus, its heuristic detection is poor. That's what "Trojan.Gen.SMH", Symantec 'guessing' what this is based on almost nothing.

Here's a VirusTotal scan of renametool.exe:

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments