False Positive

Ver 4.6 Home Edition
Compiliation Date: 03/30/2005
File Version: 0513-1

Yesterday Avast started detecting that a file on my PC was a Win.32: Trogen-
gen. virus. The file name is HoverKhook.dll and is used by a program called
HoverSnap. Which is a ScreenShot capture program. I have been running this
program along with Avast for several months with out a problem until
yesterdays update.

False Positive maybe?

Hi,

please send in the file to avast; read here as to why and how:
http://forum.avast.com/index.php?topic=12408.0
:wink:

To know if a file is a false positive, please submit it to JOTTI and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com

Please, mention in the body of the message why you think it is a false positive and the password used.
By now, you can add the file to ignore list or send it to Chest until further analysis…
I bet it’s a false positive… :wink:

I ran it through. Avast is the only engine that shows it as a “possible” virus.

I sent the virus zipped up with password to the support group along with my comments.

Ok. Thanks. It should be a false positive as we have a huge update of this kind of worms signatures yesterday…

How do I add the file to the ignoe list?

For the Standard Shield provider (on-access scanning):
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button…

For the other providers (on-demmand scanning):
Right click the ‘a’ blue icon, click Program Settings.
Go to Exclusions tab and click on Add button…