Essential PIM false positive?

I just have had installed either the comodo anti-virus/firewall and the Essential Pim software when I performed my very first scan and got an trojan detection on the “uninstall.exe” file, wich uninstall the Essential PIM package.

I downloaded this free software from SourceForge.NET using a Linux machine.

Another “uninstall.exe” file was marked as trojan-horse wich is related to the software package from the PixelView
8000GT video capture board, wich I have had just installed too. ( As well as the WIN XP )

Is it possible?

I have had downloaded and installed all that stuff yesterday, and installed the Windows XP yesterday too, as well the Comodo Firewall, but my system was infected yet?

Why to put a virus within an “uninstall” executable file? This program would run only if anyone try to uninstall the software…

And, at last, how could I know if it was a false positive detection?

Thanks and sorry about my English, it is not my native language.

I submited this file to the website and it was not detected as a trojan horse by any antivirus software.

Weird… Comodo antivirus is used by this site too.

This seams to be a false positive please follow this guide on how to report false positives. Thx

Or maybe a Mod could move this to FP section.

I think itś really a false positive case.

  • I submited the first “uninstall.exe” file to and got no warnings about malwares on this file.
    Even from the comodo AV itself.

  • I submited the second “uninstall.exe” file to and this time I had 2 malware’s detections.
    ( This program uninstall the PixelView 8000GT video’s capture board software )

The first came from Comodo antivirus itself and claims the same infection detected by the Comodo AV installed on my computer. The dangerous trojan horse named : “TrojWare.Win32.TrojanSpy.Small”

But the second detection was performed by K7AntiVirus and claims the file is infected by an “not-a-virus:AdWare.Win32.Baidu”

Itś impossible both AV are right. Probabily both are wrong.

Anyone agree?

Maybe they are both right but if you want to find out please submit it as a False positive with the link i post before, it will be checked and if found FP fixed but if found to be real it wont be fixed!

You could also try uploading it to CIMA: and see what it says.

Ok, thanks. I did.

I created an “false positive topic” as tolded.

Since a topic in the False positive board is started I will lock this topic. When you want it reopened PM one of the on line mods.