I just have had installed either the comodo anti-virus/firewall and the Essential Pim software when I performed my very first scan and got an trojan detection on the “uninstall.exe” file, wich uninstall the Essential PIM package.
I downloaded this free software from SourceForge.NET using a Linux machine.
Another “uninstall.exe” file was marked as trojan-horse wich is related to the software package from the PixelView
8000GT video capture board, wich I have had just installed too. ( As well as the WIN XP )
Is it possible?
I have had downloaded and installed all that stuff yesterday, and installed the Windows XP yesterday too, as well the Comodo Firewall, but my system was infected yet?
Why to put a virus within an “uninstall” executable file? This program would run only if anyone try to uninstall the software…
And, at last, how could I know if it was a false positive detection?
Thanks and sorry about my English, it is not my native language.
I submited the first “uninstall.exe” file to www.vitustotal.com and got no warnings about malwares on this file.
Even from the comodo AV itself.
I submited the second “uninstall.exe” file to www.virustotal.com and this time I had 2 malware’s detections.
( This program uninstall the PixelView 8000GT video’s capture board software )
The first came from Comodo antivirus itself and claims the same infection detected by the Comodo AV installed on my computer. The dangerous trojan horse named : “TrojWare.Win32.TrojanSpy.Small”
But the second detection was performed by K7AntiVirus and claims the file is infected by an “not-a-virus:AdWare.Win32.Baidu”
Itś impossible both AV are right. Probabily both are wrong.
Maybe they are both right but if you want to find out please submit it as a False positive with the link i post before, it will be checked and if found FP fixed but if found to be real it wont be fixed!