Azureus/uninstall.exe trojan ?

Discussion in 'ESET NOD32 Antivirus' started by Burdo, Apr 18, 2009.

Thread Status:
Not open for further replies.
  1. Burdo

    Burdo Registered Member

    Joined:
    Apr 18, 2009
    Posts:
    2
    04/18/2009 6:40:07 PM Real-time file system protection file

    C:\Program Files\Azureus\Uninstall.exe Win32/Adware.BHO.AV

    application cleaned by deleting - quarantined

    NT AUTHORITY\SYSTEM

    Event occurred during an attempt to access the file by the application: C:\WINDOWS\Explorer.EXE.


    Is this a false positive ? It's showing in 2 different computers.
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,986
    Azureus is known to bundle adware, so I highly doubt it's a FP.
     
  3. Geosoft

    Geosoft Registered Member

    Joined:
    Jan 7, 2009
    Posts:
    270
    Location:
    Toronto, Ontario, Canada
    Normally I would agree, but checking my ERA logs this morning shows the same type of Win32/Adware.BHO.AV application warnings on several uninstall.exe files that include:

    Xobni
    Google Talk
    FileZilla
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,033
    Location:
    California
    Hello,

    A false positive alarm of the Win32/Adware.BHO.AV was recently fixed in a virus signature database update.

    Can you please re-scan the system(s) in question and report back if the threat is identified?

    Regards,

    Aryeh Goretsky
     
  5. Burdo

    Burdo Registered Member

    Joined:
    Apr 18, 2009
    Posts:
    2
    A regular scan didn't detect it then and it doesn't detect it now.

    Real time file system protection detected it.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.