Azureus/uninstall.exe trojan ?

Discussion in 'ESET NOD32 Antivirus' started by Burdo, Apr 18, 2009.

Thread Status:
Not open for further replies.
  1. Burdo

    Burdo Registered Member

    Joined:
    Apr 18, 2009
    Posts:
    2
    04/18/2009 6:40:07 PM Real-time file system protection file

    C:\Program Files\Azureus\Uninstall.exe Win32/Adware.BHO.AV

    application cleaned by deleting - quarantined

    NT AUTHORITY\SYSTEM

    Event occurred during an attempt to access the file by the application: C:\WINDOWS\Explorer.EXE.


    Is this a false positive ? It's showing in 2 different computers.
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Azureus is known to bundle adware, so I highly doubt it's a FP.
     
  3. Geosoft

    Geosoft Registered Member

    Joined:
    Jan 7, 2009
    Posts:
    270
    Location:
    Toronto, Ontario, Canada
    Normally I would agree, but checking my ERA logs this morning shows the same type of Win32/Adware.BHO.AV application warnings on several uninstall.exe files that include:

    Xobni
    Google Talk
    FileZilla
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    A false positive alarm of the Win32/Adware.BHO.AV was recently fixed in a virus signature database update.

    Can you please re-scan the system(s) in question and report back if the threat is identified?

    Regards,

    Aryeh Goretsky
     
  5. Burdo

    Burdo Registered Member

    Joined:
    Apr 18, 2009
    Posts:
    2
    A regular scan didn't detect it then and it doesn't detect it now.

    Real time file system protection detected it.
     
Thread Status:
Not open for further replies.