setup_ais.exe(Avast!) scanned as Trojan.Generic.Bredolab-2 by ClamWin !?

Hi !

I’ve just scanned a hard drive with ClamWin and I’m very surprised to get the following message:

… \Downloads\setup_ais.exe: Trojan.Generic.Bredolab-2 FOUND ???

“setup_ais.exe” is known as the setup program for Avast Internet Security.

The MD5 of the “setup_ais.exe” found in this hard drive is 490b9cf8c517674f8cb30f1e0b20d67f.

Is it a legit “setup_ais.exe” ?

Thx for your answers

Hello,
there should be digital signature – check if it is valid.

Milos

Hello, there should be digital signature -- check if it is valid.

Milos

Hi Milos,

Do you know where I could find such a digital signature ?

Thx

On the setup.exe file, right click → properties → digital signature.

Do you know where I could find such a digital signature ?

On the setup.exe file, right click → properties → digital signature.

Ok, right ::slight_smile:

Thank you :slight_smile:

So? Does it contain such certificate / signature? Which date is there in the certificate?

Have you downloaded the setup.exe for AIS from the official website?

So? Does it contain such certificate / signature? Which date is there in the certificate?
Yes, there is a certificate and it is stated as "valid". The date is : july, 18th 2011 23:04:43
Have you downloaded the setup.exe for AIS from the official website?
I'm not the owner of the hard drive. I don't know if it has been downloaded from the official website.

If the setup.exe is just sitting there with no goal, then delete it.

If in fact it is supposed to be used to install AIS, then download again (from the official website) it’s latest version, officially released 2011NOV28, v6.0.1367.

Be aware that if you already use another resident antivirus, it is recommended to uninstall the other one and run the respective removal utility before installing any new resident antivirus.

If the new download is also reported, please review the certificate and report back.