Sign of "Win32:Malware-gen" has been found

I have been trying to run Corel Photo Paint v.12 today, and it will not let it run. Here is the log.

11/16/2009 7:36:40 PM SYSTEM 536 Sign of “Win32:Malware-gen” has been found in “C:\Program Files\Corel\Corel Graphics 12\Programs\CorelPP.exe” file.

I have avast home on 2 machines. The machine that is giving the false positive is using VPS 091116-1. The machine that will still run CorelPP.exe is runing VPS 091116-0.

Apparently there is a problem w/ -1 detecting this as a false positive.

Here are the results from VirusTotal:

File CorelPP.exe received on 2009.11.17 02:42:00 (UTC)
Antivirus Version Last Update Result
a-squared 4.5.0.41 2009.11.17 -
AhnLab-V3 5.0.0.2 2009.11.16 -
AntiVir 7.9.1.65 2009.11.16 -
Antiy-AVL 2.0.3.7 2009.11.16 -
Authentium 5.2.0.5 2009.11.17 -
Avast 4.8.1351.0 2009.11.16 Win32:Malware-gen
AVG 8.5.0.425 2009.11.16 -
BitDefender 7.2 2009.11.17 -
CAT-QuickHeal 10.00 2009.11.16 -
ClamAV 0.94.1 2009.11.16 -
Comodo 2962 2009.11.17 -
DrWeb 5.0.0.12182 2009.11.17 -
eSafe 7.0.17.0 2009.11.16 -
eTrust-Vet 35.1.7123 2009.11.16 -
F-Prot 4.5.1.85 2009.11.16 -
F-Secure 9.0.15370.0 2009.11.11 -
Fortinet 3.120.0.0 2009.11.16 -
GData 19 2009.11.17 Win32:Malware-gen
Ikarus T3.1.1.74.0 2009.11.17 -
Jiangmin 11.0.800 2009.11.16 Trojan/Agent.ddtr
K7AntiVirus 7.10.897 2009.11.16 -
Kaspersky 7.0.0.125 2009.11.17 -
McAfee 5804 2009.11.16 -
McAfee+Artemis 5804 2009.11.16 Artemis!52B4CEC5E36F
McAfee-GW-Edition 6.8.5 2009.11.17 -
Microsoft 1.5202 2009.11.16 -
NOD32 4613 2009.11.16 -
Norman 6.03.02 2009.11.16 -
nProtect 2009.1.8.0 2009.11.16 -
Panda 10.0.2.2 2009.11.16 -
PCTools 7.0.3.5 2009.11.16 -
Prevx 3.0 2009.11.17 Medium Risk Malware
Rising 22.22.01.01 2009.11.17 -
Sophos 4.47.0 2009.11.17 -
Sunbelt 3.2.1858.2 2009.11.12 -
Symantec 1.4.4.12 2009.11.17 -
TheHacker 6.5.0.2.071 2009.11.16 -
TrendMicro 9.0.0.1003 2009.11.16 -
VBA32 3.12.10.11 2009.11.15 Trojan.Win32.Agent.daqe
ViRobot 2009.11.16.2039 2009.11.16 -
VirusBuster 4.6.5.0 2009.11.16 -
Additional information
File size: 155648 bytes
MD5…: 52b4cec5e36f62edd6b3984dbe42675c
SHA1…: da20ca55e094007cf9d5b38c75ce1c5cabe633ff
SHA256: 9ec55e4f53f8a50ea4c589b15a9120b89ab7ee5fbcfce5cd1065f7329f2c4306
ssdeep: 3072:f5SxSfQvX1mjNHB7CT9jO6+UEbbi5NwI7WYlFfm47V:zfQ/cNh+xyJUEniv
D

PEiD…: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5add
timedatestamp…: 0x40c801a2 (Thu Jun 10 06:37:22 2004)
machinetype…: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x15d01 0x16000 6.58 1e1c3eb6db8e1a00faab5a97433dd4b2
.rdata 0x17000 0x5cfe 0x6000 4.81 a596df23dcc9f11a27252ee1b2fc3e77
.data 0x1d000 0x53b4 0x2000 3.43 c26583154ef71a5afaaac339313f3516
.rsrc 0x23000 0x6008 0x7000 4.10 bbb1999a4e6155b1bfab132d751588d5

( 9 imports )
> KERNEL32.dll: RtlUnwind, ExitProcess, TerminateProcess, GetStartupInfoW, HeapAlloc, HeapFree, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, HeapReAlloc, ExitThread, CreateThread, HeapSize, GetStdHandle, GetModuleFileNameA, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, SetHandleCount, GetFileType, GetStartupInfoA, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetCPInfo, GetStringTypeA, GetStringTypeW, GetOEMCP, IsBadReadPtr, IsBadCodePtr, SetStdHandle, GetCurrentProcess, FlushFileBuffers, SetFilePointer, WriteFile, GlobalFlags, SetErrorMode, TlsFree, LocalReAlloc, TlsSetValue, TlsAlloc, TlsGetValue, GlobalHandle, GlobalReAlloc, LocalAlloc, InterlockedIncrement, DeleteCriticalSection, InitializeCriticalSection, RaiseException, InterlockedDecrement, GlobalAddAtomW, GlobalFindAtomW, GlobalDeleteAtom, LoadLibraryA, FreeLibrary, lstrcatW, lstrcmpW, GetVersionExA, SuspendThread, GetCurrentThreadId, ResumeThread, WideCharToMultiByte, GlobalFree, lstrcpyW, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageW, lstrcpynW, LocalFree, GetCurrentThread, SetThreadPriority, EnterCriticalSection, LeaveCriticalSection, MultiByteToWideChar, FindResourceW, LoadResource, LockResource, SizeofResource, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, GetVersionExW, CreateMutexW, ReleaseMutex, GetCurrentProcessId, OutputDebugStringA, GetModuleFileNameW, SetLastError, GetLastError, LoadLibraryW, SetEvent, GetVersion, GetFileAttributesW, GetProcAddress, lstrlenW, GetModuleHandleW, GetModuleHandleA, CreateEventW, WaitForSingleObject, GetCommandLineA, CloseHandle
> USER32.dll: DestroyMenu, GetSysColorBrush, SetMenuItemBitmaps, ModifyMenuW, EnableMenuItem, CheckMenuItem, GetMenuCheckMarkDimensions, LoadBitmapW, IsWindowEnabled, ShowWindow, SetWindowTextW, EndPaint, BeginPaint, ClientToScreen, GrayStringW, DrawTextExW, DrawTextW, TabbedTextOutW, RegisterWindowMessageW, WinHelpW, GetCapture, CreateWindowExW, GetClassInfoExW, GetClassLongW, GetClassNameW, SetPropW, GetPropW, RemovePropW, GetFocus, GetWindowTextW, GetLastActivePopup, GetDlgItem, GetTopWindow, UnhookWindowsHookEx, GetMessageTime, GetMessagePos, LoadIconW, MapWindowPoints, MessageBoxW, GetClientRect, GetMenu, PostMessageW, GetSysColor, AdjustWindowRectEx, GetParent, GetClassInfoW, RegisterClassW, UnregisterClassW, GetDlgCtrlID, DefWindowProcW, CallWindowProcW, GetWindowLongW, SetWindowLongW, SetWindowPos, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, CopyRect, PtInRect, GetWindow, SetWindowsHookExW, CallNextHookEx, GetActiveWindow, IsWindowVisible, PostQuitMessage, GetForegroundWindow, SendMessageW, GetKeyState, PeekMessageW, GetCursorPos, ValidateRect, GetMenuState, GetMenuItemID, GetMenuItemCount, GetSubMenu, IsWindow, EnableWindow, LoadCursorW, KillTimer, SetTimer, RedrawWindow, InvalidateRect, GetSystemMetrics, GetDC, ReleaseDC, DestroyWindow, GetMessageW, DispatchMessageW, TranslateMessage, DdeInitializeW, DdeCreateStringHandleW, DdeGetData, DdeNameService, DdeUninitialize, PostThreadMessageW, SetForegroundWindow
> GDI32.dll: CreateBitmap, GetStockObject, TextOutW, RectVisible, PtVisible, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, Escape, GetDeviceCaps, SetMapMode, RestoreDC, SaveDC, SetBkColor, SetTextColor, GetClipBox, CreateDIBSection, DeleteObject, SetDIBColorTable, SelectObject, DeleteDC, CreateCompatibleDC, GetObjectW, ExtTextOutW
> WINSPOOL.DRV: DocumentPropertiesW, OpenPrinterW, ClosePrinter
> COMCTL32.dll: -
> SHLWAPI.dll: PathFindFileNameW, PathFindExtensionW
> OLEAUT32.dll: -, -, -
> gdiplus.dll: GdipGetImageGraphicsContext, GdipFree, GdipDrawImageI, GdipAlloc, GdipBitmapUnlockBits, GdipBitmapLockBits, GdipCreateBitmapFromScan0, GdipCreateBitmapFromFileICM, GdipCreateBitmapFromFile, GdipCloneImage, GdiplusStartup, GdiplusShutdown, GdipDeleteGraphics, GdipDisposeImage, GdipGetImageWidth, GdipGetImageHeight, GdipGetImagePixelFormat, GdipGetImagePaletteSize, GdipGetImagePalette
> OLEACC.dll: LresultFromObject, CreateStdAccessibleObject

( 0 exports )

RDS…: NSRL Reference Data Set

pdfid.: -
trid…: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
<a href=‘http://info.prevx.com/aboutprogramtext.asp?PX5=A0E2814000FB7A076008025C19F70C0051E2CF45’ target=‘_blank’>http://info.prevx.com/aboutprogramtext.asp?PX5=A0E2814000FB7A076008025C19F70C0051E2CF45&lt;/a&gt;
sigcheck:
publisher…: Corel Corporation
copyright…: Copyright(c) 2003 Corel Corporation
product…: Corel PHOTO-PAINT(R)
description…: Corel PHOTO-PAINT(R)
original name: CorelPP.EXE
internal name: CorelPP
file version.: 12.0.0.536
comments…: n/a
signers…: -
signing date.: -
verified…: Unsigned

Please send file to virus@avast.com in a password protected zip folder, with False Positive in subject and the password mentioned in the email body.