Vista Home Premium,installed TweakVI Oct/2007 (tweakui for vista)and now Avast Home 4.8 with compilation date 110708 comes up with Win32:Trojan-gen {Other}. I uploaded the file to totalvirus and here is the results.
Note the virus database dates
Antivirus Version Last Update Result
AhnLab-V3 2008.10.22.0 2008.10.23 -
AntiVir 7.9.0.5 2008.10.23 TR/Dldr.Bagle.aaq
Authentium 5.1.0.4 2008.10.23 W32/Heuristic-THX!Eldorado
Avast 4.8.1248.0 2008.10.23 -
AVG 8.0.0.161 2008.10.23 -
BitDefender 7.2 2008.10.23 -
CAT-QuickHeal 9.50 2008.10.23 -
ClamAV 0.93.1 2008.10.23 -
DrWeb 4.44.0.09170 2008.10.23 -
eSafe 7.0.17.0 2008.10.23 -
eTrust-Vet 31.6.6164 2008.10.22 -
Ewido 4.0 2008.10.23 -
F-Prot 4.4.4.56 2008.10.23 W32/Heuristic-THX!Eldorado
F-Secure 8.0.14332.0 2008.10.23 -
Fortinet 3.113.0.0 2008.10.23 -
GData 19 2008.10.23 -
Ikarus T3.1.1.44.0 2008.10.23 -
K7AntiVirus 7.10.505 2008.10.23 -
Kaspersky 7.0.0.125 2008.10.23 -
McAfee 5413 2008.10.23 -
Microsoft 1.4005 2008.10.23 -
NOD32 3550 2008.10.23 -
Norman 5.80.02 2008.10.23 -
Panda 9.0.0.4 2008.10.23 -
PCTools 4.4.2.0 2008.10.23 -
Prevx1 V2 2008.10.23 -
Rising 21.00.32.00 2008.10.23 -
SecureWeb-Gateway 6.7.6 2008.10.23 Trojan.Dldr.Bagle.aaq
Sophos 4.34.0 2008.10.23 Sus/ComPack
Sunbelt 3.1.1747.1 2008.10.23 -
Symantec 10 2008.10.23 -
TheHacker 6.3.1.0.125 2008.10.23 -
TrendMicro 8.700.0.1004 2008.10.23 -
VBA32 3.12.8.8 2008.10.22 -
ViRobot 2008.10.23.1434 2008.10.23 -
VirusBuster 4.5.11.0 2008.10.23 -
Additional information
File size: 6057984 bytes
MD5…: b40246b99a3722616bc6fc3df05ab4bb
SHA1…: 20b23cd15d1574302095b681c6f93c10973e33cf
SHA256: 753a79539a23daa7d097db6496e9d4ab59245da8225bf91c33b1a0b41db7f804
SHA512: 365811f34817080528cbe11ef641eb51847fb22dbfb2ab83c4fcfcdec39804d9
48ee92304550717cc8b3bcd5c13c3d6aac0f6725fe494bfe4501227db1f7d7f8
PEiD…: -
TrID…: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x86d014
timedatestamp…: 0x46f7e810 (Mon Sep 24 16:38:40 2007)
machinetype…: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x44d000 0x2e3000 7.96 da600d9be3219ed76c932a5f7674b15f
.rsrc 0x44e000 0x1d6b1 0x1e000 6.21 a5dcb9b09a1bf6a385e7d58a7f46c8ce
.idata 0x46c000 0x1000 0x1000 0.24 66e14847e24b4796e0273c0c3d11c03b
TweakVI 0x46d000 0x662000 0x2c4000 7.95 efb3992fa4d94e9d6fc633b1ad4fe584
( 2 imports )
KERNEL32.dll: CreateFileA, ExitProcess
COMCTL32.dll: InitCommonControls
( 0 exports )
So what do you think false-positive ?