• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
taplop

trojan.win32.generic.bt! in xp clean express ?

4 posts in this topic

Hello,

a scan with Ad-Aware (newest version and updates) says that inside the setup file of XP Clean Express is the Trojan trojan.win32.generic.bt!

It is an older version of XP Clean Express but I downloaded the newest from developer too and there it shows the same

Here is what virustotal.com says to the new and the older version (same result):

AhnLab-V3 2010.09.13.00 2010.09.13 -
AntiVir 8.2.4.50 2010.09.13 -
Antiy-AVL 2.0.3.7 2010.09.13 -
Authentium 5.2.0.5 2010.09.13 -
Avast 4.8.1351.0 2010.09.13 -
Avast5 5.0.594.0 2010.09.13 -
AVG 9.0.0.851 2010.09.13 -
BitDefender 7.2 2010.09.13 -
CAT-QuickHeal 11.00 2010.09.13 -
ClamAV 0.96.2.0-git 2010.09.13 -
Comodo 6065 2010.09.13 UnclassifiedMalware
DrWeb 5.0.2.03300 2010.09.13 -
Emsisoft 5.0.0.37 2010.09.13 -
eSafe 7.0.17.0 2010.09.12 -
eTrust-Vet 36.1.7852 2010.09.13 -
F-Prot 4.6.1.107 2010.09.13 -
F-Secure 9.0.15370.0 2010.09.13 -
Fortinet 4.1.143.0 2010.09.13 -
GData 21 2010.09.13 -
Ikarus T3.1.1.88.0 2010.09.13 -
Jiangmin 13.0.900 2010.09.13 -
K7AntiVirus 9.63.2496 2010.09.11 -
Kaspersky 7.0.0.125 2010.09.13 -
McAfee 5.400.0.1158 2010.09.13 Artemis!2090B3F26DF4
McAfee-GW-Edition 2010.1B 2010.09.13 Artemis!2090B3F26DF4
Microsoft 1.6103 2010.09.12 -
NOD32 5446 2010.09.13 -
Norman 6.06.06 2010.09.13 -
nProtect 2010-09-13.02 2010.09.13 -
Panda 10.0.2.7 2010.09.12 -
PCTools 7.0.3.5 2010.09.13 -
Prevx 3.0 2010.09.14 -
Rising 22.65.00.03 2010.09.13 -
Sophos 4.57.0 2010.09.13 Mal/Generic-A
Sunbelt 6868 2010.09.13 Trojan.Win32.Generic!BT
SUPERAntiSpyware 4.40.0.1006 2010.09.13 -
Symantec 20101.1.1.7 2010.09.13 -
TheHacker 6.7.0.0.016 2010.09.12 -
TrendMicro 9.120.0.1004 2010.09.12 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.13 -
VBA32 3.12.14.0 2010.09.13 -
ViRobot 2010.8.25.4006 2010.09.13 -
VirusBuster 12.65.2.0 2010.09.12 -

The older version has MD5 8e7d761d073d9f8cca732e05905a2c4f and the newer has MD5 7201c7928fc69412a0aebc448f9f73d0

I can't attach the setup because it is too big but it seems the "setup.exe" inside makes the prolem, so I attached it here

This is what virustotal.com says about the setup.exe

AhnLab-V3 2010.09.13.00 2010.09.13 -
AntiVir 8.2.4.50 2010.09.14 -
Antiy-AVL 2.0.3.7 2010.09.13 -
Authentium 5.2.0.5 2010.09.13 -
Avast 4.8.1351.0 2010.09.13 -
Avast5 5.0.594.0 2010.09.13 -
AVG 9.0.0.851 2010.09.13 -
BitDefender 7.2 2010.09.13 -
CAT-QuickHeal 11.00 2010.09.13 -
ClamAV 0.96.2.0-git 2010.09.13 -
Comodo 6065 2010.09.13 UnclassifiedMalware
DrWeb 5.0.2.03300 2010.09.13 -
Emsisoft 5.0.0.37 2010.09.14 -
eSafe 7.0.17.0 2010.09.12 -
eTrust-Vet 36.1.7852 2010.09.13 -
F-Prot 4.6.1.107 2010.09.13 -
F-Secure 9.0.15370.0 2010.09.13 -
Fortinet 4.1.143.0 2010.09.13 -
GData 21 2010.09.13 -
Ikarus T3.1.1.88.0 2010.09.13 -
Jiangmin 13.0.900 2010.09.13 -
K7AntiVirus 9.63.2496 2010.09.11 Trojan
Kaspersky 7.0.0.125 2010.09.13 -
McAfee 5.400.0.1158 2010.09.13 Artemis!2090B3F26DF4
McAfee-GW-Edition 2010.1B 2010.09.13 Artemis!2090B3F26DF4
Microsoft 1.6103 2010.09.12 -
NOD32 5446 2010.09.13 -
Norman 6.06.06 2010.09.13 -
nProtect 2010-09-13.02 2010.09.13 -
Panda 10.0.2.7 2010.09.12 -
PCTools 7.0.3.5 2010.09.13 -
Prevx 3.0 2010.09.14 High Risk Worm
Rising 22.65.00.03 2010.09.13 -
Sophos 4.57.0 2010.09.13 Mal/Generic-A
Sunbelt 6868 2010.09.13 Trojan.Win32.Generic!BT
SUPERAntiSpyware 4.40.0.1006 2010.09.13 -
Symantec 20101.1.1.7 2010.09.13 -
TheHacker 6.7.0.0.016 2010.09.12 -
TrendMicro 9.120.0.1004 2010.09.12 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.13 -
VBA32 3.12.14.0 2010.09.13 -
ViRobot 2010.8.25.4006 2010.09.13 -
VirusBuster 12.65.2.0 2010.09.12 -


I attached the files with zip and password "infected"

Can I send the setup files somehow? They are 4,5 and 5 MB big

Could you please check?

Thanks a lot

Share this post


Link to post
Share on other sites
Hello

I did an update now but the setup.exe is still found as win32.trojandropper.joiner

Is it already in the database or should I try later?

Share this post


Link to post
Share on other sites
I don't want to bother, but I'm insecure now

Could you please tell me if it is false-positve, because I updated some minutes ago and have Version 0150.0087 but still adaware finds win32.trojandropper.joiner in setup.exe (from within xp_express.exe) and trojan.win32.generic.bt! in xp_express.exe (the archive where setup.exe is inside)

do I have to wait for the next or one of the next updates or did I mis something?

thanks for help

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0