Hi
Last thursday I did a full system scan on my Windows 7 64bit with my Avast! Free and it found a "Win32:Malware-gen" in the directory "C://Program Files(x86)/Microsoft/Bing Bar/7.1.361.0/MUExe/7.1.361.0/BingBarSetup-Partner.EXE", so in a Bing Toolbar file, with regular Microsoft copyright. At the end of the analysis, suspecting it was a new false positive (my Avast had detected another FP just a few days before), I choosed to not automatically correct the problem. Instead, I analyzed the system with MBAM and the single file with the Kaspersky Virus Removal Tool, which didn't detect anything suspect. So I tried to view the file's properties but Avast blocked it again, indicating it as a malware and moving it to the virus chest.
Trying to understand something more, I restored the file from the virus chest and analyzed it using Virustotal, getting the following result:
https://www.virustotal.com/it/file/2cbb7875067792f6f08e6439fa7776c4fc0071c9736f11754a06594df1cfe25a/analysis/1424530069/Until two days ago only one antivirus (Avast!) on the 57 of Virustotal's analysis detected it as a malware, whereas the others viewed nothing suspect in it.
This fact makes me think about a FP, but I consider Avast responses to be very often reliable so I keep being suspicious, even more considering that, analyzing again the file, Avast keeps detecting it as a menace, and, cheking the Virustotal page about that file, I saw that it was updated yesterday with another user's analysis of the same file and now the antivirus GData detects it as a menace too, a "Win32.Trojan.Agent.BJRVXJ", as you can see in the Virustotal page at the link:
https://www.virustotal.com/it/file/2cbb7875067792f6f08e6439fa7776c4fc0071c9736f11754a06594df1cfe25a/analysis/Two days ago I also sent the file from the virus chest to the Avast lab to analyze it and understand if I can actually consider it a FP or if it represents a true menace, but, until now, nothing changed.
Besides, I don't understand from where this "virus" should come from. In fact, I'm always very prudent and cautious in these things.
As I said, the file appears as a legitimate Microsoft file that arrived on my computer with normal updates, as I can see on the Windows Update history, it's been in the system from a very long time and never created any sort of problems.
I apologize for the lenght of the messagge but I don't know what to think about this file and if i can consider this a true menace or just another FP.
Many Thanks