Oen

Same added 0 minutes later Sounds good, TYVM Quaksen

Got it. Thanks Quaksen for the clarification, I had misread that as if "Jiangmin" was a part of the file it found to be corrupt (closer to what I'm used to seeing), not as one of the many AV scans done (never heard of them). A quick scan of the rest and it was obvious, my apologies for not catching the setup. And also thanks again MGIMATTY for the tip on the website on the first place.

I had the exact same AV hit as OP, Trojan:Win32/Spallowz.A!plock http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Trojan%3aWin32%2fSpallowz.A!plock&threatid=2147697481&enterprise=0#tab-link-4 Checked out VirusTotal.com from MGIMATTY's response, and unfortunately it did find another Trojan in the file, here's the trimmed results... SHA256: b77f6dda429a991a739ed3b011c60a6cdd27cc00829d16590f2122cf5edcbb77 File name: Aslains_XVM_WoT_Modpack_Installer_v.9.13.08.exe Detection ratio: 1 / 53 Analysis date: 2015-12-21 02:40:44 UTC ( 1 minute ago ) Antivirus Result Update Jiangmin Trojan.Yakes.buad 20151220 Not sure the link to the file scan on VirusTotal.com will work for the rest of you, but here it is if it does. https://www.virustotal.com/en/file/b77f6dda429a991a739ed3b011c60a6cdd27cc00829d16590f2122cf5edcbb77/analysis/1450665644/ So, 2 things... Why do you guys think the Trojan:Win32/Spallowz.A!plock is a false positive? And what about the Trojan.Yakes.buad that VirusTotal.com found? Thank you all