winxp sp2 and Win32:Trogen-gen again

ok peoples (u just gotta love that word), here’s an intersting twist to the really wierd Win32:Trojan-gen. {VC} reports. I have windows xp sp2 beta, and now avast! home says basically every windows update file is infected with Win32:Trojan-gen. {VC}

Dialog info box:

Virus name: Win32:Trojan-gen. {VC}
File Name: C:\Program Files\Common files\updmgr\simgr.exe
VPS Version: 0403-15, 03/19/2004

WinXP Version: Version 5.1.2600 (2600 indicates SP2 build)

now all i gotta do i to keep hitting OK until someone comes up with a solution, DOH :cry:

OK, DIS REGARD THIS POST!!!

to mods & admins: pls delete me!!! sry :-[

Why should we disregard the post? The XP2 file is still being detected as a virus, isn’t it?

So I guess we should definitely do something about it.

Thanks for your report,
Vlk

Hi,

i think the legit MS-Updater is called wupdmgr.exe (at least on Win2000; is this different on XP/SP2 ?)

yes, but i checked the source of the EXE (opened with Notepad) and i’ll post the human-readable data in the next reply. And yes, whocares is right, the legit updater has a different name. Well, if i see more virus reports on LEGIT winXP SP2 files, i’ll post them… :slight_smile:

oklidokili neighbourinos, here’s the readable part of the EXE (as attachment)

interfaces with ASPX file and downloads something…

i’ll see what u think :wink: