Win.Trojan.Philadelphia-1 in UpdateGenerator.exe

Win.Trojan.Philadelphia-1 in UpdateGenerator.exe

Postby dpailler » 10.10.2016, 07:34

Hi,
Since the last update of wsusoffline, updategenerator.exe is considered as Win.Trojan.Philadelphia-1 for winclav.
Do you have the same problème?

Regards
dpailler
 

Re: Win.Trojan.Philadelphia-1 in UpdateGenerator.exe

Postby harry » 10.10.2016, 08:33

Quite secure a false positive, please refer to https://virustotal.com/de/file/d3426160 ... /analysis/ (only 2/56 hits)

Please report it to the manufacturer of your AV software as false positive!
Source code is inside the archive.
harry
 
Posts: 737
Joined: 29.10.2009, 17:02

Re: Win.Trojan.Philadelphia-1 in UpdateGenerator.exe

Postby mpelas » 10.05.2017, 09:44

I just noticed that process explorer complains about the running of the UpdateGenerator.exe

I am on 10.9.2 version. The check against virustotal returns 3 alarms
https://www.virustotal.com/en/file/aa71 ... 494404039/
Malwr verifies infected file here
https://malwr.com/analysis/ZDJjYTYzOTg4 ... czMDM5YTM/

Please do verify if false positive.
Regards
mpelas
 

Re: Win.Trojan.Philadelphia-1 in UpdateGenerator.exe

Postby Dalai » 10.05.2017, 12:16

@mpelas: Well, it's only 3 out of more than 50 scanners that think to have found something. It's a false positive if you are sure to have downloaded the correct files. Here are some SHA-1 checksums of WSUS Offline 10.9.2:
Code: Select all
347c4b1fa83af65346649a206db4fa7a6d5a99c0 *wsusoffline1092.zip
cc44540762a2553d0172d7d0ff5aee7a8f147dad *UpdateGenerator.exe
19308c2412c7737b3f0524c1a866e36b5e2b3cc0 *UpdateInstaller.exe


Regards
Dalai
Dalai
 
Posts: 1041
Joined: 12.07.2016, 21:00


Return to Download

Who is online

Users browsing this forum: No registered users and 58 guests