forums.wsusoffline.net

Hello,

When I try to download the latest version, wsusoffline116.zip, Immunet triggers an alert saying the file was detected with Win.Trojan.Generic::100.sbx.tg. Also, there is a trigger from my browser (Firefox) cache that had a W32.4448819D65-100.sbx.tg detection as well.

Looks like something in the zip file is setting off AV alerts.

Most likely a false positive.
The most AV scanners generally blacklist AutoIt3-Programs (used in wsusou for UpdateGenerator.exe/UpdateInstaller.exe).
I'd recommend you, to report the file as a false positive to your AV vendor.

A virus scan of a correctly downloaded and unmodified file can be found here:
http://download.wsusoffline.net/wsusoffline116_virustotal.pdf

If you don't trust the binaries, you may compile them yourself (source code is in the archive UpdateGenerator.au3/UpdateInstaller.au3).

It looks like wget.exe in the bin folder is the cause of the issue.

I was able to extract the zip file and individually scan the files and wget is the one that triggers the warning.

I submitted a false positive report to Immunet along with the wsusoffline116.zip file.