durindal
09-27-2006, 10:17 AM
(Apologies in advance: this posting may involve SUP6 instead of SUP7, but the SUP6 forum appears to be archived and closed to me.)
I have a file (C:\Windows\iun6002ev.exe) that McAfee VirusScan (latest version, definition files up-to-date) detects as being infected with the "Generic Dropper.i" trojan. I have a request in with McAfee/Avert as to whether or not this is a false positive. My questions here are
Is iunev6002.exe a valid SUP6 file? Windows (XP, SP2) properties identify it with as "Setup Factory 6.0 Runtime Module" and "SUF60Runtime", but I've only seen iun6002.exe referenced as a SUP60 installer file. (There is a C:\Windows\iun6002.exe file on the system as well, but McAfee AV does not tag it as being infected.)
If iun6002ev.exe is a file that ships with SUP6 or is part of the runtime for SUP6, are there any MD5 hashes of the file available from Indigo Rose that I could obtain to try and verify that what I have is a valid file?
Thanks in advance for any assistance on this, if possible.
I have a file (C:\Windows\iun6002ev.exe) that McAfee VirusScan (latest version, definition files up-to-date) detects as being infected with the "Generic Dropper.i" trojan. I have a request in with McAfee/Avert as to whether or not this is a false positive. My questions here are
Is iunev6002.exe a valid SUP6 file? Windows (XP, SP2) properties identify it with as "Setup Factory 6.0 Runtime Module" and "SUF60Runtime", but I've only seen iun6002.exe referenced as a SUP60 installer file. (There is a C:\Windows\iun6002.exe file on the system as well, but McAfee AV does not tag it as being infected.)
If iun6002ev.exe is a file that ships with SUP6 or is part of the runtime for SUP6, are there any MD5 hashes of the file available from Indigo Rose that I could obtain to try and verify that what I have is a valid file?
Thanks in advance for any assistance on this, if possible.