Trojan.generic.155950

From the Log File after a Deep Scan:

C:\Program Files (x86)\VMware\VMware Workstation\pkg\Tools.cab=]windows.iso.470D6062_BFD8_4CA1_B8E7_E0908EEAE578=]VMware Tools.msi=](Embedded CAB)=]tpautoconnect.exe1.D9F23EA6_E0FA_47AA_907F_808D103497A8

Trojan.Generic.1559450 Infected (no action was possible, file was in an archive)

C:\Program Files (x86)\VMware\VMware Workstation\windows.iso=]VMware Tools.msi=](Embedded CAB)=]tpautoconnect.exe1.D9F23EA6_E0FA_47AA_907F_808D103497A8

Trojan.Generic.1559450 Infected (no action was possible, file was in an archive)

This "Trojan" has no real history.

Google Search shows 1 very recent entry: http://communities.vmware.com/message/1203061

Found no record of this Trojan at 2 other anti-virus vendor databases.

It appears only after a recent BitDefender Update and an uninstall of VMware Workstation 6.5.1 followed by an install of the the app downloaded from the vendor website gives the same log.

Wondering if this isn't a false positive.

Find more posts tagged with

Comments

rootkit

Please pack the file(s) in an archive, protected with the password infected.

Upload it on www.rapidshare.com or other server and leave here the download link.

digit2009

Is this a false positive or not?

it didn't appear yesterday on my machine after a deep scan, however, i reimaged my machine today with all the latest updates and it now appears with the latest scan.

any ideas?????

rootkit

Please provide the samples

digit2009

Please provide the samples

password = infected

http://rapidshare.com/files/211960231/windows.iso.zip.html

raslrdude

From the Log File after a Deep Scan:

C:\Program Files (x86)\VMware\VMware Workstation\pkg\Tools.cab=]windows.iso.470D6062_BFD8_4CA1_B8E7_E0908EEAE578=]VMware Tools.msi=](Embedded CAB)=]tpautoconnect.exe1.D9F23EA6_E0FA_47AA_907F_808D103497A8

Trojan.Generic.1559450 Infected (no action was possible, file was in an archive)

C:\Program Files (x86)\VMware\VMware Workstation\windows.iso=]VMware Tools.msi=](Embedded CAB)=]tpautoconnect.exe1.D9F23EA6_E0FA_47AA_907F_808D103497A8

Trojan.Generic.1559450 Infected (no action was possible, file was in an archive)

This "Trojan" has no real history.

Google Search shows 1 very recent entry: http://communities.vmware.com/message/1203061

Found no record of this Trojan at 2 other anti-virus vendor databases.

It appears only after a recent BitDefender Update and an uninstall of VMware Workstation 6.5.1 followed by an install of the the app downloaded from the vendor website gives the same log.

Wondering if this isn't a false positive.

Got an email from BitDefender this morning stating the detection has been solved. Ran a Deep Scan with the latest update which now finds NO Trojan.Generic.1559450.

rootkit