Posted 27 August 2008 - 03:20 AM
yesterday I had a problem with winupdate.exe, for instance causing a message "Windows cannot find c:\windows\system32\windupdate.exe." whenever the computer was turned on. There was also some freezing e.g. of the mouse cursor. Googlng indicated that this indeed was connected with malware.
Simultaneously, Avast Antivir refused to open. So, I had to find some other way. Eventually I found something called SDFix, installed it, and used it in the Safe Mode. According to this tree trojan files, sysvxd.exe, winupdate.exe and wscmp.dll was found, and deleted.
Since I still was unable to use Avast, I simply uninstalled this, and installed Avira Antivir Personal on the computer. Scanning with Avira gave 7 positives. My question concerns two of them, found in SDFix\backups\backups.zip, backups/winupdate.exe and backups/wscmp.dll
Is this normal after scanning with SDFix? Can anyone explain why the trojan files detected (and removed) by SDFix, turn up in the "backups" of SDFix on an Avira scan??