You are here

kaspersky detects trojan when trying to use "backup"

12 posts / 0 new
Last post
benma
Offline
Last seen: 14 years 2 months ago
Joined: 2007-05-02 12:42
kaspersky detects trojan when trying to use "backup"

Hello.
For some reason Kaspersky AV, alerts me of: trojan.win32.agent.ixj
when i try using the "backup" feature. it's some file in folder that is being created in the user's temp directory in windows, when trying to use "backup" feature of suite.
Didn't have that problem before. Maybe this trojan was added to database of Kaspersky only lately. Nevertheless it's a trojan. Tried it with Suit Standard, light, and beta -same problem.
Anyone has a solution?
I mean, if it's a false detection, why does it pop up only on backup?

Stevoisiak
Stevoisiak's picture
Offline
Last seen: 2 years 10 months ago
Joined: 2008-02-05 11:22
Ugh

Have you tried redownloading the suite? Done an MD5 sum verification? (No, I have no idea what an MD5 sum is either) Checking to make sure your antivirus is updated?

Simplifying daily life through technology

Bruce Pascoe
Offline
Last seen: 10 years 6 months ago
Joined: 2006-01-15 16:14
...

An md5sum is basically just a file's "signature." If the file changes, so does the signature.

John Bentley
John Bentley's picture
Offline
Last seen: 12 years 10 months ago
Developer
Joined: 2006-01-24 13:26
Upload the backup utility to

Upload the backup utility to http://www.virustotal.com/.

cowsay Moo
cowthink 'Dude, why are you staring at me.'

benma
Offline
Last seen: 14 years 2 months ago
Joined: 2007-05-02 12:42
Update

When i scanned the file myself with Kaspersky it returned "no threats" but when trying to backup, it sounds the alarm. I guess it thinks a trojan action is taking place...

I compressed the backup utility and uploaded it. Here are the results:

File PortableAppsBackup.rar received on 03.31.2008 18:44:46 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.4.1.0 2008.03.31 -
AntiVir 7.6.0.78 2008.03.31 -
Authentium 4.93.8 2008.03.30 -
Avast 4.7.1098.0 2008.03.30 -
AVG 7.5.0.516 2008.03.31 -
BitDefender 7.2 2008.03.31 -
CAT-QuickHeal 9.50 2008.03.31 -
ClamAV 0.92.1 2008.03.31 -
DrWeb 4.44.0.09170 2008.03.31 -
eSafe 7.0.15.0 2008.03.30 suspicious Trojan/Worm
eTrust-Vet 31.3.5658 2008.03.31 -
Ewido 4.0 2008.03.31 -
F-Prot 4.4.2.54 2008.03.30 -
F-Secure 6.70.13260.0 2008.03.31 -
FileAdvisor 1 2008.03.31 -
Fortinet 3.14.0.0 2008.03.31 -
Ikarus T3.1.1.20 2008.03.31 -
Kaspersky 7.0.0.125 2008.03.31 -
McAfee 5262 2008.03.28 -
Microsoft 1.3301 2008.03.31 -
NOD32v2 2987 2008.03.31 -
Norman 5.80.02 2008.03.31 -
Panda 9.0.0.4 2008.03.31 -
Prevx1 V2 2008.03.31 -
Rising 20.38.01.00 2008.03.31 -
Sophos 4.28.0 2008.03.31 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.31 -
TheHacker 6.2.92.259 2008.03.30 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.03.31 -
Webwasher-Gateway 6.6.2 2008.03.31 -
Additional information
File size: 378170 bytes
MD5: 11134e1735042f10193a86465b9dafe8
SHA1: d30ed75f8547b5c992cc5a6f79f089cb33b34061
PEiD: -
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX

Antivirus Version Last Update Result
AhnLab-V3 2008.4.1.0 2008.03.31 -
AntiVir 7.6.0.78 2008.03.31 -
Authentium 4.93.8 2008.03.30 -
Avast 4.7.1098.0 2008.03.30 -
AVG 7.5.0.516 2008.03.31 -
BitDefender 7.2 2008.03.31 -
CAT-QuickHeal 9.50 2008.03.31 -
ClamAV 0.92.1 2008.03.31 -
DrWeb 4.44.0.09170 2008.03.31 -
eSafe 7.0.15.0 2008.03.30 suspicious Trojan/Worm
eTrust-Vet 31.3.5658 2008.03.31 -
Ewido 4.0 2008.03.31 -
F-Prot 4.4.2.54 2008.03.30 -
F-Secure 6.70.13260.0 2008.03.31 -
FileAdvisor 1 2008.03.31 -
Fortinet 3.14.0.0 2008.03.31 -
Ikarus T3.1.1.20 2008.03.31 -
Kaspersky 7.0.0.125 2008.03.31 -
McAfee 5262 2008.03.28 -
Microsoft 1.3301 2008.03.31 -
NOD32v2 2987 2008.03.31 -
Norman 5.80.02 2008.03.31 -
Panda 9.0.0.4 2008.03.31 -
Prevx1 V2 2008.03.31 -
Rising 20.38.01.00 2008.03.31 -
Sophos 4.28.0 2008.03.31 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.31 -
TheHacker 6.2.92.259 2008.03.30 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.03.31 -
Webwasher-Gateway 6.6.2 2008.03.31 -

Additional information
File size: 378170 bytes
MD5: 11134e1735042f10193a86465b9dafe8
SHA1: d30ed75f8547b5c992cc5a6f79f089cb33b34061
PEiD: -
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX

Stevoisiak
Stevoisiak's picture
Offline
Last seen: 2 years 10 months ago
Joined: 2008-02-05 11:22
Oiy

Sometimes, I feel like there should be an entire topic on virus reports.

Simplifying daily life through technology

RMB Fixed
Offline
Last seen: 12 years 5 months ago
Joined: 2006-10-24 10:30
No, it's not a "trojan"

..and Kaspersky isn't the only one having trouble :
https://portableapps.com/node/12499

Why ? Either because AV-programs are quite stupid
OR the AV-manufacturers want you to feel that their
scam-programs work and that the world is filled with "trojans".

benma
Offline
Last seen: 14 years 2 months ago
Joined: 2007-05-02 12:42
Anyway to tell kaspesky

Anyway to tell kaspesky not to alert for this suite trojan?

John T. Haller
John T. Haller's picture
Offline
Last seen: 4 hours 10 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Report It

You need to report it to get Kaspersky to fix their buggy update.

Sometimes, the impossible can become possible, if you're awesome!

benma
Offline
Last seen: 14 years 2 months ago
Joined: 2007-05-02 12:42
I posted a thread

I posted a thread in the Kaspersky forum...

benma
Offline
Last seen: 14 years 2 months ago
Joined: 2007-05-02 12:42
Update

I informed Kaspersky on the problem. They confirmed the false alarm and said it'll be fixed as soon as possible.

benma
Offline
Last seen: 14 years 2 months ago
Joined: 2007-05-02 12:42
Kaspersky fixed it

No alert anymore

Log in or register to post comments