Standalone backup agent for Microsoft Windows servers and workstations (formerly Veeam Endpoint Backup FREE)
Post Reply
firewall68
Influencer
Posts: 12
Liked: never
Joined: Jan 04, 2017 1:16 pm
Full Name: Mike
Location: Austria
Contact:

False positive alert - Veeam.Setup.Endpoint.dat

Post by firewall68 »

Hello togehter,
got the Beta agent today.
extract the downloaded Zip file and start the setup on a client (win10 Company CLient)
got the error that the installation file Veeam.Setup.Endpoint.dat is infected with trojan.GenericKD.4302372 (Quarantined)
https://www.f-secure.com/v-descs/trojan ... eric.shtml

Anyone else has this problem?

Thx Mike
Andreas_o
Lurker
Posts: 1
Liked: never
Joined: Feb 07, 2017 9:47 am
Contact:

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Post by Andreas_o »

Bitdefender also detects it: Trojan.GenericKD.4302372

I scanned the file with virustotal and it was detected by 11/56 AV's
https://www.virustotal.com/sv/file/e31e ... 486460470/
Dima P.
Product Manager
Posts: 14396
Liked: 1568 times
Joined: Feb 04, 2013 2:07 pm
Full Name: Dmitry Popov
Location: Prague
Contact:

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Post by Dima P. »

Nothing to worry about if you downloaded VAW Beta from our website. Both look like false positive alerts and I and going to submit a report to these vendors. Thanks guys!
firewall68
Influencer
Posts: 12
Liked: never
Joined: Jan 04, 2017 1:16 pm
Full Name: Mike
Location: Austria
Contact:

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Post by firewall68 »

Thx Dima, but what about the mesage afterwoods,

Fail to initalize setup programm.Refer to setup logs for details.
i could not find any logs also no in the Rar temp.

https://ibb.co/g1XygF

i could not install it, tried to download more than one time, run as admin, etc....

thx Mike
Dima P.
Product Manager
Posts: 14396
Liked: 1568 times
Joined: Feb 04, 2013 2:07 pm
Full Name: Dmitry Popov
Location: Prague
Contact:

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Post by Dima P. »

Mike,

Try to add VAW setup the exclusion list and temporary disable the antivirus. If that does not work PM me your contact email and I'll ask support team to reach you.
Dima P.
Product Manager
Posts: 14396
Liked: 1568 times
Joined: Feb 04, 2013 2:07 pm
Full Name: Dmitry Popov
Location: Prague
Contact:

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Post by Dima P. »

Update from F-Secure:
F-Secure Customer Care wrote: ...
Our analysis indicates that the file you submitted is clean. We have identified the issue as a False Positive, which will be resolved in an upcoming database update.

In the meantime, you may exclude this file from further scanning by the security product. You can do so using the following instructions:

Internet Security 2015:
https://community.f-secure.com/t5/F-Sec ... ta-p/56363
Client Security:
https://help.f-secure.com/product.html# ... F-12.00-en
Policy Manager and PSB Workstation:
https://community.f-secure.com/t5/Manag ... ta-p/66013
If you wish to manually update your security product's database, you can use the tools and instructions at:
https://www.f-secure.com/en/web/labs_gl ... rousel/vie
....
kevinme
Influencer
Posts: 12
Liked: 1 time
Joined: Oct 04, 2016 8:00 pm
Full Name: kevin
Contact:

[MERGED] False positive alert - Veeam.Setup.Endpoint.dat is

Post by kevinme »

iSheriff 5.8.21 issues Security Alert for Veeam Agent for Windows as the following:

Threat detected
A virus or unwanted application was found
Infection type: virus. Name Trojan.GenericKD.4302372

Filename: Veeam.Setup.Endpoint

I downloaded the Veeam file from here:

https://go.veeam.com/windows-backup-ty. ... _type=null

Note: Our Veeam B+R is 9.5 Update 1
Dima P.
Product Manager
Posts: 14396
Liked: 1568 times
Joined: Feb 04, 2013 2:07 pm
Full Name: Dmitry Popov
Location: Prague
Contact:

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Post by Dima P. »

Thanks for sharing. I’ll try reach this vendor to submit a false positive report.
kevinme
Influencer
Posts: 12
Liked: 1 time
Joined: Oct 04, 2016 8:00 pm
Full Name: kevin
Contact:

Re: Veeam Beta agent F-Secure Tojan.GenericKD.40302372 messa

Post by kevinme »

Thanks Dima!
Dima P.
Product Manager
Posts: 14396
Liked: 1568 times
Joined: Feb 04, 2013 2:07 pm
Full Name: Dmitry Popov
Location: Prague
Contact:

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Post by Dima P. »

Hi folks,

Shot update. According to Virus total Veeam.Setup.Endpoint.dat file now has detection ratio: 4 / 56

We will keep working with the rest of AV software on this false positive. Cheers!
Post Reply

Who is online

Users browsing this forum: No registered users and 36 guests