False positive alert - Veeam.Setup.Endpoint.dat

Backup agent for Microsoft Windows servers and workstations (formerly Veeam Endpoint Backup FREE)

False positive alert - Veeam.Setup.Endpoint.dat

Veeam Logoby firewall68 » Tue Feb 07, 2017 8:46 am

Hello togehter,
got the Beta agent today.
extract the downloaded Zip file and start the setup on a client (win10 Company CLient)
got the error that the installation file Veeam.Setup.Endpoint.dat is infected with trojan.GenericKD.4302372 (Quarantined)
https://www.f-secure.com/v-descs/trojan ... eric.shtml

Anyone else has this problem?

Thx Mike
firewall68
Novice
 
Posts: 7
Liked: never
Joined: Wed Jan 04, 2017 1:16 pm
Location: Austria
Full Name: Mike

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Veeam Logoby Andreas_o » Tue Feb 07, 2017 9:57 am

Bitdefender also detects it: Trojan.GenericKD.4302372

I scanned the file with virustotal and it was detected by 11/56 AV's
https://www.virustotal.com/sv/file/e31e ... 486460470/
Andreas_o
Lurker
 
Posts: 1
Liked: never
Joined: Tue Feb 07, 2017 9:47 am

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Veeam Logoby Dima P. » Tue Feb 07, 2017 11:37 am

Nothing to worry about if you downloaded VAW Beta from our website. Both look like false positive alerts and I and going to submit a report to these vendors. Thanks guys!
Dima P.
Veeam Software
 
Posts: 6121
Liked: 435 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Veeam Logoby firewall68 » Tue Feb 07, 2017 12:19 pm

Thx Dima, but what about the mesage afterwoods,

Fail to initalize setup programm.Refer to setup logs for details.
i could not find any logs also no in the Rar temp.

https://ibb.co/g1XygF

i could not install it, tried to download more than one time, run as admin, etc....

thx Mike
firewall68
Novice
 
Posts: 7
Liked: never
Joined: Wed Jan 04, 2017 1:16 pm
Location: Austria
Full Name: Mike

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Veeam Logoby Dima P. » Tue Feb 07, 2017 12:34 pm

Mike,

Try to add VAW setup the exclusion list and temporary disable the antivirus. If that does not work PM me your contact email and I'll ask support team to reach you.
Dima P.
Veeam Software
 
Posts: 6121
Liked: 435 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Veeam Logoby Dima P. » Tue Feb 07, 2017 2:50 pm

Update from F-Secure:

F-Secure Customer Care wrote:...
Our analysis indicates that the file you submitted is clean. We have identified the issue as a False Positive, which will be resolved in an upcoming database update.

In the meantime, you may exclude this file from further scanning by the security product. You can do so using the following instructions:

Internet Security 2015:
https://community.f-secure.com/t5/F-Sec ... ta-p/56363
Client Security:
https://help.f-secure.com/product.html# ... F-12.00-en
Policy Manager and PSB Workstation:
https://community.f-secure.com/t5/Manag ... ta-p/66013
If you wish to manually update your security product's database, you can use the tools and instructions at:
https://www.f-secure.com/en/web/labs_gl ... rousel/vie
....
Dima P.
Veeam Software
 
Posts: 6121
Liked: 435 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

[MERGED] False positive alert - Veeam.Setup.Endpoint.dat is

Veeam Logoby kevinme » Tue Feb 07, 2017 5:07 pm

iSheriff 5.8.21 issues Security Alert for Veeam Agent for Windows as the following:

Threat detected
A virus or unwanted application was found
Infection type: virus. Name Trojan.GenericKD.4302372

Filename: Veeam.Setup.Endpoint

I downloaded the Veeam file from here:

https://go.veeam.com/windows-backup-ty. ... _type=null

Note: Our Veeam B+R is 9.5 Update 1
kevinme
Influencer
 
Posts: 12
Liked: 1 time
Joined: Tue Oct 04, 2016 8:00 pm
Full Name: kevin

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Veeam Logoby Dima P. » Tue Feb 07, 2017 6:49 pm

Thanks for sharing. I’ll try reach this vendor to submit a false positive report.
Dima P.
Veeam Software
 
Posts: 6121
Liked: 435 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

Re: Veeam Beta agent F-Secure Tojan.GenericKD.40302372 messa

Veeam Logoby kevinme » Tue Feb 07, 2017 7:16 pm

Thanks Dima!
kevinme
Influencer
 
Posts: 12
Liked: 1 time
Joined: Tue Oct 04, 2016 8:00 pm
Full Name: kevin

Re: False positive alert - Veeam.Setup.Endpoint.dat is infec

Veeam Logoby Dima P. » Sat Feb 11, 2017 12:06 am

Hi folks,

Shot update. According to Virus total Veeam.Setup.Endpoint.dat file now has detection ratio: 4 / 56

We will keep working with the rest of AV software on this false positive. Cheers!
Dima P.
Veeam Software
 
Posts: 6121
Liked: 435 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov


Return to Veeam Agent for Windows



Who is online

Users browsing this forum: No registered users and 13 guests