Virus help

Add-in Express™ Support Service
That's what is more important than anything else

Virus help
Virus Dropper.Win33.Dapato 
Subscribe
Michael Kaden




Posts: 195
Joined: 2017-11-15
Dear Andrei,

I know that this forum is not about Viruses, but perhaps someone can help me. I am now battling for 3 days with the Trojan Dropper.Win32.Dapato Virus.

I have a VS Excel Add-In-Express AddIn which on publish produces the alera.exe Setup file. I have Kaspersky 18.0.0.405 installed.

I have several versions of alera.exe on the 1und1 webspace and also backups o my PC SSD hard drive and 2 external back up hard drive.

Kaspersky now (seems to) randomly find the Dropper.Win32Dapato virus as soon as I run alera.exe from the server. The following run does not give Virus warnings

Version 18 installation

The following link sometimes gives Virus warnings:

Version 24 installation

When I move the alera.exe (version 24) from the 1und1 webspace to he local drive, it sometimes runs but sometimes Kaspersky erases the file.

Virus total sometimes finds a virus with "Kaspersky" and "ZoneAlarm by Check Point" all other 71 search engines fail to find a virus.

After I submitted the alera.exe (Version 24) to the Kaspersky Kaspersky VirusDesk I get confirmation, that the file is not infected.

So if any body can help me to get this resolved, I would be most grateful.

the following questions:

1.) If it is a false positive, how can I get Kaspersky to ignore it?

2.) If there is a Droper.Win32.Dapato Virus, how can I kill it?

As said I know this is not a virus frorum, but any assistance or ideas would be greatly appreciated.

thank you and kind regards

Michael
Posted 04 Jun, 2019 06:05:18 Top
Andrei Smolin


Add-in Express team


Posts: 16176
Joined: 2006-05-11
Hello Michael,

Quite often this or that antivirus product (Kaspersky among them) detects a virus in our installers and other files. All of such cases were false positives. The usual order of things is: you contact the antivirus vendor, it confirms that the issue is a false positive and updates its database; you download a new virus definition database and live happy till the next round.

Regards from Belarus (GMT+3),

Andrei Smolin
Add-in Express Team Leader
Posted 04 Jun, 2019 06:10:07 Top
Michael Kaden




Posts: 195
Joined: 2017-11-15
Thank you Andrei,

Kaspersky have confirmed that it is a false positive. I assume I must take some strong automatic action out of my Kaspersky setup to make sure in the next round I am not again loosing halve my setup update history.

Thank you very much & kind regards


Michael
Posted 05 Jun, 2019 01:05:48 Top
Andrei Smolin


Add-in Express team


Posts: 16176
Joined: 2006-05-11
Welcome!

Regards from Belarus (GMT+3),

Andrei Smolin
Add-in Express Team Leader
Posted 05 Jun, 2019 01:34:22 Top