Trojan found in Packages backups

Sono · November 04, 2024, 08:49:42 PM

Kaspersky Antivirus has just found a Trojan (Trojan.PHP.Kryptik.gen) in the backup of my forum on my computer, in the Packages\backups library. The package backup is: 2024-02-14_before_SMF4Mobile-mod.tar.gz

I still didn't scan the online copy of the file. Can I delete it just as is, or it is needed for a proper uninstall of the package?

vbgamer45 · November 04, 2024, 08:57:07 PM

You can delete.

Sir Osis of Liver · November 04, 2024, 08:57:53 PM

You don't need it to uninstall the mod, it's just there as a backup in case the mod install/uninstall goes sideways and you didn't do your own backup.

Steve · November 05, 2024, 08:33:41 AM

It could also be a false positive. I'd check it with something else to confirm, like Malwarebytes.

Aleksi "Lex" Kilpinen · November 05, 2024, 09:35:50 AM

Yeah, many definitions ending with .gen can cause false positives too, and I wouldn't be surprised if this was the case. But simply removing a backup file is safe, if everything is working correctly.

Sir Osis of Liver · November 05, 2024, 03:40:36 PM

I've seen this several times where Kaspersky flags viruses in package backups, but nowhere else. Don't think they're real.

News:

Trojan found in Packages backups

Sono

vbgamer45

Sir Osis of Liver

Steve

Aleksi "Lex" Kilpinen

Sir Osis of Liver