Kprobe setup2.5.exe file - Avast reports Trojan found - False positive?

vbimport

#1

I just received a virus warning regarding a Kprobe setup file - version 2.5 (kp2setup250.exe). I submitted it to virustotal.com and only two of the AV programs reported positive results. Jotti.org listed only Avast as finding a trojan.

Avast 4.7.844.0 Win32:Trojano-018
Ikarus 0.2.65.0 Trojan.Win32.StartPage.aak

File size: 2297233 bytes
MD5: d3373a41737691c6f118e4b87d4e2cc2


#2

I don’t know whether someone has hidden a trojan in the KProbe package you have downloaded - I don’t have the 2.5.0 version anymore so I can’t check the MD5 sum.

The newest version however is KProbe 2.5.2, and you can download it from CD Freaks by using this link.

The MD5 sum of the executable inside the Zip file should be:
1b996b2734343f87bd41e3c7949fa8f6


#3

I just downloaded it, and downloaded ver. 2.0 again - and Avast again reported the same trojan in 2.5.0, but not 2.5.2. The other AV programs on Jotti and Virustotal don’t seem to find one (except for Ikarus which I’ve never heard of).


#4

It’s better to be safe than sorry, so I would use the 2.5.2 version which is trojan free if I were you. The 2.5.0 version you have may be a false positive, but until you’re sure I wouldn’t try to run it!

I can’t think of a reason to run 2.5.0 instead of 2.5.2 anyway.


#5

The file remained on my download partition because I used it before I reinstalled my OS two weeks ago. I haven’t installed it yet, and yes, I’ve already downloaded 2.5.2.