Windows 11 - Trojan horse installed today 8/18 with latest update #43.14?

Nlmbrd

I installed the latest update. after the install, I closed Quicken and then restarted. The quicken icon was no longer valid. I searched for qw.exe and could not find it. My virus protection immediately flagged a trojan horse and quarantined it. I called tech support and they had other users with the same issue. it has been escalated but no solution as of yet. Is my data compromised?

[Deleted User]

@Nimbrd - What virus protection software are you currently using?  There have been several posts from users in recent months who use Kaspersky, and it is disabling, and quarantining Quicken as a Trojan Horse after an update.

markus1957

Unlikely it is really a trojan. Windows Defender does not object to the update patch nor did a scan of the folders find an issue. The patch has other issues and likely your virus software didn't like the way it was configured.

rex.basham

Same error for me. Using Kaspersky (and have been for over 20 years) and I would trust it before trusting a new (unwanted) update from Quicken. The Quicken support rep I spoke with was [Removed - Disruptive] so the first thing I did was figure out how to prevent automatic program updates from happening.
Problem solved.

markus1957

rex.basham said:

Same error for me. Using Kaspersky (and have been for over 20 years) and I would trust it before trusting a new (unwanted) update from Quicken. The Quicken support rep I spoke with was [Removed - Disruptive] so the first thing I did was figure out how to prevent automatic program updates from happening.
Problem solved.

I think you will find you will still get certain automatic updates. 

slm12131

Same error and problem today as well. Same error with Quicken version 43.14 update at launch. Running Windows 10 and Kaspersky (and have for many years.) Looks like I will have to download and reinstall a prior version and prevent automatic updates. Data files and backups appear good, but backing all up before reinstalling.

Greg_the_Geek

Why don't you just pause your AV software?

Chris_QPW

Greg_the_Geek said:

Why don't you just pause your AV software?

Because they believe their anti-virus software is telling them the truth, when in fact it isn't.

rex.basham

Pausing one's AV software every time one wishes to open Quicken is NOT a useable solution.

rex.basham

An appropriate solution would be for the Quicken developers to allow the end user the option of installing the update PRIOR to doing a push update with an unwanted/unnecessary update release. But apparently that is beyond the current capabilities of adding useful features.

Greg_the_Geek

You would only need to pause Quicken when there's an update. An appropriate solution would be for you to contact Kaspersky (a Russian company) and complain about a false positive. I use Norton and have never had a problem updating Quicken.

mskofmehl

I'm having trouble reinstalling quicken. what do I do?

[Deleted User]

Here is a solution another Kaspersky user found that might work - 

- Pause protection

- Restore qw.exe from Kaspersky AV quarantine

- Add C:\Program Files (x86)\qw.exe to Kaspersky AV exclusions

- Resume protection.

Nlmbrd

I am using Kaspersky and will try pausing it and restoring qw.exe but where do I find qw.exe

Nlmbrd

I just reinstalled quicken from their website so far so good. Stay tuned.

markslang

I have the same problem with Quicken's latest update and Kaspersky. There was mention earlier of turning off Quicken updates. However, I can find no way to do that. It does not use the Windows update installer, it runs its own program when I open Quicken. Quicken support helped me get back to an earlier version, but I am afraid it will just update again automatically the next time I open it. Kaspersky is apparently not detecting known malware; it is detecting actions that suggest Quicken is acting like malware. It must be keylogging or sending data out on the internet when it starts. If anyone knows how to prevent the updates, please share. Thanks.

Chris_QPW

markslang said:

I have the same problem with Quicken's latest update and Kaspersky. There was mention earlier of turning off Quicken updates. However, I can find no way to do that. It does not use the Windows update installer, it runs its own program when I open Quicken. Quicken support helped me get back to an earlier version, but I am afraid it will just update again automatically the next time I open it. Kaspersky is apparently not detecting known malware; it is detecting actions that suggest Quicken is acting like malware. It must be keylogging or sending data out on the internet when it starts. If anyone knows how to prevent the updates, please share. Thanks.

Quicken does use a Windows Installer, but when it is run when Quicken starts it is run silently.
There isn't any setting in Quicken that prevents Quicken from running the install at startup, what people are talking about is setting your Windows Users Account Control settings so that Windows will prompt you whenever any program tries to "modify your system".

Click Windows Start button and type: Change User Account Control settings
It should be set to one of the two settings I have indicated below: