Skip to main content
TurboTax
Community
TurboTax
Community
TurboTax
Community
N
Nickalh
January 13, 2025
Question

New Download flagged as malware?

  • January 13, 2025
  • 1 reply
  • 0 views

Hello all,
An antivirus software flags Turbo Tax with not one but two pieces of malware.  
I use VirusTotal at the website with the same name.  The first is "TrojanDropper.Agent.lxk" by Jiangmin and the 2nd is "Adware.Presenoker" by VBA32.  This is a fresh download directly from Intuit.com  

This link shows the results of the virus scan.
https://www.virustotal.com/gui/file/5c045ea43ca1196202a1edb8901c3aa6eefe180d83132c086710911d05b5ebb3

Considering this is financial with all of the the most sensitive information, SSN, etc., I am particularly cautious.

I'm also putting in a support request with Intuit directly and plan on posting what they say here. 

1 reply

M
Mike9241
January 13, 2025

AV apps are tools. Sometimes they will miss infected files or even indicate that a clean file is infected. 

Now sure what you did because there is no download with the online version unless you are just using it to post this. As far as I can tell no one else has reported their AV app detected that a downloaded version had malware, but satisfy yourself. 

N
NickalhAuthor
January 13, 2025

I didn't say it was the online version.  I downloaded the installer for the "Desktop" version or "offline" version.

I'm aware of the possibility of false positives by antivirus software. Still given major software, see the Solar Winds attack, companies have unwittingly distributed malware, I think caution is warranted.  

Also, I don't see a way to email, chat with or otherwise contact intuit except by a support phone number.  I'm not yet sure when I'll find the time to call them.

    C
    CKing-1
    January 14, 2025

    I did the same scan as you and noticed the issue. I then scanned the previous year downloads (2021,2022,2023) and they all have the exact same situation.  the same 2 virustotal vendors flag the same TrojanDropper and Adware.  I think that these are actually false positives.  If it was an issue, I think it would have been noticed by now.   Jiangmin is a company located in China.  VBA32 is located in Belarus.  I'm not sure how you would reach out to them to inquire or report the positive result.   At this point, I'm probably going to install. 

      TurboTax Sign In Widget
      TurboTax flag icon

      Unlock tailored help options in your account

      Create an account
      TurboTax Expert Assist
      TurboTax Expert

      Get answers to all your tax questions

      Our experts are available on-demand, no appointment needed. Get help all year long with TurboTax Expert Assist.

      Terms & ConditionsAccessibility statement
      Intuit
      TurboTax Credit Karma QuickBooks MailChimp

      ©1997-2022 Intuit, Inc. All rights reserved.
      Intuit, QuickBooks, QB, TurboTax, ProConnect, and Mint are registered trademarks
      of Intuit Inc. Terms and conditions, features, support, pricing, and service options
      subject to change without notice.

      Security Certification of the TurboTax Online application has been performed by
      C-Level Security.

      By accessing and using this page you agree to the Terms of Use.

      Accessibility

      TRUSTe nResult Certified e-File C-Level Security Certification