Jump to content

Malware.AI.1301800893 - Picked up SolarWinds Antivirus Asset Scan


Recommended Posts

I believe this is a false positive as it is part of our SolarWinds Antivirus package (BitDefender and LanGuard). VirusTotal says there are no hits. File is attached, the password is 'infected'.

https://www.virustotal.com/gui/file/69e4de45eb900381c0bb085497393f3b0ea35607f46f77436f17a23ff1b82471/detection

 

Malware.AI.1301800893
Malware
File
C:\PROGRAM FILES (X86)\ADVANCED MONITORING AGENT\ASSETSCAN.EXE

assetscan.zip

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Thanks for the logs, I can confirm that there was a networking issue during the whitelist check so it ended up getting detected. The file is still whitelisted though so as long as there are no other networking error, the file should not be detected.

Link to post
Share on other sites

Same problem again today. The bottom one is whitelisted ("Exclusions") and yet it has been quarantined.

The other one is RdpGuard, a security program we use to block IPs after several failed RDP attempts.

 

Malware.AI.2838036267 Reg, Key Malware Quarantined HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RdpGuard_is1
Malware.AI.2838036267 File Malware Quarantined C:\PROGRAM FILES (X86)\RDPGUARD\UNINS000.EXE
Malware.AI.2838036267 Reg, Key Malware Quarantined HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F88FE7C0-2B64-405B-9197-25F8BE135460}_is1
Malware.AI.2838036267 File Malware Quarantined C:\PROGRAM FILES\ADVANCED MONITORING AGENT NETWORK MANAGEMENT\UNINS000.EXE

 

Two are Registry entries, attached are the two uninstallers.

unins000_SolarWinds_Advanced_Monitoring_Agent.zip unins000_RdpGuard.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.