Jump to content

False positive DesktopCentral


fittan
 Share

Recommended Posts

Hi, I received a ton of notifications this morning (3 AM EST) that a file in my DesktopCentral agent (by ManageEngine) is a malware. Can someone confirm if this a false positive or not? Thanks.

Malware.AI.28863885

Quarantined

C:\PROGRAM FILES (X86)\DESKTOPCENTRAL_AGENT\BIN\MDMREGISTRATIONHANDLER_64.EXE

Link to post
Share on other sites

mdmregistrationhandler.zip

Attached is the zipped detected file. How can I generate full detection log? I am running Malwarebytes Endpoint Nebula.

On the client, there's only option to "Start thread scan". There is no tabs, or any options to pull log. 

On the server (cloud.malwarebytes.com), I also can't find any option to pull log.

Please advise. Thanks.

Link to post
Share on other sites

  • Staff

Hi,

The file only should basically be ok though.

however, you attached the wrong file, so it seems, as I need the MDMREGISTRATIONHANDLER_64.EXE file (in this case, you attached the mdmregistrationhandler.exe file, where I can't reproduce detection on)

So can you check again for the MDMREGISTRATIONHANDLER_64.EXE file located in the C:\PROGRAM FILES (X86)\DESKTOPCENTRAL_AGENT\BIN\ folder? (I assume you have unquarantined the file first, as this is most probably a false positive).

Thanks!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.