Virus Scan Flagging Windows Agent Resource nssm.exe

Description

Issue submitted by customer c238:

Running clamscan AV (ClamAV 0.101.4/25644/Mon Nov 25 09:54:22 2019) over our VM, built from your Cloudify RPM (4.5), indicates that a virus is present.

/opt/mgmtworker/env/lib/python2.7/site-packages/cloudify_agent/resources/pm/nssm/nssm.exe: Win.Malware.Ramnit-7408490-0 FOUND

Links to details on Ramnit:

Can we please check this if this is a real issue or a false positive?

Steps to Reproduce

See in description

Why Propose Close?

None

Activity

Show:
Ofer Yarom
December 3, 2019, 1:13 PM

I believe we can close this ticket. any concerns or are you OK communicating this to the customer?

Barak Azulay
December 3, 2019, 5:05 PM

I agree with Ofer

Ofer Yarom
December 9, 2019, 3:03 PM

please provide Eve and me an md5 checksum of the nssm.exe used by us for Linux and for Windows. we need to provide this for whitelisting this service.

Ofer Yarom
December 9, 2019, 3:19 PM

please ignore. We have the checksum.

Ofer Yarom
December 9, 2019, 3:20 PM

Closing as not a bug.

Assignee

Michael Glokhman

Reporter

Eve Land

Labels

Severity

Critical

Target Version

5.0.5

Premium Only

no

Found In Version

4.5

QA Owner

None

Bug Type

legacy bug

Customer Encountered

Yes

Customer Name

None

Release Notes

yes

Priority

None

Epic Link

Priority

Unprioritized
Configure