Issue submitted by customer c238:
Running clamscan AV (ClamAV 0.101.4/25644/Mon Nov 25 09:54:22 2019) over our VM, built from your Cloudify RPM (4.5), indicates that a virus is present.
/opt/mgmtworker/env/lib/python2.7/site-packages/cloudify_agent/resources/pm/nssm/nssm.exe: Win.Malware.Ramnit-7408490-0 FOUND
Links to details on Ramnit:
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=win32%2Framnit (which refers to Windows but goes into more detail that is presumably still valid on Linux)
Can we please check this if this is a real issue or a false positive?
See in description
I believe we can close this ticket. any concerns or are you OK communicating this to the customer?
I agree with Ofer
please provide Eve and me an md5 checksum of the nssm.exe used by us for Linux and for Windows. we need to provide this for whitelisting this service.
please ignore. We have the checksum.
Closing as not a bug.