Him
Got this WinLNK Trojan alert today from MS Defender on the VeeamOne (12.1 latest) Windows server:
"
The following error occurred: Error code 0x80508023. The program could not find the malware and other potentially unwanted software on this device.
Category: Trojan
Description: This program is dangerous and executes commands from an attacker.
Recommended action: Remove this software immediately.
Items:
file:C:\ProgramData\Veeam\OneAgent\Storage\cc10c7bb-5333-4785-9cfa-f9c2878ee232\DBF4E3A0-1505-4880-88B9-CA874771DA35\LogAnalyzer1.0.1.db
"
Fileis currantly Quarantied and Veeamone unchanged since upgraded from 12 to 12.1 months ago.
Anyone seen this?
-
AVavav
- Influencer
- Posts: 23
- Liked: 2 times
- Joined: Oct 06, 2021 10:16 am
- Contact:
-
RomanK
- Veeam Software
- Posts: 802
- Liked: 210 times
- Joined: Nov 01, 2016 11:26 am
- Contact:
Re: VeeamOne Agent detected as malware (LogAnalyzer1.0.1.db)
Hello AVavav,
So far it doesn't look familiar. We'll check that internally with QA and I'll update the thread.
Thanks for the report
So far it doesn't look familiar. We'll check that internally with QA and I'll update the thread.
Thanks for the report
-
RomanK
- Veeam Software
- Posts: 802
- Liked: 210 times
- Joined: Nov 01, 2016 11:26 am
- Contact:
Re: VeeamOne Agent detected as malware (LogAnalyzer1.0.1.db)
Hello AVavav,
I have confirmed with teams that LogAnalyzer1.0.1.db - is a database file without executable code. The message you received is a false positive.
Please follow this KB: KB2046: Antivirus Exclusions for Veeam ONE.
Thanks
I have confirmed with teams that LogAnalyzer1.0.1.db - is a database file without executable code. The message you received is a false positive.
Please follow this KB: KB2046: Antivirus Exclusions for Veeam ONE.
Thanks
Who is online
Users browsing this forum: No registered users and 1 guest