Meraki

Community

Windows Endpoint Agent 4.2.2 flagged as trojan (Win32/Vigorf.A) by Windows Defender

BertramC
Comes here often
‎Jul 31 2024 7:58 AM
‎Jul 31 2024 7:58 AM

Windows Endpoint Agent 4.2.2 flagged as trojan (Win32/Vigorf.A) by Windows Defender

Windows Defender is flagging Endpoint Agent 4.2.2 as a Win32/Vigorf.A trojan. Can anyone point me to where I can download previous versions of the Endpoint Agent? Thanks. 

Labels:
0 Kudos
4 Replies 4
BHC_RESORTS
Head in the Cloud
‎Aug 22 2024 4:24 PM
‎Aug 22 2024 4:24 PM

3 weeks later and still no update on this? Should we just consider MDM for Windows an abandoned product and seek a refund?

 

https://www.virustotal.com/gui/file/a84c7c381622076877a5f21fed97cb7cf987a8896be350136d2f6ec9785fcadc...

BHC Resorts IT Department
0 Kudos
QueJay
New here
‎Aug 26 2024 7:32 AM
‎Aug 26 2024 7:32 AM

If you change the default system version in the Dashboard and attempt to access your network with a device to receive the self-service portal it will prompt you to download the default version; which can be as low as 3.7.2 right now I believe.

0 Kudos
BrandonD
Meraki Employee
Meraki Employee
‎Aug 26 2024 7:40 AM
‎Aug 26 2024 7:40 AM

Hi All,

 

Brandon here from the dedicated SM Support team 😊.

I would recommend opening a Support case (Dashboard > (?) > Get help & cases > Support Center > SM Systems Manager > Submit a case) as Support can provide a detailed analysis of what we believe could be causing this, and potential next steps. In short, our Agent download/ SHA-1 hash value has not changed since the initial release of 4.2.2 however we did start to receive cases in relation to this issue more recently. 

 

Thanks All!

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
In response to BrandonD
BHC_RESORTS
Head in the Cloud
‎Aug 26 2024 3:16 PM
‎Aug 26 2024 3:16 PM

@BrandonD 

 

The problem is that 6 security vendors are flagging the hash as malicious, including Microsoft. Not sure what we can do differently other than for Meraki to work with those vendors to have the hash NOT flagged as malicious.

 

BHC_RESORTS_0-1724710587770.png

 

BHC Resorts IT Department
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.