Jump to content

Help pdm:trojan.win32.genautorunmssqlservercommandrun.a

Recommended Posts

  • 2 months later...

How we can solve it?


Event: Blocked
Application: SQL Server Windows NT - 64 Bit
User type: System user
Component: System Watcher
Result description: Blocked
Type: Trojan
Name: PDM:Trojan.Win32.GenAutorunMsSqlServerCommandRun.a
Threat level: High
Object type: Process
Object path: C:\Program Files\Microsoft SQL Server\MSSQL10_50.ERBILNEW\MSSQL\Binn
Object name: sqlservr.exe
Databases release date: 27-07-2023 6:20:00 PM
MD5: 7396087F9212009B1B8FAC28C0B7B728

Link to comment
Share on other sites

Also, the root folder name created can trigger this. It may have gotten this description because different version and customized names behave like malicious and run from suspicious folder in execution.

In addition, a version that has received an update but has not been committed to the Kaspersky database may have similar false alarms.
If the software you are running does not want an old MSSQL version, be careful to install the current version as much as possible.

  • Like 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...