Simple-Help Being Identified as Trojan

Ryan_Hartwick · July 25, 2025, 11:59pm

Bitdefender GravityZone just alerted me to a malware outbreak in my environment that looks to be a detection of the SimpleHelp Unattended Remote Access installer. Anyone else getting this type of detection?

Installed Agent: Bitdefender Endpoint Security Tools
Malware Type: file
Malware name: QD:Trojan.Astraea.B5786E8578
Infected File: C:\Users\tpadmin\Downloads\Remote Access-windows64-offline.exe
SHA256 Hash: 0A14E33E96B533913D3B0144D3EDB574ED66E02BC91D55B4D65CE7811CD666A4
Infection Status: deleted
Detection Time: 25.07.2025 19:25:17
Logged User: SYSTEM

Rafael_Rodrigues · July 31, 2025, 8:48pm

Hello everyone,

I am encountering security issues with the SimpleHelp agent. I am receiving multiple alerts daily across our device fleet, and several agents are currently being quarantined, which forces me to perform complete reinstalls. Has anyone encountered this issue or have any suggestions for resolving it?

Dean_Greenway · August 1, 2025, 11:49am

Yes,
I had to create an exclusion for:
C:\ProgramData\JWrapper-Remote Access
On all Bitdefender modules.