https://live.paloaltonetworks.com/t5/next-generation-firewall/agcinvokerutility-exe-adobe-utility/m-p/576865#M2627 <P>Hi All,</P> <P>&nbsp;</P> <P>Recently our Palo Alto flagged&nbsp;Agcinvokerutility.exe (Virus/Win32.Wgeneric.Eedlvy(624280308)) as malicious. A quick search on the virus signature on Virus total confirmed it to be highly malicious.</P> <P>&nbsp;</P> <P>However,&nbsp;Agcinvokerutility.exe is also a known Adobe Utility which verifies if a valid version of adobe software is being used.</P> <P>&nbsp;</P> <P>Has anyone else experienced this in their environment lately? Is it a false positive signature which PA is working on fixing it?</P> Fri, 09 Feb 2024 18:46:59 GMT Sahil_Arora 2024-02-09T18:46:59Z https://live.paloaltonetworks.com/t5/next-generation-firewall/agcinvokerutility-exe-adobe-utility/m-p/576865#M2627 <P>Hi All,</P> <P>&nbsp;</P> <P>Recently our Palo Alto flagged&nbsp;Agcinvokerutility.exe (Virus/Win32.Wgeneric.Eedlvy(624280308)) as malicious. A quick search on the virus signature on Virus total confirmed it to be highly malicious.</P> <P>&nbsp;</P> <P>However,&nbsp;Agcinvokerutility.exe is also a known Adobe Utility which verifies if a valid version of adobe software is being used.</P> <P>&nbsp;</P> <P>Has anyone else experienced this in their environment lately? Is it a false positive signature which PA is working on fixing it?</P> Fri, 09 Feb 2024 18:46:59 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/agcinvokerutility-exe-adobe-utility/m-p/576865#M2627 Sahil_Arora 2024-02-09T18:46:59Z https://live.paloaltonetworks.com/t5/next-generation-firewall/agcinvokerutility-exe-adobe-utility/m-p/576874#M2628 <P>If you believe it to be a false positive you could create an exception for it and submit a TAC case for them to remove it. However, given the VirusTotal information on that I would be extremely hesitant to exception that and would actually just recommend that you dont exception it. Just because its ran as part of a known vendor does not necessarily mean its safe.&nbsp;</P> <P>&nbsp;</P> <P><A href="https://www.virustotal.com/gui/file/b807502f1a0804543488c5b85a386452d6f9848bf611db01728f3d8c23a212c9" target="_blank" rel="noopener">VirusTotal - File - b807502f1a0804543488c5b85a386452d6f9848bf611db01728f3d8c23a212c9</A></P> <P><A href="https://docs.paloaltonetworks.com/advanced-threat-prevention/administration/configure-threat-prevention/create-threat-exceptions#id566b52a9-d584-47f1-9c1d-f33814fe3c48" target="_blank" rel="noopener">Create Threat Exceptions (paloaltonetworks.com)</A></P> Fri, 09 Feb 2024 19:55:47 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/agcinvokerutility-exe-adobe-utility/m-p/576874#M2628 Claw4609 2024-02-09T19:55:47Z