https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282706#M76126 <P>Have you considered this isn't a false positive and PAN is actually protecting you from yourself?&nbsp; Also, are you running file blocking in anyway?&nbsp; This appears to be related to SMB and I'm guessing is somehow associated to mounted remote directories?</P> Wed, 14 Aug 2019 13:15:04 GMT jeremy.larsen 2019-08-14T13:15:04Z https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282547#M76104 <P>Dear Support,</P><P>&nbsp;</P><P>Our customers have been reporting that palo alto is identifying our software as malware.</P><P>&nbsp;</P><P>application ms-ds-smbv3<BR />virus/win32.wgeneric.vnujo<BR />ID 219797367</P><P>&nbsp;</P><P>How can we proceed to whitelist our software permanently?</P><P>&nbsp;</P><P>Thank you</P> Tue, 13 Aug 2019 19:23:34 GMT https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282547#M76104 prsi0203 2019-08-13T19:23:34Z https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282696#M76120 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/119875">@prsi0203</a> ,</P> <P>&nbsp;</P> <P>You'll need to reach out to support:</P> <P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm3aCAC" target="_self">How to Submit an Anti-Virus False Positive</A></P> <P>&nbsp;</P> <P>Cheers !</P> <P>-Kiwi.</P> Wed, 14 Aug 2019 10:16:15 GMT https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282696#M76120 kiwi 2019-08-14T10:16:15Z https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282706#M76126 <P>Have you considered this isn't a false positive and PAN is actually protecting you from yourself?&nbsp; Also, are you running file blocking in anyway?&nbsp; This appears to be related to SMB and I'm guessing is somehow associated to mounted remote directories?</P> Wed, 14 Aug 2019 13:15:04 GMT https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282706#M76126 jeremy.larsen 2019-08-14T13:15:04Z https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282714#M76130 <P>How can i have access to the support? We do not have a palo alto product, our customers do.</P> Wed, 14 Aug 2019 13:48:21 GMT https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282714#M76130 prsi0203 2019-08-14T13:48:21Z https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282715#M76131 <P>It is a false positive. Thats the way our software works, it is executed from an shared folder to simplify the use to our customers.</P><P>I was wondering if there a way to work closer with palo alto to whitelist our softwares based on the application certificate or anything else permanently instead of submitting everytime it may triggers a false positive with a new/updated version.</P> Wed, 14 Aug 2019 13:50:28 GMT https://live.paloaltonetworks.com/t5/general-topics/false-positive-virus-win32-wgeneric-vnujo/m-p/282715#M76131 prsi0203 2019-08-14T13:50:28Z