05-31-2018 01:46 AM
Dear Palo Alto experts...,
We have various systems in our LAN seperated by our Palo Alto firewall.
In the last 24 hours the firewall detected 2.7K times the virus "Virus/Win32.WGeneric.rktkq"
The systems are scanned for inventory by two programs. Spiceworks and PDQ inventory. The scan server is on one side of the firewall. The other servers are on the other side of the firewall.
The "Spiceworks" server has been scanned by our Kasperksy AntiVirus solution. No detections here.
What could be causing this? And if it is a false positive, what would the next path forward to solve this problem?
Any thoughts you might have are very welcome.
Remko
06-07-2018 12:04 AM
Leo,
We noticed that an upgrade was available of PDQ inventory. After the upgrade (release 3) the virus detections disappeared.
I have also informed PDQ/Admin Arsenal about our findings.
Remko
06-07-2018 02:08 PM
I asked the PDQ team to update their application. The firewall team also also tells me that a signature update released yesterday corrected this. No alerts so far today.
Thanks,
leo
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
