11-13-2018 09:44 AM
I'm seeing what look slike a lot of false positives when using global protect. For example, Microsoft's Logon.exe excutable and any MS Endpoint patches
An example is
AM_Engine_Patch_1.1.15400.4.exe
SHA-256 Hash: 74f9dc35fc9f5ab02e46843e8ccf569478961ea58dc2655690516199c1eab928
which PAN-OS 8.0.7 is flagging as Virus/Win32.WGeneric.tphtk(214705593)
I didn't spot anything in release notes for 8.0.7+ that
11-13-2018 02:43 PM
Hello,
We occasionally also see this type of behavior. Its just how the PAN see's the files and it creates a false positive. The best thing to do is create a support ticket so they can get more info and correct the signatures.
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
