Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

False Positiv with Adobe "agshelper.exe or AGSService.exe" (Win32.WGeneric.ejwktt)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

False Positiv with Adobe "agshelper.exe or AGSService.exe" (Win32.WGeneric.ejwktt)

L1 Bithead

Hi Community,

 

We have many reports of a virus from the 2 Adobe files for a week now. According to me, however, this is a false positive. These files are legitimate from Adobe and are used for the license check.

The following signatures are used here:
- Virus/Win32.WGeneric.ejwktt -> 662126236
- Virus/Win32.WGeneric.ejvkip -> 660946525

 

Hashes:

a9f921e36b4d29670e83deae8afbbaa1c826599a674553c0c1bd03db29c20868

d17c24e3971960f5cd9bb7e36f6425162f8d7ce9174b33fe5c7094773b0ed8d1

 

Do you also have this?
and @palo, can you please check this and fix it if necessary?

 

regards

Rico

1 accepted solution

Accepted Solutions

Hello Rico,  Just make sure the case is routed to the Threat team.  
If you would like, you can send me the case# and I can make sure it is in the correct hands. 

View solution in original post

5 REPLIES 5

L5 Sessionator

Hello Rico,


This forum is for those that are NOT customers of Palo Alto Networks.  Please open a TAC case with the Threat team to discuss this issue further. 

Thank you!

Hello DaBone

 

Thanks for your answer.

I'm surprised this forum is only for non-customers, I thought this was for everyone and I can't imagine everyone on this forum not being Palo Alto customers.

My experience is that the community responds much quicker than Palo does to a TAC case, but then I'll try my luck there.

 

best regards

Rico

Hello Rico,  Just make sure the case is routed to the Threat team.  
If you would like, you can send me the case# and I can make sure it is in the correct hands. 

Hi DaBon,

its case number 03240472

regards, Rico

 

- we can "close" the topic

Hello Rico, 

I've taken ownership of the case.  I have just updated the case with my findings.  Let me know if you have any further questions.  We can use the case from here on out for communication. 

 

thank you!

  • 1 accepted solution
  • 3018 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!