False Positive: Virus/Win32.WGeneric.yeksq

Even we have recieved Virus/Win32.WGeneric.aahwee signature Threat ID: 2001455.

Any thoughts? 

Hi Himani,

Could you also check Virus/Win32.WGeneric.aahwee signature, Threat ID: 2001455 as we are getting to many alerts

This forum is for non-customers reporting WildFire verdict FP's on VirusTotal.

If you have an AV signature triggering as an FP in your firewall, please open a Support case.

Hi Team, 

Lately I have started seeing lots of  Threat Logs for Threat ID 406494039 which is for Virus/Win32.WGeneric.bcqcxs as per https://threatvault.paloaltonetworks.com/ however the hashes provided in the signature/threat ID definition i have checked in Virus Total and other hash file repuation check , these are not reported any where so i have few question

1)If the hashes (below mentioned )corresponding to which this threat is checking are not malicious in any way then why the alert is triggering ?

2) Since Palo alto is blocking these connection based on Threat ID and sending reset-both to client and server then why firewall resets the connection continuously i have seen 700+ logs  in less 11 hours so what this signifies some one was accessing the file continuously for 11 hours if not then why did firewall kept on sending reset-both for 11 hours ?

I would request you to please answer the above questions as soon as possible also i did not found a way to post a new question hence asking my questions here ..thanks 

Please provide an answer to the above questions ASAP. 

please create a new post and include the information requested in the pinned post.