New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


Threat/virus found in traffic between client and server

Votes:

0

Your Vote:

Up

Down

Good morning!

Today I had some issues with opening the PRTG user interface and after upgrading both the windows server and PRTG Core server I still had issues. I then checked our firewall logs and see that some of the traffic between my computer and the core server is blocked due to a virus in the file beeing requested.

We are using Palo Alto Networks as our firewall and filter, and this is the system that detected this and is blocking the traffic.

Here are the details from the firewall: Threat Type: virus Threat Name: BADJOKE/JS.RJUMP.s ID: 90859973 (https://threatvault.paloaltonetworks.com/?query=90859973) Category: unknown Content Version: Antivirus-2911-3421 Severity: medium Repeat Count: 1 File Name: prtgmini.css UR: Pcap ID: 0

Of course this could be a error in the antivirus definitions file that where downloaded recently to the firewall, or it could actually be something fishy in the prtgmini.css.

Any suggestions?

antivirus firewall prtg

Created on Mar 9, 2019 9:04:55 AM by  tkirkeleit (0) 1



1 Reply

Votes:

0

Your Vote:

Up

Down

Hi there,

Could you upload your "prtgmini.css", located on the Core under "C:\Program Files (x86)\PRTG Network Monitor\webroot\css\", on VirusTotal, just to check if they detect this as well?
https://www.virustotal.com/

What I really wonder about is, why does PaloAlto detect a JavaScript worm in a CSS file? This might be a false-positive on PaloAltos side.

Best regards.

Created on Mar 11, 2019 8:15:13 AM by  Dariusz Gorka [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.