What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Threat/virus found in traffic between client and server

Votes:

1

Good morning!

Today I had some issues with opening the PRTG user interface and after upgrading both the windows server and PRTG Core server I still had issues. I then checked our firewall logs and see that some of the traffic between my computer and the core server is blocked due to a virus in the file beeing requested.

We are using Palo Alto Networks as our firewall and filter, and this is the system that detected this and is blocking the traffic.

Here are the details from the firewall: Threat Type: virus Threat Name: BADJOKE/JS.RJUMP.s ID: 90859973 (https://threatvault.paloaltonetworks.com/?query=90859973) Category: unknown Content Version: Antivirus-2911-3421 Severity: medium Repeat Count: 1 File Name: prtgmini.css UR: Pcap ID: 0

Of course this could be a error in the antivirus definitions file that where downloaded recently to the firewall, or it could actually be something fishy in the prtgmini.css.

Any suggestions?

antivirus firewall prtg

Created on Mar 9, 2019 9:04:55 AM



1 Reply

Votes:

0

Hi there,

Could you upload your "prtgmini.css", located on the Core under "C:\Program Files (x86)\PRTG Network Monitor\webroot\css\", on VirusTotal, just to check if they detect this as well?
https://www.virustotal.com/

What I really wonder about is, why does PaloAlto detect a JavaScript worm in a CSS file? This might be a false-positive on PaloAltos side.

Best regards.

Created on Mar 11, 2019 8:15:13 AM by Dariusz Gorka [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.