Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Gateway Anti-Virus Alert: (Cloud Id: 75472724) Ramnit.W (Trojan) - False Positive?

greenstarthreegreenstarthree Newbie ✭
in Firewall Security Services

Starting this morning we have a high number of Gateway Antivirus alerts apparently due to Cloud Id: 75472724 Ramnit.W (Trojan).

These seem to be generated by our Windows clients and are logged with IP addresses that seem to resolve to Akamai CDNs. For example:

2.19.252.217

2.19.252.219

87.248.204.0

2.22.144.73

2.22.144.81

Antivirus scan on the clients reports no infection. We believe these are false positives perhaps related to Windows Update CDNs or Defender EDR reporting etc.

Please would anyone from Sonicwall or the community be able to confirm this?
Thanks!

Category: Firewall Security Services
Reply
Sign In or Register to comment.