Malware blocked


M400 v12.3.1

We received a blocked malware "Trojan.GenericKD.33018871" how do we check where did it come from or what internal/external ip address



  • Options

    If this was blocked by your firewall, then your firewall logs will show the source of it.
    Are you logging to Dimension, WSM Log Server or Watchguard Cloud ?
    If so, look there.
    The log message ID should be 1CFF000E or 1CFF-000E with a reason of "GAV Virus found"

  • Options

    Ok, will check. Thanks again Bruce!

  • Options

    Forgot to ask on the last message. How do you know the message ID codes? is there a reference table?

  • Options
    Yes - look on the Documents page
  • Options
    Log Catalog
  • Options

    Many thanks again Bruce!

Sign In to comment.