I have been receiving lately numerous alerts via GAV that it has been blocking Agent.FL Trojan.
Here is an example of one of the alerts:
12/19/2018 20:47:36 - 809 - Security Services - Alert - 65.206.58.141, 80, X1 - 192.168.2.101, 60716, X0 - Gateway Anti-Virus Alert: (Cloud Id: 68259406) Agent.FL (Trojan) blocked.
Far as I can tell, many of the target IPs are Google.com. The source IPs are various PC's and even servers on our network.
Now, I am fairly sure that no one is infected by anything, and I have a feeling these are false positives. But where I am lost, is what can I do to determine WHAT is triggering this error?
Thank you!