When attempting to scan devices with PDQ Inventory, SonicWall prevents the scan with a Trojan warning, which is a false positive.
Troubleshooting
Attempting to scan devices will result in any of the following outcomes:
- The scan times out.
- No scan results are returned back to PDQ Inventory.
- Scans fail with the "Failed to copy file to target" error.
- Scans fail with the "ReturnCode cannot be null" error.
When reviewing the Service.log (\\target-pc\ADMIN$\AdminArsenal\PDQInventory-Scanner\Service.Log
) file from the scan, the log shows no indication that the PDQInventoryScanner.exe process gets created.
Resolution
Add exclusions to the SonicWall Cloud Gateway Anti-Virus. The Cloud AV Signature IDs listed below are those we have identified from past encounters with this behavior. However, the specific Cloud AV Signature ID that needs to be excluded will depend on the version of PDQ Inventory in use.
Known Cloud AV Signature IDs:
- 79714297
- 84529750
The linked external documentation from SonicWall explains how these exclusions can implemented.
Features and Enabling of Cloud Gateway Anti-Virus | SonicWall
How can I add a file to Cloud AV DB Exclusion list based on its cloud-signature? | SonicWall