Problem Gen.Variant.Razy.94959ce4

Infosetel2020
Infosetel2020 Posts: 8  ZCNE Certified
Hello,

I have a Zyxel ATP800. We have been detecting this variant of the Variant.Razy malware since March 28, 2022.

What we have detected is that since that date, the Bitdefender antivirus protection cannot download the signatures.

Could it be because it is a false positive?

Awaiting reply

Thanks,

All Replies

  • mMontana
    mMontana Posts: 642  Guru Member
    Could it be because it is a false positive?
    IMVHO yes, it could. Unfortunately I don't know what data to send to who (Zyxel? McAfee?) and how.
  • Zyxel_Emily
    Zyxel_Emily Posts: 896  Zyxel Employee
    Please provide the following information.
    1. Virus Name and Hash
    Go to MONITOR > Security Statistics > Anti-Malware and provide the screen shot of the blocked Virus Name and Hash.
    Example: 


    2. File Destroy Log
    Go to MONITOR > Log > View Log > Anti-Malware and provide file destroy log with virus name and file name. 
    Example: 
    virus_name="Malicious Virus" file_name="swhealthex2.x64.dll" match_rule_number="11" action="FILE DESTROY"
  • Infosetel2020
    Infosetel2020 Posts: 8  ZCNE Certified

    This is the capture of the information:



    Awaiting reply,

    Thank you,

    Juan Antonio
  • Zyxel_Emily
    Zyxel_Emily Posts: 896  Zyxel Employee
    Do you have File Destroy Log of Gen.Variant.Razy.94959ce4?
    Go to MONITOR > Log > View Log > Anti-Malware and provide file destroy log with virus name and file name. 
    Example: 
    virus_name="Malicious Virus" file_name="swhealthex2.x64.dll" match_rule_number="11" action="FILE DESTROY"

Security Highlight