ATP100 - Anti-Malware - False Positive?
Hi,
the CDR feature of the ATP100 generated many e-mails regarding Malware from different Client computers. All client IP adresses are clients with McAfee/Trellix antivirus installed.
The log entry from the ATP100 is this:
Virus infected SSI:N Type:Anti-Malware Signature Virus:DeepScan.Generic.64beffbe File:McAfee_Common_x64.msi Protocol:HTTP
When I remember correctly the engine used for Anti-Malware on the ATP is McAfee.
So the McAfee engine founds a virus in a McAfee file. Interesting!
Is there a place where I can submit this false positive to Zyxel or McAfee?
Thanks.
the CDR feature of the ATP100 generated many e-mails regarding Malware from different Client computers. All client IP adresses are clients with McAfee/Trellix antivirus installed.
The log entry from the ATP100 is this:
Virus infected SSI:N Type:Anti-Malware Signature Virus:DeepScan.Generic.64beffbe File:McAfee_Common_x64.msi Protocol:HTTP
When I remember correctly the engine used for Anti-Malware on the ATP is McAfee.
So the McAfee engine founds a virus in a McAfee file. Interesting!
Is there a place where I can submit this false positive to Zyxel or McAfee?
Thanks.
0
All Replies
-
Hi @e_mano_e,
McAfee is content filter service. As for Anti-malware, it is Bitdefender.
Will this log trigger every time when update McAfee/Trellix antivirus?
Could you share the McAfee/Trellix antivirus version information ?0 -
@Zyxel_Cooldia
McAfee shows version numbers for each module installed.
McAfee Data Exchange Layer: Version 6.0.3.646
McAfee Agent: Version 5.7.6.251
McAfee DLP Endpoint: Version 11.6.500.172
McAfee Client Proxy: Version 4.4.056
McAfee Endpoint Security Plattform: Version 10.7.0.3460
McAfee Adaptiver Bedrohungsschutz: Version 10.7.0.3590
McAfee Bedrohungsschutz: Version 10.7.0.3497
This log entry seems to be created once per day.
I've just got another customer call complaining about many CDR emails from the ATP100.
Yesterday it was another customer. Also in the morning (here in Germany).
0 -
0
Categories
- 6.9K All Categories
- 2 Education Center
- 1.4K Nebula
- 34 Nebula Ideas
- 40 Nebula Status and Incidents
- 3.9K Security
- 203 Security Ideas
- 751 Switch
- 31 Switch Ideas
- 631 WirelessLAN
- 10 WLAN Ideas
- 4.6K Consumer Product
- 105 Service & License
- 223 News and Release
- 39 Security Advisories
- 522 FAQ
- 239 Nebula FAQ
- 121 Security FAQ
- 73 Switch FAQ
- 67 WirelessLAN FAQ
- 6 Consumer Product FAQ
- Documents
- 30 Nebula Monthly Express
- 44 About Community
- 32 Security Highlight