How to resolve Anti-Malware and Sandboxing false positive case
How to inspect whether the file is malicious or not?
You can upload the file which is detected as suspicious or malicious by Anti-Malware or Sandboxing to virustotal ( https://www.virustotal.com/gui/home/upload) to detect the file is malicious or not.
Once the detection result of the virustotal is clear, it means it could be a potentially false positive case.
How to resolve it temporarily?
For example, when executing the Windows update, two Windows.NET programs donet-runtime-3.1.31-win- and aspnetcore-runtime-3.1.31-win were detected as suspicious programs and dropped by the firewall so we cannot run the Windows update successfully.
Sandboxing false-positive case
There are two programs that were detected as suspicious programs by Sandboxing.
MD5 hash values of each file
Add those two files’ MD5 value to Allow List in Anti-Malware (Configuration > Security Service > Anti-Malware> Block/Allow List> Allow List) to let the program update can be completed temporarily and report this false-positive case to Zyxel.
Anti-Malware false-positive case
For example, a file called amupdate.exe is detected as a malicious file by Anti-Malware while the user is executing McAfee regular update.
Add the MD5 value of the file to Allow List in Anti-Malware (Configuration > Security Service > Anti-Malware> Block/Allow List> Allow List) to let the program update can be completed temporarily and report this false-positive case to Zyxel.
How to report the
false-positive case to Zyxel?
Please provide the following information to us:
(1). The screenshot of the Monitor Log, Security Statistics, or the dashboard which can display the file name and MD5 value.
(2). The screenshot of virustotal detection result.
(3). File name
(4). MD5 hash value
(5). File (such as .exe file)
(6). (If it’s an Anti-Malware false positive case...) What is the scan mode (Express, Stream, or Hybrid) and its signature version?
we confirm it’s indeed a false positive case and we will fix it.
- 7.7K All Categories
- 1.6K Nebula
- 53 Nebula Ideas
- 53 Nebula Status and Incidents
- 4.3K Security
- 215 Security Ideas
- 900 Switch
- 40 Switch Ideas
- 792 WirelessLAN
- 14 WLAN Ideas
- 5K Consumer Product
- 129 Service & License
- 260 News and Release
- 87 Success Stories
- 49 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Nebula Monthly Express
- 67 About Community
- 40 Security Highlight