Gen.Variant.MSILHeracles.da651960 false positive?

Pedroj
Pedroj Posts: 56  Ally Member
First Comment Sixth Anniversary

Hi, I've started getting multiple malware notifications with this definition:
Gen.Variant.MSILHeracles.da651960
False positive? I don't see references about this malware in Zyxel.
Can you help me?

All Replies

  • [Deleted User]
    [Deleted User] Posts: 3  Freshman Member
    First Answer First Comment Friend Collector Third Anniversary

    Hi,

    If you have the hash for this potential malware, you can search for it here:

    https://threatintelligence.zyxel.com/malware

    Thanks!

  • Pedroj
    Pedroj Posts: 56  Ally Member
    First Comment Sixth Anniversary

    Hello, I don't have hash

  • itariant
    itariant Posts: 18  Freshman Member
    First Comment Sixth Anniversary

    Hello, on ATP500

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,251  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Dear all users,

    This problem should be same as this discussion:

    We are currently investigating the problem. Please add the File Pattern "AD2F1837.HPPrinterControl*" on the Allow list in your Anti-Malware settings:

    Here is the on-premise firewall setting:

    Here is the Nebula firewall setting:

    We will provide an update as soon as we have more progress. Thank you for your patience.


    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,251  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Dear all users,

    Thank you for your patience, and we apologize for any inconvenience caused. We are committed to improving the processing workflow for handling false-positive detections in the future. Additionally, we have made some corrections to the latest Anti-Malware signature. Therefore, we kindly request you to update the signature to the latest version (20230517) and verify whether the false-positive detection issue has been resolved. Once again, we appreciate your understanding and cooperation.


    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

Security Highlight