False Positive Anti-Malware (Avast Business Installer)

Dexta

Today we wanted to install the Avast Ultimate Business Client on one of our machines. The Online-Installer never finished, because the download got blocked by the firewall. Below you see screenshots from Secureporter and the Eventlog.

I hope this is the right way to report false positives. I could not find any offical form for this.

Kind regards,

Michael

Zyxel_Kay

Hi @Dexta

To resolve the issue with the Avast Business Installer being blocked, please add the MD5 value (5F195612384A48EA8408B4EDE9DC56BB) of the installer to your firewall's allow list.

For detailed guidance, please refer to this article:

https://community.zyxel.com/en/discussion/15174/how-to-resolve-anti-malware-and-sandboxing-false-positive-case

Dexta

Hi @Zyxel_Kay

Thank you. Do you also have a similar guide for Nebula devices? For example, as you see in my screenshots, there is no md5 hash. Where do i find it?

And in regards to report the false positive, see picture bellow. It ommits where to report.

Kind regard,
Michael

Zyxel_Kay

Hi @Dexta

To avoid false positive detections by Anti-Malware in the Nebula firewall, please add the file name to the Allow list of the Anti-Malware (path: Site-wide > Configure > Firewall > Security service). You can find the file name in your Nebula firewall event log. Based on the screenshot you provided, the file name is “5f195612-384a-48ea-8408-b4ede9dc56bb”.

For more details, please refer to this article:

[ATP/FLEX] How to avoid false positive detection by Anti-Malware in the Nebula firewall? — Zyxel Community

Additionally, thank you for bringing the information gap in the article to our attention. If you would like to report a false positive case, please contact Zyxel local support or raise a forum post in our Community. We have also updated the article to address this.