Problem Gen.Variant.Razy.94959ce4

Infosetel2020
Infosetel2020 Posts: 21  ZCNE Certified
Zyxel Certified Network Administrator - Security First Comment Friend Collector Fourth Anniversary
Hello,

I have a Zyxel ATP800. We have been detecting this variant of the Variant.Razy malware since March 28, 2022.

What we have detected is that since that date, the Bitdefender antivirus protection cannot download the signatures.

Could it be because it is a false positive?

Awaiting reply

Thanks,

All Replies

  • mMontana
    mMontana Posts: 1,389  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    Could it be because it is a false positive?
    IMVHO yes, it could. Unfortunately I don't know what data to send to who (Zyxel? McAfee?) and how.
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,396  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Please provide the following information.
    1. Virus Name and Hash
    Go to MONITOR > Security Statistics > Anti-Malware and provide the screen shot of the blocked Virus Name and Hash.
    Example: 


    2. File Destroy Log
    Go to MONITOR > Log > View Log > Anti-Malware and provide file destroy log with virus name and file name. 
    Example: 
    virus_name="Malicious Virus" file_name="swhealthex2.x64.dll" match_rule_number="11" action="FILE DESTROY"

    See how you've made an impact in Zyxel Community this year!
    https://bit.ly/Your2024Moments_Community

  • Infosetel2020
    Infosetel2020 Posts: 21  ZCNE Certified
    Zyxel Certified Network Administrator - Security First Comment Friend Collector Fourth Anniversary

    This is the capture of the information:



    Awaiting reply,

    Thank you,

    Juan Antonio
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,396  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Do you have File Destroy Log of Gen.Variant.Razy.94959ce4?
    Go to MONITOR > Log > View Log > Anti-Malware and provide file destroy log with virus name and file name. 
    Example: 
    virus_name="Malicious Virus" file_name="swhealthex2.x64.dll" match_rule_number="11" action="FILE DESTROY"

    See how you've made an impact in Zyxel Community this year!
    https://bit.ly/Your2024Moments_Community

Security Highlight