Problem Gen.Variant.Razy.94959ce4

Infosetel2020
Infosetel2020 Posts: 21  ZCNE Certified
First Anniversary ZCNE Security Level 1 Certification - 2019 ZCNE Nebula Level 1 Certification - 2019 10 Comments
Hello,

I have a Zyxel ATP800. We have been detecting this variant of the Variant.Razy malware since March 28, 2022.

What we have detected is that since that date, the Bitdefender antivirus protection cannot download the signatures.

Could it be because it is a false positive?

Awaiting reply

Thanks,

All Replies

  • mMontana
    mMontana Posts: 1,298  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Could it be because it is a false positive?
    IMVHO yes, it could. Unfortunately I don't know what data to send to who (Zyxel? McAfee?) and how.
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,280  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Please provide the following information.
    1. Virus Name and Hash
    Go to MONITOR > Security Statistics > Anti-Malware and provide the screen shot of the blocked Virus Name and Hash.
    Example: 


    2. File Destroy Log
    Go to MONITOR > Log > View Log > Anti-Malware and provide file destroy log with virus name and file name. 
    Example: 
    virus_name="Malicious Virus" file_name="swhealthex2.x64.dll" match_rule_number="11" action="FILE DESTROY"
  • Infosetel2020
    Infosetel2020 Posts: 21  ZCNE Certified
    First Anniversary ZCNE Security Level 1 Certification - 2019 ZCNE Nebula Level 1 Certification - 2019 10 Comments

    This is the capture of the information:



    Awaiting reply,

    Thank you,

    Juan Antonio
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,280  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Do you have File Destroy Log of Gen.Variant.Razy.94959ce4?
    Go to MONITOR > Log > View Log > Anti-Malware and provide file destroy log with virus name and file name. 
    Example: 
    virus_name="Malicious Virus" file_name="swhealthex2.x64.dll" match_rule_number="11" action="FILE DESTROY"

Security Highlight