Anti-Malware False-positive or Real?

245

All Replies

  • MassimoRiva
    MassimoRiva Posts: 8  Freshman Member
    First Comment Nebula Gratitude Fourth Anniversary

    hi, I have updated the signature but the problem still persist with other king of file. I send you my screenshot.

    thank you.

  • MBS
    MBS Posts: 3
    First Comment Second Anniversary

    I have the same, ATP100:

    warn anti-virus FILE DESTROY

    Virus infected SSI:N Type:Anti-Malware Signature Virus:Gen.Variant.MSILHeracles.da651960 File:AD2F1837.HPPrinterControl_145.1.1083.0_neutral_~_v10z8vjag6ke6. Protocol:HTTP

    I have uninstalled the HP update for printers and the problem ends

  • PhilippeBkk
    PhilippeBkk Posts: 13  Freshman Member
    First Comment Friend Collector Fourth Anniversary

    No matter how many time trying to update, Tread intelligence MAchine Learning remain very much outdated…. 2017…


  • MassimoRiva
    MassimoRiva Posts: 8  Freshman Member
    First Comment Nebula Gratitude Fourth Anniversary

    hi to all the problem seems to be solved after the saturday signature update.

    regards.

  • LucaPapaleo
    LucaPapaleo Posts: 13  Freshman Member
    First Comment Seventh Anniversary

    Hello,

    I've tryed again to update signature, but I still have the problem.

    Attaching: signature update, signature release, firmware release and log.

    Now it's too much day with this problem!

    Please solve

    Luca

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,230  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Dear all users,

    We are currently investigating the problem. Please add the File Pattern "AD2F1837.HPPrinterControl*" on the Allow list in your Anti-Malware settings:

    Here is the on-premise firewall setting:

    Here is the Nebula firewall setting:

    We will provide an update as soon as we have more progress. Thank you for your patience.


    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community

  • LucaPapaleo
    LucaPapaleo Posts: 13  Freshman Member
    First Comment Seventh Anniversary

    Hello,

    once you've provided fix it would be better to remove this exclusion?

    Just to keep trace about the settings (300 firewall to manage!)

    Thanks

    Luca

  • KS1983
    KS1983 Posts: 2
    First Comment

    I agree with LucaPapaleo, I think it would be better to delete the whitelist entry after your fix. Please confirm.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,230  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Hi @LucaPapaleo and @KS1983

    Many thanks for your update. Currently, we are fixing it now. Adding the issued file pattern to the allow list should be a temporary workaround solution, so you can add this file pattern on the site that has this false positive detection and maybe won't add it to every managed firewall. Really appreciate your patience so far. Thanks.


    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community

Security Highlight