Anti-Malware False-positive or Real?

124

All Replies

  • atilla
    atilla Posts: 2  Freshman Member
    First Comment First Anniversary

    same here, ATP500.

    Application.SystemInformer.2b5a37bd

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 892  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments

    Dear Customer,

    We have removed this pattern. Please kindly wait the next signature 0515 and check if the false alarm stop.

    Thank you

  • OTADMIN
    OTADMIN Posts: 15  Freshman Member
    First Comment Friend Collector Fourth Anniversary

    Hey, here also a lot of pc's who give that message.

    We use pdq to update our computers, and find out that al the pc's that give the messages have Firefox 113.0.1 installed this morging.

    So probably it has something todo with this update.

  • ChipConnJohn
    ChipConnJohn Posts: 44  Freshman Member
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula First Comment Fourth Anniversary

    I'm getting Application.SystemInformer.2b5a37bd alerts too. ATP200.

    Seriously, Zyxel. You need a better system of removing these false positives. I've been jumping through hoops for a week and a half trying to get the MSILHeracles worked out with you. It's like you have no internal testing and wait for problems to happen to the users, then take a week+ to resolve the issue. I can't continue to use your products with that model. I don't have time.

  • BCC
    BCC Posts: 6  Freshman Member
    First Comment Friend Collector Fifth Anniversary

    I am also becoming more and more frustrating. With all false-positives the CDR functionality to block devices when detection occurs is rendered useless.

    To make it even more frustrated, for the last few days we are facing multiple clients with DNS Reputation filtering blocking SharePoint addresses.

  • itariant
    itariant Posts: 18  Freshman Member
    First Comment Sixth Anniversary

    I agree with 'TheSecondComing', we can't go on with this constant bugs, firmware, false positives, security concerned and angry customers

  • NexusGR
    NexusGR Posts: 2
    First Comment First Anniversary
    edited May 2023

    I have the same issues with various clients (Virus:Gen.Variant.MSILHeracles.da651960 / Application.SystemInformer.2b5a37bd)
    As TheSecondComing mentioned, it is extremely frustrating and time-consuming, not to mention costly.

    Constant problems with new firmwares/signatures.
    I have completely disabled automatic firmware updates and CDR everywhere now.
    I am giving up on features that may have theoretical benefits but only cause problems in practice. I have clients who are already considering switching to another manufacturer because it's so annoying.

  • And yet here we are again on another one. Hello??

    Virus infected SSI:N Type:Anti-Malware Signature Virus:Gen.Variant.Zusy.ce59f0e9 File:windows-kb890830-v5.113_4882065cf19b9df1c0e0e29faeea6fdfded9218 Protocol:HTTP

  • LucaPapaleo
    LucaPapaleo Posts: 13  Freshman Member
    Network Detective-New Adventure Badge First Comment Seventh Anniversary

    Yes for me the same

    Again a lot of false positive…

    Please really fix it, now!

    Luca