Is anyone else having problems with DOC files being flagged as malicious when they should not be and quarantined? I had 1000’s of files quarantined on a file server that had to be restored back to the original location. Not quite the way I wanted to spend a Monday morning.
@jeff.copeland , there was a problem with an AV signature which is no longer in operation, but you should be able to restore them from the quarantine.
Most of them I could restore but not all of them. For some of them (and the trick was finding them), I had to restore them from a backup. I think it was an issue with synchronous vs. async lookup of the file rating and trying to do a restore after that. Fortunately, you are addressing that in the March release!! Yay! Thanks for the quick response. I also sent in a ticket. That can be closed. Have a great day!
I have the same problem, all of the file extension end with .doc|CompObj
I am having the same problem. 13,000+ files flagged with the Malware@#2v7s4j65s7vxq signature. Only about a dozen files quarantined though. Has anyone been able to validate this as erroneous and remove the files from the malware list?
I reported this yesterday, there was a problem with this AV signature which is no longer in operation.
I know but I was looking for official documentation on this error something other than a forum question.
Also having this issue with hundreds of .doc files with that Malware@#2v7s4j65s7vxq signature. I sent a ticket to support.
Follow-up post from support, hopefully this helps others that stumble upon this thread:
“In regards to your query, the signature Malware@#2v7s4j65s7vxq was removed from our Antivirus Database in 34415 version, files would not be detected as malicious anymore. Just in case you want to restore as soon as possible and make sure that no files left in quarantine, please, feel free to reschedule the quarantine scan(which is scheduled by default to run once in 24 hours) so each of the quarantined files will receive a new rating, and in case it’s not malicious, files will be restored from every system. To reschedule the scan, please, navigate to Configuration Templates => Profiles => Select needed profiles which is applied to your systems => Antivirus => Scans => Quarantined Files scan => Edit => Schedule => Apply needed changes and press ok => Save Antivirus tab changes, and wait for updated profile being delivered to systems.”