Help Center

Follow

False positive - SonicWall flagging PDQ Inventory as MalUAgent.MIP Trojan

When attempting to download PDQ Inventory SonicWall prevents the download with the MalUAgent.MIP Trojan warning. 

This is a false positive. SonicWall has documented the following workaround.

Question/Topic:

How do I resolve a false positive for Gateway Anti-Virus


Resolution/Workaround:

If you are experiencing a false positive against any of the GAV signatures, you have a couple of options depending on the urgency to complete the communication that is proving problematic.

  1. You can disable the signature in question by searching for the signature string on the Security Services > Gateway Anti-Virus configuration screen and unchecking the "enable" box next to that particular signature.
  2. Using System > Packet Capture gather both a libpcap and html version of the problematic traffic.  Submit the packet captures, a TSR and exp file to SonicWALL technical support for review.  We will work to redesign the signature or disable the signature globally if proves to be an issue for many of our customers.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

1 Comments

  • 0

    Or you can check the log for the blocked download and put the cloud id in for the download in the exclusion list. 

Article is closed for comments.