Avast report file as false positive5/25/2023 ![]() ![]() In the Microsoft 365 Defender portal at, go to the Action center by selecting Action center.In the Action center, you can see remediation actions that were taken and potentially undo the action. Move the message to the user's Deleted Items folderįind and investigate malicious email that was delivered in Office 365Īn email message or a file was quarantined.ScenarioĪn email message was routed to a user's Junk Email folder With Threat Explorer, your security operations team can find an email affected by an action and potentially undo the action. Make sure you have the necessary permissions before attempting to perform the following tasks. You can either use Threat Explorer or the Actions tab for an investigation to undo an action. In most cases, if a remediation action was taken on an email message, email attachment, or URL, and the item is actually not a threat, your security operations team can undo the remediation action and take steps to prevent the false positive from recurring. If your organization is using Microsoft Defender for Endpoint in addition to Office 365, and a file, IP address, URL, or domain is treated as malware on a device, even though it's safe, you can create a custom indicator with an "Allow" action for your device. If an alert is triggered by legitimate use, or the alert is inaccurate, you can Manage alerts in the Defender for Cloud Apps portal. Adjust an alert to prevent false positives from recurring You can also Submit a file to Microsoft for malware analysis. If AIR in Microsoft Defender for Office 365 missed an email message, an email attachment, a URL in an email message, or a URL in an Office file, you can submit suspected spam, phish, URLs, and files to Microsoft for Office 365 scanning. Report a false positive/negative to Microsoft for analysis Undoing remediation actions that were taken.Reporting a false positive/negative to Microsoft.If automated investigation and response (AIR) capabilities in Office 365 missed or wrongly detected something, there are steps your security operations team can take to fix it. Microsoft Defender for Office 365 plan 2.Learn about who can sign up and trial terms here. Thanks in advance for your help.Did you know you can try the features in Microsoft 365 Defender for Office 365 Plan 2 for free? Use the 90-day Defender for Office 365 trial at the Microsoft 365 Defender portal trials hub. I've looked in the Avast Help file for information about false positives, but I found nothing about how to report them. I think at one point, perhaps when I was moving the file to the Chest, there was something I could click on for reporting a false positive. However, I have no idea how to report this to Avast. I thus think it's likely to be a false positive. After Avast flagged it, I scanned it with Malwarebytes Anti-Malware and with SpyBot, and neither of them found a problem. Also, the file that was supposedly infected has been on my computer for quite a long time, and no scans with any other anti-virus or anti-malware programs ever found it problematic. It is a very reliable program from a very reliable source. ![]() The odd thing is that it was found in the setup file for an old version of HyperSnap, a screen-capture program I have used in its many versions for quite a few years. In my first scan (two days ago), Avast claimed to find a trojan (Win32:Trojan-gen.
0 Comments
Leave a Reply. |