- Malware Service Request:
You open the Service Request through the Technical Support ServicePortal and a Technical Support Engineer (TSE) is assigned. All updates and communications flow through the TSE. This type of Service Request is suited when you need timely updates and prefer human interaction.
Use this method for the following:- Active malware infection in the customer's environment
- Clean failures, where malware is detected and deleted, but some Indicators of Compromise remain on the system following a reboot
- Remnants left behind (registry entries, files left on disk)
- Virus Information Library (VIL) requests (with a sample)
- Product countermeasures
- Behavioral analysis
- False detections
- Detection failures that automation is unable to resolve or that are impacting business
- Labs or Automation Service Request:
For this type of malware submission, you can submit the sample through the Submit a sample option in the ServicePortal. This option submits the sample and creates a Service Request. This method is completely automation driven and no additional information is needed. But, automation doesn't handle false positives. If you need to check for detection failure and don't want any human interactions, or the issue isn't urgent or business impacting, you can opt for this method.
Use this method for the following:- Large sample batches (10 or more samples that need analysis)
- Collections from automated perimeter devices
- Detection failures with no business impact or that aren't an active outbreak or urgent issue
- Unknown files (is this malicious?) with no business impact or that are not an active outbreak or urgent issue
Submit samples to Labs for suspected malware detection failure
Technical Articles ID:
KB68030
Last Modified: 5/4/2022
Last Modified: 5/4/2022
Affected Products
Languages:
This article is available in the following languages:
GermanEnglish United States
Spanish Spain
French
Italian
Japanese
Portuguese Brasileiro
Chinese Simplified