
Meraki marks Windows store/updates with a false positive - aphextim
https://community.meraki.com/t5/Security-SD-WAN/W32-779C90C974-100-SBX-TG-ArchiveFile-Disposition-Changed/td-p/56215
======
aphextim
>Just Got off the phone with Meraki Support.

>Representative said that it was a False Positive and AMP was blocking windows
updates. Engineering was working to get it resolved. I had already opened a
ticket so he posted the below information to the ticket and said the ticket
would be updated when engineering had more information.

PROBLEMS DISCUSSED: AMP blocking Windows update.

ACTIONS TAKEN: File in question: W32.779C90C974-100.SBX.TG

NEXT STEPS: Further investigate this malicious activity. Keep the customer
posted with updates.

>Only 480 events in the last hour from my network on the first email. I called
support and they were about worthless until I got to the supervisor. I also
emailed my sales person and the vendor I purchase it through.

VirusTotal Scan -
[https://www.virustotal.com/gui/file/779c90c974a4f1d927070cbf...](https://www.virustotal.com/gui/file/779c90c974a4f1d927070cbff0d17f5d1daf7bd631603530a408c15ba7bd534b/detection)

