False positive - SonicWall flagging PDQ Deploy as Malware or Trojan

When attempting to download PDQ Deploy SonicWall prevents the download with a Trojan warning.

This is a false positive. SonicWall has documented the following workaround.


If you are experiencing a false positive against any of the GAV signatures, you have a couple of options depending on the urgency to complete the communication that is proving problematic.

  1. You can disable the signature in question by searching for the signature string on the Security Services > Gateway Anti-Virus configuration screen and unchecking the "enable" box next to that particular signature.
  2. Using System > Packet Capture gather both a libpcap and html version of the problematic traffic. Submit the packet captures, a TSR and exp file to SonicWALL technical support for review. We will work to redesign the signature or disable the signature globally if proves to be an issue for many of our customers.
Was this article helpful?
Still have a question or want to share what you have learned? Visit our Community Discord to get help and collaborate with others.