Zemana False Positive Report Thread

Discussion in 'Zemana' started by Tornado, Jan 24, 2016.

  1. Mops21

    Mops21 Level 22
    Trusted

    Oct 25, 2014
    1,131
    2,502
    Hi

    I have 1 File for you for check

    Security Center Disabled
    Status : Gescannt
    Object : HKLM\SYSTEM\CurrentControlSet\services\wscsvc\Start
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Verdächtige Einstellung
    Cleaning Action : Reparieren
    Related Objects :
    Registry Eintrag - HKLM\SYSTEM\CurrentControlSet\services\wscsvc\Start = 4

    With best Regards
    Mops21
     

    Attached Files:

    Der.Reisende likes this.
  2. Der.Reisende

    Der.Reisende Level 32
    Trusted AV Tester

    Dec 27, 2014
    2,198
    23,503
    Tax Officer
    Germany
    Windows 10
    Quick Heal
    Sorry for my late reply, however I still have the issue.

    From a today's test:
    2nd_opinion.JPG
     
    frogboy and silversurfer like this.
  3. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,734
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    It is fixed now.
     
    silversurfer, XhenEd and Der.Reisende like this.
  4. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,734
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    This isn't a false positive. It is a potentially unwanted modification sometimes made by malware. If you personally set this setting, you can exclude it.
     
    XhenEd and Der.Reisende like this.
  5. Mops21

    Mops21 Level 22
    Trusted

    Oct 25, 2014
    1,131
    2,502
    Ah okay thank you very much for your info, but why I have this now and not earlier this some Versions ago

    With best Regards
    Mops21
     
    Der.Reisende likes this.
  6. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,734
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    This option was introduced on stable release from 23rd November.
     
    Der.Reisende likes this.
  7. Mops21

    Mops21 Level 22
    Trusted

    Oct 25, 2014
    1,131
    2,502
    Hi

    Yes, but I do not see this on the Changelog Site. I have contacted the Zemana Support for this. I will get Back then i have an andere from them

    Zemana - AntiMalware and AntiLogger Protection

    Zemana AntiMalware 2.70.2.25

    Wednesday, November 23, 2016 10:40 AM
    • This is the stable release of the previous BETA version (2.70.1.25)
    Zemana AntiMalware 2.70.1.25 Beta

    Tuesday, November 22, 2016 12:42 PM
    • Improved cleaner.
    • Other minor improvements and fixes.
    With best Regards
    Mops21
     
    _CyberGhosT_ and Der.Reisende like this.
  8. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,734
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    There is no need to contact support. I created this detection.
     
    Der.Reisende likes this.
  9. Mops21

    Mops21 Level 22
    Trusted

    Oct 25, 2014
    1,131
    2,502
    Ah okay thank you very much for your Info

    With best Regards
    Mops21
     
  10. davisd

    davisd Level 9

    Feb 2, 2016
    404
    4,594
    Latvia
    Windows 10
    G-Data
    Why Browser JSGuard extension is detected as PUA? It's legit.

    Browser JSGuard

    Browser_JSGuard.PNG Zemana.PNG
     
    frogboy likes this.
  11. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,734
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    Yes, this was a false detection, please confirm it is no longer detected.
     
    davisd likes this.
  12. davisd

    davisd Level 9

    Feb 2, 2016
    404
    4,594
    Latvia
    Windows 10
    G-Data
    Confirmed. Thanks for a fast response.
     
  13. WinXPert

    WinXPert Level 23
    Trusted AV Tester

    Jan 9, 2013
    1,298
    4,725
    Graphic Artist
    Manila
    Windows 7
    Emsisoft
    Here are some programs I have installed that are flagged by ZAM

    YTD Video Downloader 5.8.2.1 (ytd.exe)
    MD5: 53FAFEDCC195E2A50B45997EED6EDB88

    KnowBe4 Ran Sim 1.0.2.4 (RanSimSetup.exe)
    MD5: 6bf1b9589f41ff4108d114915f5a61c4

    USB Guardian 3.9.0.0 (usb-guardian-setup.exe)
    MD5: e0a541e0d9f7ccf195d8222c521ad591
     
  14. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,734
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
  15. Lord Ami

    Lord Ami Level 15
    Trusted AV Tester

    Sep 14, 2014
    733
    8,373
    Estonia
    Avast Web/Mail Shield Root
    Status : Scanned
    Object : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F9454AAA90B14EF80C495649B5512087426CAE4E\Blob
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Root CA
    Cleaning Action : Exclude
    Related Objects :
    Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F9454AAA90B14EF80C495649B5512087426CAE4E\Blob = 190000000100000010000000B6741A37045CDDB96B7D989290BDE40D0F00000001000000200000001C3A2AA592C58E225D98BFECE7723CB1F3CD7EDA1C74046F7F653130DEC66802030000000100000014000000F9454AAA90B14EF80C495649B5512087426CAE4E14000000010000001400000074C417CC7E09EC651E32F547497F857213BC6B1820000000010000000704000030820403308202EBA0030201020210773CCA941F71F040BB18044CE75F1298300D06092A864886F70D01010B0500308181313A3038060355040B0C3167656E65726174656420627920417661737420416E7469766972757320666F722053534C2F544C53207363616E6E696E67311E301C060355040A0C154176617374205765622F4D61696C20536869656C643123302106035504030C1A4176617374205765622F4D61696C20536869656C6420526F6F74301E170D3130303130313132303030305A170D3430303130313132303030305A308181313A3038060355040B0C3167656E65726174656420627920417661737420416E7469766972757320666F722053534C2F544C53207363616E6E696E67311E301C060355040A0C154176617374205765622F4D61696C20536869656C643123302106035504030C1A4176617374205765622F4D61696C20536869656C6420526F6F7430820122300D06092A864886F70D01010105000382010F003082010A0282010100C61FC5E2275C75D6791E680C069AB38348D7EFDE54A42BC3AD70AF77F422A9C10B2F1CA9C2450EA946F557AFFEF28AF8B6CAF86E907FBE61971075A4B23401B3CBA2B8F3128FC48DFBAAC7327F9DE0CB0BB7BB0D193FADC93420C1F66E240C56722BA59F878FB9C3C582D8F2FEC230EED99117B44F1A7A5F53FD006D791A596D2F0E426B4FFF88C4C04F64521EDB736A6DEF842E9FD16FDC757C4604557DDC07F9A8B35F87F7CEF6E2AD153F5C32C36B74663723F5ECAED2291251A45F0E9E175B91E6293690A8CEDC23D2E0511D1EA20CB0A58D974311FF60C033AEFF81BAD3DFE142CE26BCBEC5A67B68E97C142DA60D8A174A46495DFDE1B4E415F4E3703D0203010001A3753073300F0603551D13040830060101FF020100300B0603551D0F04040302020430130603551D25040C300A06082B06010505070301301D0603551D0E0416041474C417CC7E09EC651E32F547497F857213BC6B18301F0603551D2304183016801474C417CC7E09EC651E32F547497F857213BC6B18300D06092A864886F70D01010B05000382010100340F695C2477F744A20FDEDB231D6C16A29AB34606F72BFBC9E340F1D54F53D45DFAF1556641D02E229A128EF27A86FE6E8B12E4378AC37F24C0831D64C9F41F47DE60209BA5080DE0747C8C061A3F87D88DC40525C36FF25CC647900A056CA99950F8F321A06F25491B536EC0AF0510B825679B319935247CB7176863548F173961EC20041D51E79FDAE9A3AE40018ADC68D86E2A1F94B368DDD6F05F1BA41DEF161D4FEB68FF56F95AEC278492FF36150A33916D34AF3BC64A3309D860FF13438B34F85A006976A465C1DAAE006BA7AFBC96A8DD228A7AD2065FDEC50386CBF08937594C70C1138DA30F62EC65B6EDEE5C27E6854280FC3F1E2FAE4A893BF4

    Firefox Search
    Status : Scanned
    Object : ƕigekeelsussƵnaraamat - EKI.ee - Eesti Keele Instituut
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Exclude
    Related Objects :
    Browser Setting - Firefox Search

    Firefox Search
    Status : Scanned
    Object : ƕigekeelsussƵnaraamat - EKI.ee - Eesti Keele Instituut
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Exclude
    Related Objects :
    Browser Setting - Firefox Search

    Firefox Search
    Status : Scanned
    Object : Osta - Oksjonid, kuulutused ja eripakkumised - enam pakkumisi - Osta.ee
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Firefox Search

    Avast root CA. Also some pre-set Estonian search providers in Firefox (came with original install).
     
  16. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,734
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    @Lord Ami

    Yes, that is a problem. Right now you can exclude them.
     
    _CyberGhosT_ and Lord Ami like this.
  17. LiteManager

    LiteManager Level 1
    Developer

    Mar 13, 2017
    8
    26
    Russia
    Windows 10
    Avast
    LiteManager False positive report
    File
    http://litemanager.com/soft/pro/ROMServer.zip
    http://litemanager.com/soft/litemanager_4.8.zip

    I am developer of LiteManager it is a legal remote control software, it is similar to TeamViewer. We have very friendly and safety interface. Our software is not virus or spy.
    We don't have special secret functions all code is clear. Please remove us from virus (malware software).

    When you run ROMServer.exe you can see License agreement window, User must accept it otherwise litemanager will not be running.

    Our site LiteManager - unattended remote access software and support tools.

    [​IMG]
     
    KevinYu0504 and RXZ6Q like this.
  18. deemanthax

    deemanthax Level 1

    Dec 13, 2016
    19
    50
    Colombo
    Windows 10
    Emsisoft
    im new to zemana and malwaretips i think this is the right place to post this..
    adware ad block
     

    Attached Files:

    • zal.PNG
      zal.PNG
      File size:
      61.9 KB
      Views:
      99
  19. Ayman A R

    Ayman A R New Member

    Jun 12, 2017
    1
    0
    Egypt
  20. KevinYu0504

    KevinYu0504 Level 3

    Mar 10, 2017
    129
    291
    Taiwan
    Windows 10
    Emsisoft
    No , but ususally @TwinHeadedEagle will come here and take a look ,
    he is working in Zemana ( if i do not make mistake) .
    if the issue is confirm , than he will help to report to Zemana official .

    If him do not response , you can send a message to him :)
     
    frogboy likes this.
Loading...