Zemana False Positive Report Thread

Mops21

Level 24
Verified
Joined
Oct 25, 2014
Messages
1,328
Hi

I have 1 File for you for check

Security Center Disabled
Status : Gescannt
Object : HKLM\SYSTEM\CurrentControlSet\services\wscsvc\Start
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Verdächtige Einstellung
Cleaning Action : Reparieren
Related Objects :
Registry Eintrag - HKLM\SYSTEM\CurrentControlSet\services\wscsvc\Start = 4

With best Regards
Mops21
 

Attachments

Likes: Der.Reisende

TwinHeadedEagle

Removal Expert
MalwareTips Staff
Verified
Joined
Mar 8, 2013
Messages
22,359
OS
Windows 10
Antivirus
ESET
Hi

I have 1 File for you for check

Security Center Disabled
Status : Gescannt
Object : HKLM\SYSTEM\CurrentControlSet\services\wscsvc\Start
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Verdächtige Einstellung
Cleaning Action : Reparieren
Related Objects :
Registry Eintrag - HKLM\SYSTEM\CurrentControlSet\services\wscsvc\Start = 4

With best Regards
Mops21
This isn't a false positive. It is a potentially unwanted modification sometimes made by malware. If you personally set this setting, you can exclude it.
 

Mops21

Level 24
Verified
Joined
Oct 25, 2014
Messages
1,328
This option was introduced on stable release from 23rd November.
Hi

Yes, but I do not see this on the Changelog Site. I have contacted the Zemana Support for this. I will get Back then i have an andere from them

Zemana - AntiMalware and AntiLogger Protection

Zemana AntiMalware 2.70.2.25

Wednesday, November 23, 2016 10:40 AM
  • This is the stable release of the previous BETA version (2.70.1.25)
Zemana AntiMalware 2.70.1.25 Beta

Tuesday, November 22, 2016 12:42 PM
  • Improved cleaner.
  • Other minor improvements and fixes.
With best Regards
Mops21
 

WinXPert

Level 24
AV-Tester
Verified
Joined
Jan 9, 2013
Messages
1,354
OS
Windows 7
Antivirus
Qihoo 360
Here are some programs I have installed that are flagged by ZAM

YTD Video Downloader 5.8.2.1 (ytd.exe)
MD5: 53FAFEDCC195E2A50B45997EED6EDB88

KnowBe4 Ran Sim 1.0.2.4 (RanSimSetup.exe)
MD5: 6bf1b9589f41ff4108d114915f5a61c4

USB Guardian 3.9.0.0 (usb-guardian-setup.exe)
MD5: e0a541e0d9f7ccf195d8222c521ad591
 

TwinHeadedEagle

Removal Expert
MalwareTips Staff
Verified
Joined
Mar 8, 2013
Messages
22,359
OS
Windows 10
Antivirus
ESET

Lord Ami

Level 16
AV-Tester
Verified
Joined
Sep 14, 2014
Messages
782
Antivirus
F-Secure
Avast Web/Mail Shield Root
Status : Scanned
Object : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F9454AAA90B14EF80C495649B5512087426CAE4E\Blob
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Root CA
Cleaning Action : Exclude
Related Objects :
Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F9454AAA90B14EF80C495649B5512087426CAE4E\Blob = 190000000100000010000000B6741A37045CDDB96B7D989290BDE40D0F00000001000000200000001C3A2AA592C58E225D98BFECE7723CB1F3CD7EDA1C74046F7F653130DEC66802030000000100000014000000F9454AAA90B14EF80C495649B5512087426CAE4E14000000010000001400000074C417CC7E09EC651E32F547497F857213BC6B1820000000010000000704000030820403308202EBA0030201020210773CCA941F71F040BB18044CE75F1298300D06092A864886F70D01010B0500308181313A3038060355040B0C3167656E65726174656420627920417661737420416E7469766972757320666F722053534C2F544C53207363616E6E696E67311E301C060355040A0C154176617374205765622F4D61696C20536869656C643123302106035504030C1A4176617374205765622F4D61696C20536869656C6420526F6F74301E170D3130303130313132303030305A170D3430303130313132303030305A308181313A3038060355040B0C3167656E65726174656420627920417661737420416E7469766972757320666F722053534C2F544C53207363616E6E696E67311E301C060355040A0C154176617374205765622F4D61696C20536869656C643123302106035504030C1A4176617374205765622F4D61696C20536869656C6420526F6F7430820122300D06092A864886F70D01010105000382010F003082010A0282010100C61FC5E2275C75D6791E680C069AB38348D7EFDE54A42BC3AD70AF77F422A9C10B2F1CA9C2450EA946F557AFFEF28AF8B6CAF86E907FBE61971075A4B23401B3CBA2B8F3128FC48DFBAAC7327F9DE0CB0BB7BB0D193FADC93420C1F66E240C56722BA59F878FB9C3C582D8F2FEC230EED99117B44F1A7A5F53FD006D791A596D2F0E426B4FFF88C4C04F64521EDB736A6DEF842E9FD16FDC757C4604557DDC07F9A8B35F87F7CEF6E2AD153F5C32C36B74663723F5ECAED2291251A45F0E9E175B91E6293690A8CEDC23D2E0511D1EA20CB0A58D974311FF60C033AEFF81BAD3DFE142CE26BCBEC5A67B68E97C142DA60D8A174A46495DFDE1B4E415F4E3703D0203010001A3753073300F0603551D13040830060101FF020100300B0603551D0F04040302020430130603551D25040C300A06082B06010505070301301D0603551D0E0416041474C417CC7E09EC651E32F547497F857213BC6B18301F0603551D2304183016801474C417CC7E09EC651E32F547497F857213BC6B18300D06092A864886F70D01010B05000382010100340F695C2477F744A20FDEDB231D6C16A29AB34606F72BFBC9E340F1D54F53D45DFAF1556641D02E229A128EF27A86FE6E8B12E4378AC37F24C0831D64C9F41F47DE60209BA5080DE0747C8C061A3F87D88DC40525C36FF25CC647900A056CA99950F8F321A06F25491B536EC0AF0510B825679B319935247CB7176863548F173961EC20041D51E79FDAE9A3AE40018ADC68D86E2A1F94B368DDD6F05F1BA41DEF161D4FEB68FF56F95AEC278492FF36150A33916D34AF3BC64A3309D860FF13438B34F85A006976A465C1DAAE006BA7AFBC96A8DD228A7AD2065FDEC50386CBF08937594C70C1138DA30F62EC65B6EDEE5C27E6854280FC3F1E2FAE4A893BF4

Firefox Search
Status : Scanned
Object : ƕigekeelsussƵnaraamat - EKI.ee - Eesti Keele Instituut
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Exclude
Related Objects :
Browser Setting - Firefox Search

Firefox Search
Status : Scanned
Object : ƕigekeelsussƵnaraamat - EKI.ee - Eesti Keele Instituut
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Exclude
Related Objects :
Browser Setting - Firefox Search

Firefox Search
Status : Scanned
Object : Osta - Oksjonid, kuulutused ja eripakkumised - enam pakkumisi - Osta.ee
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search

Avast root CA. Also some pre-set Estonian search providers in Firefox (came with original install).
 

LiteManager

Level 1
Developer
Verified
Joined
Mar 13, 2017
Messages
8
OS
Windows 10
Antivirus
Avast
LiteManager False positive report
File
http://litemanager.com/soft/pro/ROMServer.zip
http://litemanager.com/soft/litemanager_4.8.zip

I am developer of LiteManager it is a legal remote control software, it is similar to TeamViewer. We have very friendly and safety interface. Our software is not virus or spy.
We don't have special secret functions all code is clear. Please remove us from virus (malware software).

When you run ROMServer.exe you can see License agreement window, User must accept it otherwise litemanager will not be running.

Our site LiteManager - unattended remote access software and support tools.

 
Joined
Dec 13, 2016
Messages
19
OS
Windows 10
Antivirus
Emsisoft
im new to zemana and malwaretips i think this is the right place to post this..
adware ad block
 

Attachments

KevinYu0504

Level 4
Verified
Joined
Mar 10, 2017
Messages
185
OS
Windows 10
Antivirus
Emsisoft
We are getting a false positive with these installers:
Is this the official place to report these?
No , but ususally @TwinHeadedEagle will come here and take a look ,
he is working in Zemana ( if i do not make mistake) .
if the issue is confirm , than he will help to report to Zemana official .

If him do not response , you can send a message to him :)
 
Likes: frogboy

Similar Threads

Similar Threads