Assigned Zemana False Positive Report Thread

Ink · Mar 15, 2016

Razor555 said:
I think Zemana is another product that uses virustotal database as well to block most stuff... It has many false positives and probably will get in trouble with virustotal just as another product had in the past.

Could you elaborate further, with evidence of your claims?

Deleted Member 333v73x · Mar 16, 2016

**UPDATE**

Please ONLY use this thread to report false positives and bugs, if you wish to post anything off-topic please post it elsewhere! Thank you.

Smith83 · Mar 16, 2016

Zemana seems to go after steam, and some other games, log from helping at another forum....

Code:

Zemana AntiMalware 2.20.2.8 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/3/11
Operating System       : Windows 10 64-bit
Processor              : 4X AMD FX(tm)-4300 Quad-Core Processor
BIOS Mode              : Legacy
CUID                   : 00735C3A0682D94DA0E727
Scan Type              : Deep Scan
Duration               : 33m 39s
Scanned Objects        : 337380
Detected Objects       : 2
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : ON
Detect All Extensions  : OFF
Scan Documents         : OFF
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

56e211df380a7[1].exe
Status             : Failed
Object             : %localappdata%\microsoft\windows\inetcache\ie\cxo20u2s\56e211df380a7[1].exe
MD5                : 4CB167CB3D6519792E804EBF00B99C15
Publisher          : -
Size               : 66830
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %localappdata%\microsoft\windows\inetcache\ie\cxo20u2s\56e211df380a7[1].exe

unins000.exe
Status             : Failed
Object             : %homedrive%\games\marvel heroes game\unins000.exe
MD5                : 2F2E5B5F32B02B1AFACF2150FB375635
Publisher          : -
Size               : 817313
Version            : 51.52.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\marvel heroes game\unins000.exe
                Reference - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvel Heroes Game\Uninstall Marvel Heroes Game.lnk

PandaSecurityTb.exe
Status             : Scanned
Object             : %programfiles%\panda security\panda security protection\tools\pandasecuritytb.exe
MD5                : 59D718A8A033993ADFBCD189A3977FEA
Publisher          : Visicom Media Inc.
Size               : 4917560
Version            : 4.3.1.15
Detection          : Adware:Win32/VisicomToolbar!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\panda security\panda security protection\tools\pandasecuritytb.exe

cp_manual.bat
Status             : Failed
Object             : %homedrive%\games\ubisoft game launcher\games\might & magic heroes vi\support\inst\cp_manual.bat
MD5                : 805723FC4D2B88F77F3576D358327572
Publisher          : -
Size               : 581
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\ubisoft game launcher\games\might & magic heroes vi\support\inst\cp_manual.bat

delete_manual.bat
Status             : Failed
Object             : %homedrive%\games\ubisoft game launcher\games\might & magic heroes vi\support\inst\delete_manual.bat
MD5                : FB887CDC4B865F8620C22875EC2519AA
Publisher          : -
Size               : 151
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\ubisoft game launcher\games\might & magic heroes vi\support\inst\delete_manual.bat

GameNetwork.dll
Status             : Failed
Object             : %homedrive%\games\ubisoft game launcher\games\might & magic heroes vi\gamenetwork.dll
MD5                : 318558A4E8C3DEFDA89C80DAD92868B1
Publisher          : Virtuos China Ltd.
Size               : 6000424
Version            : 2.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\ubisoft game launcher\games\might & magic heroes vi\gamenetwork.dll

fmodstudiol.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmodstudiol.dll
MD5                : 12130CD076C4783CED8478EDBDD2E26F
Publisher          : -
Size               : 1971712
Version            : 0.1.7.3
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmodstudiol.dll

fmodstudio.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmodstudio.dll
MD5                : E38FAD3A17404CF62DF938EC5E446E81
Publisher          : -
Size               : 1418240
Version            : 0.1.7.3
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmodstudio.dll

Assembly-UnityScript-firstpass.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-unityscript-firstpass.dll
MD5                : ACC61DA9A54B5BA02A8FE3CAC8056694
Publisher          : -
Size               : 147456
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-unityscript-firstpass.dll

Assembly-UnityScript.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-unityscript.dll
MD5                : 97D0DE8D9D24B1E2C3FEACEF06DB94A9
Publisher          : -
Size               : 2932736
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-unityscript.dll

UnityEngine.Analytics.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\unityengine.analytics.dll
MD5                : 4DA80BAD75940E62F6008CA263F1883A
Publisher          : -
Size               : 40448
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\unityengine.analytics.dll

fmod.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmod.dll
MD5                : 9205C6C7AEDA2648CF7B4EADEDF44ED8
Publisher          : -
Size               : 1494528
Version            : 0.1.7.3
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmod.dll

eso.exe
Status             : Scanned
Object             : %homedrive%\games\eso\the elder scrolls online\game\client\eso.exe
MD5                : FDDFCDB1C2285007091FC45EF8C3DF1F
Publisher          : -
Size               : 71134208
Version            : 1.0.0.1
Detection          : Heur.Malicious!Pc
Cleaning Action    : Report as safe
Related Objects    :
                File - %homedrive%\games\eso\the elder scrolls online\game\client\eso.exe

fmodl.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmodl.dll
MD5                : 93D1CC5CA94E15D741C196BF4CEA23A0
Publisher          : -
Size               : 1602048
Version            : 0.1.7.3
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\plugins\fmodl.dll

Assembly-CSharp-firstpass.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-csharp-firstpass.dll
MD5                : C7F892763310EAA24FFFAC5635F4F5DC
Publisher          : -
Size               : 248832
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-csharp-firstpass.dll

Assembly-CSharp.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-csharp.dll
MD5                : D465B5AE03AAA35AFEABE387298BF22D
Publisher          : -
Size               : 111616
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_data\managed\assembly-csharp.dll

fmodl.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\plugins\fmodl.dll
MD5                : 61B4BAB5A0D2EB158D141C0DF01A3980
Publisher          : -
Size               : 1761792
Version            : 0.1.7.3
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\plugins\fmodl.dll

Assembly-UnityScript.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-unityscript.dll
MD5                : F8BFD09061109A62CEE4E0D547897E68
Publisher          : -
Size               : 2932736
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-unityscript.dll

Assembly-CSharp.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-csharp.dll
MD5                : 1DCB41A1231C88ECAA33BD9C14190C6B
Publisher          : -
Size               : 111616
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-csharp.dll

Assembly-UnityScript-firstpass.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-unityscript-firstpass.dll
MD5                : 826E75FF42A86295BDB153205F43D07C
Publisher          : -
Size               : 147456
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-unityscript-firstpass.dll

Assembly-CSharp-firstpass.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-csharp-firstpass.dll
MD5                : 1F22A85C0341B3388547FBD2681E7CDE
Publisher          : -
Size               : 248832
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\assembly-csharp-firstpass.dll

SRO.Client.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\sro.client.dll
MD5                : 053BCEAAE862EDD5C82DB010A5079056
Publisher          : -
Size               : 1961984
Version            : 1.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\sro.client.dll

SRO.Content.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\sro.content.dll
MD5                : B2540CC20859B9479E935E2DDEE06663
Publisher          : -
Size               : 20992
Version            : 1.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\sro.content.dll

UnityEngine.Analytics.dll
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\unityengine.analytics.dll
MD5                : 4DA80BAD75940E62F6008CA263F1883A
Publisher          : -
Size               : 40448
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\starcrawlers\starcrawlers_x86_64_data\managed\unityengine.analytics.dll

SRO.Core.Compatibility.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\sro.core.compatibility.dll
MD5                : 7CC70883EE25AE553BB9519EDC2E647F
Publisher          : -
Size               : 143872
Version            : 1.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\sro.core.compatibility.dll

UnityCommons.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\unitycommons.dll
MD5                : 16A89AB2DDDF1BAA7C6119F5B2492B4D
Publisher          : -
Size               : 612864
Version            : 1.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\unitycommons.dll

Cliffhanger.SRO.ServerClientCommons.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\cliffhanger.sro.serverclientcommons.dll
MD5                : 891BD4760576D37AB34A98401B2EE7A2
Publisher          : -
Size               : 1116672
Version            : 1.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\cliffhanger.sro.serverclientcommons.dll

Cliffhanger.Unity.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\cliffhanger.unity.dll
MD5                : 5D95E661671F3A27B95A5DB972D6AEE3
Publisher          : -
Size               : 482304
Version            : 1.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\cliffhanger.unity.dll

Assembly-CSharp-firstpass.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\assembly-csharp-firstpass.dll
MD5                : 567C1FB680E0C31D1D418D222D34F630
Publisher          : -
Size               : 237056
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\assembly-csharp-firstpass.dll

Assembly-CSharp.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\assembly-csharp.dll
MD5                : 088ABDA244D77CF51B580661FF2A9D5F
Publisher          : -
Size               : 113152
Version            : 0.0.0.0
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\assembly-csharp.dll

Assembly-UnityScript-firstpass.dll
Status             : Cancelled
Object             : %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\assembly-unityscript-firstpass.dll
MD5                : 75071DBA1D8A4ED6095043C5C0681EE0
Publisher          : -
Size               : 65024
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\shadowrunchronicles\shadowrun_data\managed\assembly-unityscript-firstpass.dll

ClientLauncherG.exe
Status             : Failed
Object             : %homedrive%\games\steam\steamapps\common\greygoo\clientlauncherg.exe
MD5                : B7D498B7B576DCD3EC41EE3CEF487952
Publisher          : Redux! Games, LLC
Size               : 6220440
Version            : 0.34.9.8020
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\steam\steamapps\common\greygoo\clientlauncherg.exe

CefFramework-Debug.dll
Status             : Cancelled
Object             : %homedrive%\games\into the stars\nebraska\cefruntime\binaries\win64\cefframework-debug.dll
MD5                : F302C20B8A574CC3A8E2667C5B1B34FB
Publisher          : -
Size               : 1279488
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\into the stars\nebraska\cefruntime\binaries\win64\cefframework-debug.dll

CefProcess-Debug.exe
Status             : Cancelled
Object             : %homedrive%\games\into the stars\nebraska\cefruntime\binaries\win64\cefprocess-debug.exe
MD5                : 705482720615949B73DC49DB52514546
Publisher          : -
Size               : 1136640
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\into the stars\nebraska\cefruntime\binaries\win64\cefprocess-debug.exe

GazillionPatcher.dll
Status             : Cancelled
Object             : %homedrive%\games\marvel heroes game\gazillionpatcher.dll
MD5                : B1EAD0ADDAF3A89FA426541F714243B2
Publisher          : Gazillion Inc
Size               : 77640
Version            : -
Detection          :
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\games\marvel heroes game\gazillionpatcher.dll


Cleaning Result
-------------------------------------------------------
Cleaned               : 1
Reported as safe      : 1
Failed                : 0

Deleted Member 333v73x · Mar 22, 2016

Can you please put **RESOLVED** in your message if the false positive you are reporting has been fixed, thank you in advance.

Neno · Mar 30, 2016

Zemana AntiMalware false positive - Steganos Safe 17 - PortableSafe.exe (Pandora Real Time)

Mops21 · Apr 4, 2016

Hi @iIda15

Can you check this please is the same File see my 2 screenshots

Need you the File. I use the Report function into the program

With best Regards
Mops21

TwinHeadedEagle · Apr 4, 2016

It would be nice to click Copy to clipboard and to paste these results here.

Mops21 · Apr 5, 2016

Hi

Here they are

DriverEasy_Setup.exe
Status : Gescannt
Pfad : %userprofile%\downloads\drivereasy_setup.exe
MD5-Hash : 644BE97775B7AFAA368883C97C7CC03B
Herausgeber : Easeware Technology Limited
Größe : 3714184
Version : 5.0.0.0
Bedrohung : Adware:Win32/OutBrowse!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %userprofile%\downloads\drivereasy_setup.exe

DriverEasy_5.0.0.18255.exe
Status : Gescannt
Pfad : %userprofile%\videos\drivereasy_5.0.0.18255.exe
MD5-Hash : 644BE97775B7AFAA368883C97C7CC03B
Herausgeber : Easeware Technology Limited
Größe : 3714184
Version : 5.0.0.0
Bedrohung : Adware:Win32/OutBrowse!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %userprofile%\videos\drivereasy_5.0.0.18255.exe

With best Regards
Mops21

TwinHeadedEagle · Apr 7, 2016

Sorry for delay. Let me know if you still have detection.

TwinHeadedEagle · Apr 7, 2016

Can you show the name of detection and whole report?

Mops21 · Apr 7, 2016

TwinHeadedEagle said:
Sorry for delay. Let me know if you still have detection.

No

With best Regards
Mops21

bjm_ · Apr 22, 2016

Zemana AM Free 2.20.2.140
Status : Scanned
Object : %appdata%\mozilla\firefox\profiles\br0fgu8r.default\extensions\jid1-gjjqq12bh0olrr@jetpack.xpi
MD5 : 3CC1399E661CF81E758B66D2DE585DD0
Publisher : -
Size : 233950
Version : -
Detection : PUA.FirefoxExt!Gr
Cleaning Action : Repair
Related Objects :
Browser Extension - Clean Uninstall
File - %appdata%\mozilla\firefox\profiles\br0fgu8r.default\extensions\jid1-gjjqq12bh0olrr@jetpack.xpi

Mops21 · Apr 22, 2016

Hi all

Here is anotherone File for you

09_Password_Boss_Setup.exe
Status : Gescannt
Pfad : %userprofile%\downloads\09_password_boss_setup.exe
MD5-Hash : 2349DB6FE499F107EF20E8A3115EF54A
Herausgeber : PasswordBoss, LLC
Größe : 230144
Version : 2015.11.4.2215
Bedrohung : Adware:Win32/PasswordBoss!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %userprofile%\downloads\09_password_boss_setup.exe

With best Regards
Mops21

TwinHeadedEagle · Apr 22, 2016

@bjm_

Can you show me a link where you downloaded this extension?

TwinHeadedEagle · Apr 22, 2016

@Mops21

We spotted this software coming bundled with malware installer. That's why we flag it as malicious.

Mops21 · Apr 23, 2016

TwinHeadedEagle said:
@Mops21

We spotted this software coming bundled with malware installer. That's why we flag it as malicious.

Ah okay thank you very much I have Scan this folder again and it is gone now

With best Regards
Mops21

vindiesel · Apr 26, 2016

NingunoHola have a question, it's a false positive? Since they have not investigated and it is ESET, I need to delete? can someone help me

I put it in white list?

Hi this last when I had installed BitDefender blocked it, may be signatures BitDefender.

enaph · Apr 26, 2016

vindiesel said:
Hi I have a question, this is a false positive? Since so and failed to investigate is ESET, I have to delete? can someone help me

Check this thread on ESET forums:
appOnt.exe - ESET Smart Security - ESET Security Forum

TwinHeadedEagle · Apr 26, 2016

Can you attach recent Zemana reports?

Bergo · Apr 26, 2016

Its malicious or FP?

Assigned Zemana False Positive Report Thread

Administrator

Deleted Member 333v73x

Smith83

Deleted Member 333v73x

Level 6

Level 35

Attachments

Level 41

Level 35

Level 41

Level 41

Level 35

Level 15

Level 35

Attachments

Level 41

Level 41

Level 35

Level 7

Level 29

Level 41

Level 12

Similar threads