Assigned Zemana False Positive Report Thread

  • Thread starter Deleted Member 333v73x
  • Start date
This thread is being handled by a member of the staff.

Mops21

Level 36
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,506
I think that should be taken care of in next version.

Also are my screenshots the right ones of it and thank you very much for your help. Can I submit via the report as safe via the program or not

With best Regards
Mops21
 

Mops21

Level 36
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,506
Also are my screenshots the right ones of it and thank you very much for your help.

Okay I will make it very soon

With best Regards
Mops21
 

Mops21

Level 36
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,506
Hi

Here are 6 Files for you

DriverEasy_5.0.4.12293.exe
Status : Gescannt
Pfad : %userprofile%\downloads\drivereasy_5.0.4.12293.exe
MD5-Hash : 1FF655478C47ECA221DE43473E40F563
Herausgeber : Easeware Technology Limited
Größe : 3612024
Version : 5.0.4.0
Bedrohung : Adware:Win32/AutoBulk.222e49!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %userprofile%\downloads\drivereasy_5.0.4.12293.exe

DriverEasy_5.0.2.42137.exe
Status : Gescannt
Pfad : %userprofile%\downloads\drivereasy_5.0.2.42137.exe
MD5-Hash : 5AB7B2260A25B7383D5396F4697996F1
Herausgeber : Easeware Technology Limited
Größe : 3726120
Version : 5.0.2.0
Bedrohung : Adware:Win32/AutoBulk.222e49!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %userprofile%\downloads\drivereasy_5.0.2.42137.exe

DriverEasy_5.0.3.14912.exe
Status : Gescannt
Pfad : %userprofile%\downloads\drivereasy_5.0.3.14912.exe
MD5-Hash : CF002157259E40AEA1DF6AE8A271C76B
Herausgeber : Easeware Technology Limited
Größe : 3739680
Version : 5.0.3.0
Bedrohung : Adware:Win32/AutoBulk.222e49!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %userprofile%\downloads\drivereasy_5.0.3.14912.exe

HardwareInfo.dll
Status : Gescannt
Pfad : %programw6432%\easeware\drivereasy\hardwareinfo\hardwareinfo.dll
MD5-Hash : 0CA3264BA0CFD27730B2F3DB2F423190
Herausgeber : Easeware Technology Limited
Größe : 1098096
Version : 1.1.3.1
Bedrohung : Adware:Win32/AutoBulk.222e49!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %programw6432%\easeware\drivereasy\hardwareinfo\hardwareinfo.dll

Easeware.ConfigLanguageFromSetup.exe
Status : Gescannt
Pfad : %programw6432%\easeware\drivereasy\easeware.configlanguagefromsetup.exe
MD5-Hash : ACC9EA65DA41C170E18F56D33EF648A1
Herausgeber : Easeware Technology Limited
Größe : 16752
Version : 1.0.4.0
Bedrohung : Adware:Win32/AutoBulk.222e49!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %programw6432%\easeware\drivereasy\easeware.configlanguagefromsetup.exe

HardwareInfo64.dll
Status : Gescannt
Pfad : %programw6432%\easeware\drivereasy\hardwareinfo\hardwareinfo64.dll
MD5-Hash : 0510AA9C3FAD3F5613B5BA0957F99078
Herausgeber : Easeware Technology Limited
Größe : 1291632
Version : 1.1.3.1
Bedrohung : Adware:Win32/AutoBulk.222e49!Ep
Gewählte Aktion : Quarantäne
Spuren :
Datei - %programw6432%\easeware\drivereasy\hardwareinfo\hardwareinfo64.dll

With best Regards
Mops21
 

Attachments

  • Zemana AntiMalware 2.20.1.776 01.jpg
    Zemana AntiMalware 2.20.1.776 01.jpg
    281.1 KB · Views: 582
  • Zemana AntiMalware 2.20.1.776 02.jpg
    Zemana AntiMalware 2.20.1.776 02.jpg
    280.4 KB · Views: 646
  • Zemana AntiMalware 2.20.1.776 03.jpg
    Zemana AntiMalware 2.20.1.776 03.jpg
    270.3 KB · Views: 575

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
@Mops21

This will be handled tomorrow.

@Huracan

Can you give me the link of Google store for this extension? I can't find it anywhere. It must be something very new and that's probably the reason why it is detected. However, you should not receive detection for this anymore.
 
  • Like
Reactions: Der.Reisende

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Can you try now, do you still have this detection?
Would love to attach an log stating the file scanned, not possible, but can confirm drag + dropping the MSBuild.exe to ZAM Premium now doesn't give any detection (Pandora on).
Thank you for the fast response :)
 

Attachments

  • fixed.JPG
    fixed.JPG
    119.8 KB · Views: 648

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
I assume a FP by Pandora? I haven't made any changes to Chrome, only updates. -- Will disable Pandora.

View attachment 99734
Hi @Huracan, in case you didn't know already, you can exclude those, too, if you trust the alteration :) If you did already, please don't mind me telling you that ;) I did so with my extensions and the alteration to start chrome always incognito and to disallow referrers.
Just click on the drop-down thing which states "Report as safe" in your screenshot.
It's a good feature of ZAM warning you about any alterations to the browser.
 

Attachments

  • exclude.JPG
    exclude.JPG
    183.3 KB · Views: 649
  • Like
Reactions: frogboy

Ink

Administrator
Verified
Jan 8, 2011
22,490
I will have a look, but I haven't added any new extensions in a few months.
Update to detection of --app-id={random 32 letters} in ZAM with Pandora enabled. These are either flagged browser settings or bookmarked sites. You can verify if they are bookmarked sites, but creating the following shortcut.
Code:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory=Default --app-id={random 32 letters}
Check the Logs in Zemana to replace the {random 32 letters} with the suspected object.
 
  • Like
Reactions: Der.Reisende
N

Noxx

Thread author
RE-HIPS is being detected and blocked as a suspicious file. I attached the installer exe and sent it to you guys via the 'send feedback" feature. Here's a photo of the specific files blocked:
 

Attachments

  • lol.jpg
    lol.jpg
    67.7 KB · Views: 619
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top