Assigned Zemana False Positive Report Thread

[JM Safe]

Two FPs today: Firefox browser extensions Privacy Possum and Emsisoft Browser Security quarantined, but nothing shows under "Quarantine" UI so I could not restore. Once again I failed to capture screenshot prior to taking action but report was sent through UI. You must have much work to do!

Hello @oldschool those two false positives should be fixed in ZAM 3.0.894 Beta.

 

[Mops21]

Hello @Mops21 , did you download 7-Zip from the official website (https://www.7-zip.org/download.html ) ?Thank you.

Hi @JM Safe

Are you a worker from Zemana

No I have download from here that uses the 7 Zip Homepage for download

7-Zip Download

7-Zip ist ein weit verbreitetes und freies Packprogramm, das viele verschiedene Formate unterstützt. Deutsch, Freie Software, kostenloser Download!

www.computerbase.de

With best Regards
Mops21

 

[JM Safe]

Hi @JM Safe

Are you a worker from Zemana

No I have download from here that uses the 7 Zip Homepage for download

7-Zip Download

7-Zip ist ein weit verbreitetes und freies Packprogramm, das viele verschiedene Formate unterstützt. Deutsch, Freie Software, kostenloser Download!

www.computerbase.de

With best Regards
Mops21

Hello @Mops21 , yes I am working for Zemana as a Junior Malware Analyst

 

[JM Safe]

@Mops21 the 7-Zip false positive is fixed

 

[Mops21]

@Mops21 the 7-Zip false positive is fixed

Hi @JM Safe

Thank you very much for your Infos

With best Regards
Mops21

 

[LDogg]

Hello @Mops21 , yes I am working for Zemana as a Junior Malware Analyst

I never knew this, fantastic news JM. I am glad you are working for Zemana, how's the experience going for you?

~LDogg

 

[Mops21]

Hello @Mops21 , yes I am working for Zemana as a Junior Malware Analyst

Hi @JM Safe

Thank you very much for your Infos

With best Regards
Mops21

 

[Mops21]

Hi @JM Safe and Hi @Miss Onnellisuus and Hi @ZAM3_PO

I have 3 more FPs for you see the screenshot

The Feedback is submitted to you via the Programm UI to you

MD5 : 8025619C5BF36450D801EF20FCE23E34
Status : Scanned
Object : c:\program files\secureage\antivirus\mspack.dll
Publisher :
Size : 82432
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : 0BA5569866B04C6AAA52D28982244E82
Status : Scanned
Object : c:\program files\secureage\antivirus\libclamav.dll
Publisher :
Size : 8631296
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : 11F1E89A6A0C4F28A34DADC19616C3AE
Status : Scanned
Object : c:\program files\secureage\antivirus\pthreads.dll
Publisher :
Size : 54784
Detection : Suspicious:SRC!P
Action : Quarantine

mspack.dll

VirusTotal

VirusTotal

www.virustotal.com

libclamav

VirusTotal

VirusTotal

www.virustotal.com

pthreads.dll

VirusTotal

VirusTotal

www.virustotal.com

With best Regards
Mops21

 

[JM Safe]

Hi @JM Safe and Hi @Miss Onnellisuus and Hi @ZAM3_PO

I have 3 more FPs for you see the screenshot

The Feedback is submitted to you via the Programm UI to you

MD5 : 8025619C5BF36450D801EF20FCE23E34
Status : Scanned
Object : c:\program files\secureage\antivirus\mspack.dll
Publisher :
Size : 82432
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : 0BA5569866B04C6AAA52D28982244E82
Status : Scanned
Object : c:\program files\secureage\antivirus\libclamav.dll
Publisher :
Size : 8631296
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : 11F1E89A6A0C4F28A34DADC19616C3AE
Status : Scanned
Object : c:\program files\secureage\antivirus\pthreads.dll
Publisher :
Size : 54784
Detection : Suspicious:SRC!P
Action : Quarantine

mspack.dll

VirusTotal

VirusTotal

www.virustotal.com

libclamav

VirusTotal

VirusTotal

www.virustotal.com

pthreads.dll

VirusTotal

VirusTotal

www.virustotal.com

With best Regards
Mops21

Hello @Mops21 , thank you very much for reporting this!

 

[Mops21]

Hello @Mops21 , thank you very much for reporting this!

Hi @JM Safe

Thank you very much for your Infos

With best Regards
Mops21

 

[Mops21]

Hi @JM Safe and Hi @Miss Onnellisuus and Hi @ZAM3_PO

I have 3 more FPs for you see the screenshot

The Feedback is submitted to you via the Programm UI to you

MD5 : 8025619C5BF36450D801EF20FCE23E34
Status : Scanned
Object : c:\program files\secureage\antivirus\mspack.dll
Publisher :
Size : 82432
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : 0BA5569866B04C6AAA52D28982244E82
Status : Scanned
Object : c:\program files\secureage\antivirus\libclamav.dll
Publisher :
Size : 8631296
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : 11F1E89A6A0C4F28A34DADC19616C3AE
Status : Scanned
Object : c:\program files\secureage\antivirus\pthreads.dll
Publisher :
Size : 54784
Detection : Suspicious:SRC!P
Action : Quarantine

mspack.dll

VirusTotal

VirusTotal

www.virustotal.com

libclamav

VirusTotal

VirusTotal

www.virustotal.com

pthreads.dll

VirusTotal

VirusTotal

www.virustotal.com

With best Regards
Mops21

Hi @ZAM3_PO @JM Safe @Miss Onnellisuus

Any new Infos about this available

With best Regards
Mops21

 

[JM Safe]

Hi @ZAM3_PO @JM Safe @Miss Onnellisuus

Any new Infos about this available

With best Regards
Mops21

Hello @Mops21 , when they will be fixed I will let you know we are working also on this

 

[Mops21]

Hello @Mops21 , when they will be fixed I will let you know we are working also on this

Hi @JM Safe

Thank you very much for your Infos

With best Regards
Mops21

 

[JM Safe]

@Mops21 the false positive about the 3 files of SecureAge is fixed.

 

[Mops21]

@Mops21 the false positive about the 3 files of SecureAge is fixed.

Hi @JM Safe

Thank you very much for your Infos

With best Regards
Mops21

 

[Mops21]

Hi @JM Safe and Hi @Miss Onnellisuus and Hi @ZAM3_PO

I have anotherone False Positive for you

Feedback is send to you via the UI

MD5 : 1D72228585795E7F98DD8F6051E3BC77
Status : Scanned
Object : c:\program files (x86)\adobe\acrobat reader dc\reader\air\nppdf32.dll
Publisher : Adobe Inc.
Size : 257072
Detection : Suspicious:SRC!R
Action : Quarantine

NPPDF32.DLL

VirusTotal

VirusTotal

www.virustotal.com

With best Regards
Mops21

 

[JM Safe]

Hi @JM Safe and Hi @Miss Onnellisuus and Hi @ZAM3_PO

I have anotherone False Positive for you

Feedback is send to you via the UI

MD5 : 1D72228585795E7F98DD8F6051E3BC77
Status : Scanned
Object : c:\program files (x86)\adobe\acrobat reader dc\reader\air\nppdf32.dll
Publisher : Adobe Inc.
Size : 257072
Detection : Suspicious:SRC!R
Action : Quarantine

NPPDF32.DLL

VirusTotal

VirusTotal

www.virustotal.com

With best Regards
Mops21

Hello @Mops21, thank you very much for reporting this! we will look into that.

 

[Mops21]

Hello @Mops21, thank you very much for reporting this! we will look into that.

Hi @JM Safe

Yes i get the Email Message too

With best Regards
Mops21

 

[JM Safe]

@Mops21 the Adobe False Positive is now fixed.

 

[Mops21]

@Mops21 the Adobe False Positive is now fixed.

Hi @JM Safe

Yes it is fixed now

And I have some more 3 FPs for you

MD5 : 4A38BA871060DE96DF0590899879C5EC
Status : Scanned
Object : c:\windows\system32\drvstore.dll
Publisher :
Size : 410
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : C69219E96DA783E323A116CF995A516C
Status : Scanned
Object : c:\windows\system32\printisolationproxy.dll
Publisher :
Size : 161
Detection : Suspicious:SRC!P
Action : Quarantine

MD5 : 5F54D30E11477A4E61978C4933B77876
Status : Scanned
Object : c:\windows\system32\diagperf.dll
Publisher :
Size : 500
Detection : Suspicious:SRC!P
Action : Quarantine

drvstore.dll

VirusTotal

VirusTotal

www.virustotal.com

drvstore.dll

VirusTotal

VirusTotal

www.virustotal.com

diagperf.dll

VirusTotal

VirusTotal

www.virustotal.com

PrintSandboxProxy.dll

VirusTotal

VirusTotal

www.virustotal.com

The Feedback is submitted to you via the UI

With best Regards
Mops21