• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
biker

false positive on Zinstall files

4 posts in this topic

Ad-aware crashing Zinstall virtual XP machine running on Win 7. Having problems with several Zinstall file. A sample log file attached for zinstallhelperservice.exe quarentine and subsequent deletion.

Sid

Share this post


Link to post
Share on other sites
[quote name='biker' post='123267' date='Oct 18 2010, 08:37 AM']Ad-aware crashing Zinstall virtual XP machine running on Win 7. Having problems with several Zinstall file. A sample log file attached for zinstallhelperservice.exe quarentine and subsequent deletion.

Sid[/quote]

Hi Sid,

Thanks for posting. Could I ask you to take the detected "C:\windows\SysWOW64\zinstall_xp7\ZinstallHelperService.exe" file out of quarantine and upload it here?

Andy
Lavasoft Malware Labs

Share this post


Link to post
Share on other sites
[quote name='LS Andy' post='123272' date='Oct 18 2010, 06:58 AM']Hi Sid,

Thanks for posting. Could I ask you to take the detected "C:\windows\SysWOW64\zinstall_xp7\ZinstallHelperService.exe" file out of quarantine and upload it here?

Andy
Lavasoft Malware Labs[/quote]

The file is not in quarantine as it was deleted when the computer reboted. I reinstalled the whole program'
and have it back. (a real pain)

The file is ~ 11 Mb regular or zipped, I think I'll have to e-mail it to you. There are 4,738 Files, 390 Folders in that SysWOW64 folder, several of which have gotten false positives already. I think you will need to contact the people at Zinstall.com to get a list of their files so ad-aware can stop removing them. Zinstall is a big program with many moving parts that can be impacted by virus scanners and malware searchs like yours. I'm just a Zinstall and Ad-Aware user caught in the middle.

Sid

Share this post


Link to post
Share on other sites
Hi Sid,

Thanks for getting back to me. The reason I'm asking for the files is that they are detected by the heuristic engine - there is no specific signature that detects these exact files. Without access to the files, it makes it impossible to investigate.

Since you have the detected files on your PC, it would be really helpful if you could send them to me. I've sent you a PM with an alternative way to get the files to me. If that's not an option for you, let me know and we'll work something else out. Thanks!

Andy



[quote name='biker' post='123275' date='Oct 18 2010, 05:43 PM']The file is not in quarantine as it was deleted when the computer reboted. I reinstalled the whole program'
and have it back. (a real pain)

The file is ~ 11 Mb regular or zipped, I think I'll have to e-mail it to you. There are 4,738 Files, 390 Folders in that SysWOW64 folder, several of which have gotten false positives already. I think you will need to contact the people at Zinstall.com to get a list of their files so ad-aware can stop removing them. Zinstall is a big program with many moving parts that can be impacted by virus scanners and malware searchs like yours. I'm just a Zinstall and Ad-Aware user caught in the middle.

Sid[/quote]

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0