7 Replies Latest reply on Aug 6, 2017 5:34 PM by squaredrop7892

    i have a questions Is it a False  positive malware or not

    squaredrop7892

      i'm unsure if it's a False  positive or not as hitmanpro detected 2 malware while malwarebytes and mcafee livesafe didn't detect nothing after a komplet scan separated while the other antiviruses was deactivated on my LENOVO Ideapad 500-15ACZ and my pc has been running unusual so i'm not sure what's the problem i have the recommendation build for my pc model that is tested from Lenovo 1703 creator update and on event viewer i have no kritikal problems other than error codes and warnings i have also reinstalled my pc 3 Days ago  so any tips to what i can do as of right  now i might change antivirus and try to get a refund as this dosent  work for the price i'm paying pluss the scanning time is so long compare to Norton but then again i have a lot more stuff on my pc  now than when i had norton And for curiosity is mcafee stinger still supported as i did try to ask support if should try mcafee stinger to se that would help bme ut he said it won't work

      pc specs

      • 8 ramAMD
      • A10 6 GENERATION
      • WINDOWS 10 HOM
      • 2 GB dedicated memory graphics card

      event.jpg

      Macfee27.07.2017.jpghitmanpro27.07.2017.jpg

        • 1. Re: i have a questions Is it a False  positive malware or not
          catdaddy

          squaredrop7892

                                   Try running Malwarebytes AdwCleaner/Zemana Antimalware and get a second opinion . Delete any detection and restart.

          You can obtain here;Anti-Spyware/Malware & Hijacker Tools

          1 of 1 people found this helpful
          • 2. Re: i have a questions Is it a False  positive malware or not
            catdaddy

            Discussion successfully moved from LiveSafe to Home User Assistance

            As it is a more appropiate area.

            1 of 1 people found this helpful
            • 3. Re: i have a questions Is it a False  positive malware or not
              squaredrop7892

              i did try Zemana Antimalware but 9 ute 10 was false positive as the  programs it thought was Malicious or suspicious can be proven to be legit by microsoft community leader or lenovo exmapl Lenovo Photo Master is legit  100 % as it was preinstall to my pc and one of the im unsure plus i think  Malwarebytes AdwCleaner/ is a overkill as i did try premium edition

               

              emana AntiMalware 2.74.2.76 (Installed)

              -------------------------------------------------------
              Scan Result            : Completed
              Scan Date              : 2017.7.28
              Operating System       : Windows 10 64-bit
              Processor              : 4X AMD A10-8700P Radeon R6, 10 Compute Cores 4C+6G
              BIOS Mode              : UEFI
              CUID                   : 128D5F6022FA22D1D653C3
              Scan Type              : System Scan
              Duration               : 4m 36s
              Scanned Objects        : 71352
              Detected Objects       : 10
              Excluded Objects       : 0
              Read Level             : Normal
              Auto Upload            : Enabled
              Detect All Extensions  : Disabled
              Scan Documents         : Disabled
              Domain Info            : WORKGROUP,0,2

              Detected Objects
              -------------------------------------------------------

              Internet Explorer Homepage
              Status             : Scanned
              Object             : http://www.startsiden.no/
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : Suspicious Browser Setting
              Cleaning Action    : Repair
              Related Objects    :
                              Browser Setting - Internet Explorer Homepage

              Internet Explorer URL
              Status             : Scanned
              Object             : Http://www.startsiden.no/
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : Suspicious Browser Setting
              Cleaning Action    : Repair
              Related Objects    :
                              Browser Setting - Internet Explorer URL

              Firefox Search
              Status             : Scanned
              Object             : QXL - http://qxl.no
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : Suspicious Browser Setting
              Cleaning Action    : Repair
              Related Objects    :
                              Browser Setting - Firefox Search

              Firefox Search
              Status             : Scanned
              Object             : Ordbok - http://nob-ordbok.uio.no
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : Suspicious Browser Setting
              Cleaning Action    : Repair
              Related Objects    :
                              Browser Setting - Firefox Search

              Firefox Search
              Status             : Scanned
              Object             : Gule sider - http://gulesider.no
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : Suspicious Browser Setting
              Cleaning Action    : Repair
              Related Objects    :
                              Browser Setting - Firefox Search

              trash
              Status             : Scanned
              Object             : %appdata%\mozilla\firefox\profiles\xtuh0gyh.default\extensions\trash
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : PUA.FirefoxExt!Gr
              Cleaning Action    : Repair
              Related Objects    :
                              Browser Extension - trash

              True Key™ by Intel Security
              Status             : Scanned
              Object             : %appdata%\mozilla\firefox\profiles\xtuh0gyh.default\extensions\@true-key.xpi
              MD5                : 28592EA42C1868C80E1239C498597608
              Publisher          : -
              Size               : 5627240
              Version            : -
              Detection          : PUA.FirefoxExt!Gr
              Cleaning Action    : Repair
              Related Objects    :
                              Browser Extension - True Key™ by Intel Security
                              File - %appdata%\mozilla\firefox\profiles\xtuh0gyh.default\extensions\@true-key.xpi

              lsfsdk.dll
              Status             : Scanned
              Object             : NE->c:\program files (x86)\lenovo\lenovo photo master\lsfsdk.dll
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : PUA:Win32/Lenovo-ATM!Neng
              Cleaning Action    : Quarantine
              Related Objects    :
                              (null) - (null)

              lsfsdkcomponent.dll
              Status             : Scanned
              Object             : NE->c:\program files (x86)\lenovo\lenovo photo master\lsfsdkcomponent.dll
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : PUA:Win32/Lenovo-ATM!Neng
              Cleaning Action    : Quarantine
              Related Objects    :
                              (null) - (null)

              ludp.dll
              Status             : Scanned
              Object             : NE->c:\program files (x86)\lenovo\lenovo photo master\ludp.dll
              MD5                : -
              Publisher          : -
              Size               : -
              Version            : -
              Detection          : PUA:Win32/Lenovo-ATM!Neng
              Cleaning Action    : Quarantine
              Related Objects    :
                              (null) - (null)


              Cleaning Result
              -------------------------------------------------------
              Cleaned               : 10
              Reported as safe      : 0
              Failed                : 0

              • 4. Re: i have a questions Is it a False  positive malware or not
                squaredrop7892

                ok i have Tried most of the tips but either it was false positive or programs that was suspicious but i'm unsure weather to remove it or no as i suspect the programs to be critical windows files

                • 5. Re: i have a questions Is it a False  positive malware or not
                  catdaddy

                  Basically the Programs/Processes you have mentioned are most likely legitimate. It is simply Zemana and other Antimalware tools are detecting the behaviour of the processes. Which I would venture to say are 'False Positives'.

                   

                  Being that they are classified as 'Potentially Unwanted Programs', I would not worry about them. And yes your McAfee Software is not detecting them as malicious or harmful to your system. As for the amount of time being taken to run a scan, The Product Manager is aware of this and is investigating the cause

                  If no feedback before Monday, we will reask the Senior Level Support Engineers for a update during our Weekly Conference Call.

                  1 of 1 people found this helpful
                  • 6. Re: i have a questions Is it a False  positive malware or not
                    catdaddy

                    Prior comments from the Product Manager;

                      Tracy Romine Employee Jun 12, 2017 6:28 PM

                     

                    McAfee Product Manager, here.  I'll take a crack at explaining how we've changed the scanning technology & why.  But let me first encourage those of you who like the ability to scan a particular file or drive that we are currently working on re-adding that to the product.

                    What's happened?

                    McAfee has responded to feedback from users who wanted to be protected, while not paying a heavy Performance price.  One way to accomplish this was by shifting to a more Cloud-reliant Next Gen AV engine.  Instead of carrying nearly 200MB of DATs (virus signatures) on the PC, we are trimming down DATs to about 1/5 the size and offloaded much of what was previously handled by the PC locally, to the Cloud.  Instead of using only signatures & static file attributes, which have to be updated constantly, we are also looking at file behaviors (Dynamic attributes).  The end result is detection that is always getting better through Machine Learning (instead of having to try to keep up by logging signatures of known viruses constantly).

                    Why are scans not looking at as many files?

                    With previous technology, McAfee would scan every file, every time - unless scans are customized.  On a PC loaded with a lot of files, this could lead to a significantly long scan time, and depending upon your PC power, some perceivable lag.  With the Next Gen AV, we focus on scripts and anything executable, and those file types which are potentially subject to infection.  But file types, like some media which are not a risk, are not included in the On Demand Scans.  It doesn't mean they're ignored.  Upon access of any file, McAfee is checking for suspicious behaviors - and if seen, the activity is stopped and the file quarantined.  And because McAfee is recording any bad behaviors, the product assists in rolling back to previous state.

                     

                    There is never a perfect approach to Security, but with Next Gen AV we think we have addressed Performance concerns while also improving detection capabilities...kind of the holy grail of AV.

                     

                    Having said all this, feel free to let me know your concerns.  We design our products for you, so tell me what you want.

                     

                    Tracy

                     

                     

                     

                    1 of 1 people found this helpful
                    • 7. Re: i have a questions Is it a False  positive malware or not
                      squaredrop7892

                      First of all, I would like to say thank you for answering. I think it's safe to say that there is no virus that causing problems with my PC, since I have tried what independent company / youtuber, recommend as for concerns/feedback well seeing mcafee are fixing what people have often complains about  for a long time i think what's left is to change the interface to all other version of mcafee to look more like livesafe for example Internet Security looks unprofessional/crap i think by changing it will help sales as for the past 3 year i see usually 4 or 5 per video comment on youtube on how ugly the  interface is p.s i could give more feedback but i don't think mcfee can fix corrupted windows files however if you can that would help me defend  macfee and congratulations on getting so good test result in May-Jun/2017