paulderdash

Level 4
Picked up as suspicious by both EAM and HMP (BD detection):

C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe Gen:Variant.Ursu.377658 (B) [krnl.xmd]

Also HMPA, Event Viewer, Error (every 5 minutes)

Malware found:
Gen:Variant.Ursu.377658
C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
Mitigation MalwareBlocked
Timestamp 2019-02-08T15:44:00


Platform 10.0.17134/x64 v775 06_45
PID 1724
Application C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
Created 2019-02-04T15:44:35
Modified 2019-02-04T14:19:54
Description Gen:Variant.Ursu.377658



SHA256:
5b60e89e9ac6cce20c3bb02391ebafbd86772c4364971ccb087e32bcf48b2c2e
HMPA doesn't seem to refresh malware definitions too often (?), still alerting every 5 minutes ...

Without whitelisting, had to disable HMPA 'Anti-Malware' for now.
 
Last edited:

Raur

Level 1
  • Like
Reactions: Miss Onnellisuus

Andrew999

Level 22
Verified
Hello. I was wondering if when you do report as false positive it sends the file to Zemana Labs to analyse? Or do you have to send that manually in the feedback section?
 
  • Like
Reactions: JM Safe

ZAM3_PO

From Zemana
Verified
Developer
Hi guys, thank you for reporting these. These are simple false positives just like the ones we have. Nothing to worry about. I believe technical people figured this out already. We are in contact with these vendors. These will be fixed soon i believe :giggle:
 
Last edited:

ZAM3_PO

From Zemana
Verified
Developer
Hello. I was wondering if when you do report as false positive it sends the file to Zemana Labs to analyse? Or do you have to send that manually in the feedback section?
Hi @Andrew999, it does send the file to our labs to be analyzed. After that, file's detection gets the latest results. You do not have to send these samples in the feedback anymore :giggle:
Thank you for your contribution.
 

Andrew999

Level 22
Verified
Hi @Andrew999, it does send the file to our labs to be analyzed. After that, file's detection gets the latest results. You do not have to send these samples in the feedback anymore :giggle:
Thank you for your contribution.
Oh great, what about Zemana Anti Malware, or Zemana Anti Logger 2.0 version? Is that the same too, or just Version 3.0?
 

shadek

Level 1
I'm getting this error whenever Windows Core Isolation is enabled:

An unexpected error occured on SDK

1282A6E785AE5CD875D25F
==============================================================================
SDKException:FATAL ERROR;AntiMalware.exe;ExportedFunctions.cpp;121;InitSDK();

==============================================================================

Did report it via internal bug report tool. Anyone else recognize the problem?
 
Last edited: