- Mar 8, 2013
- 22,627
This thread is being handled by a member of the staff.
- Mar 10, 2017
- 228
Not working for Zemana anymore
Oh...ok ,
thx for telling ~
But still great to see your are keep helping many people in Malware Removal Assistance
By the way , is there any member in MalwareTips was from Zemana official ?
i seems never see any Zemana official or developer appear at MalwareTips ...
- Feb 13, 2017
- 1,486
- Mar 10, 2017
- 228
Hi , bro , sorry to tell you the wrong information before ,
but TwinHeadedEagle already confirm that he is not working for Zemana anymore ,
so if you had any false alert want to report ,
i will suggest you to send a email to official .
you can find their email address at official website ,
and feel free to contact them , you can just type a easy title with " false alert report " ,
than Zemana will handle it .
- Mar 10, 2017
- 228
Cool , Thanks for tell me
It's great to know there is still had Zemana official on MalwareTips
Hi all
I have 2 False Positives for you
shellfile.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\shellfile.exe
MD5 : D291CD2D33AD06E8A85C8539DC8BF08B
Publisher : -
Size : 50688
Version : 7.0.0.0
Detection : Adware:Win32/Droon.A!Tttm
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\shellfile.exe
Registry Eintrag - HKLM\Software\Classes\*\shell\xvirus_context\Command\@ = C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe %1
Antivirus scan for 0e520551c75b61fc9b25ceb55b81d78d3a0a906491fe1a2ee8ce1b8b877d755d at 2017-06-14 16:41:59 UTC - VirusTotal
xvirusstart.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\xvirusstart.exe
MD5 : 3BD1D71482C05A466AD251F2A51E1734
Publisher : -
Size : 82944
Version : 7.0.0.8
Detection : Adware:Win32/Fortif!Ekrk
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\xvirusstart.exe
Planmäßige Aufgabe - C:\WINDOWS\System32\Tasks\Xvirus Startup
Antivirus scan for 2907720a31faf7bacfc571e60a39b32d52609c81800675cb9fec9dd5bf56fbde at 2017-06-14 16:55:19 UTC - VirusTotal
With best Regards
Mops21
I have 2 False Positives for you
shellfile.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\shellfile.exe
MD5 : D291CD2D33AD06E8A85C8539DC8BF08B
Publisher : -
Size : 50688
Version : 7.0.0.0
Detection : Adware:Win32/Droon.A!Tttm
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\shellfile.exe
Registry Eintrag - HKLM\Software\Classes\*\shell\xvirus_context\Command\@ = C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe %1
Antivirus scan for 0e520551c75b61fc9b25ceb55b81d78d3a0a906491fe1a2ee8ce1b8b877d755d at 2017-06-14 16:41:59 UTC - VirusTotal
xvirusstart.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\xvirusstart.exe
MD5 : 3BD1D71482C05A466AD251F2A51E1734
Publisher : -
Size : 82944
Version : 7.0.0.8
Detection : Adware:Win32/Fortif!Ekrk
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\xvirusstart.exe
Planmäßige Aufgabe - C:\WINDOWS\System32\Tasks\Xvirus Startup
Antivirus scan for 2907720a31faf7bacfc571e60a39b32d52609c81800675cb9fec9dd5bf56fbde at 2017-06-14 16:55:19 UTC - VirusTotal
With best Regards
Mops21
Attachments
Last edited:
- Mar 10, 2017
- 228
Zemana also detects Chocolatey as a PUA. I think it's a false positive, I don't see anything unwanted with it.
Hi all
I have 2 Files for you
Need you the Files
shellfolder.exe
Antivirus scan for 840c63c719009a7e5f19903b1416555e0f698345840948e7023badc691be67f2 at 2017-07-01 11:14:15 UTC - VirusTotal
XSec_Updater.exe
Antivirus scan for c8de8423dc0767ab7f57012da808c69e5860788cdc546481405f1cf67036198c at 2017-07-01 11:16:16 UTC - VirusTotal
With best Regards
Mops21
I have 2 Files for you
Need you the Files
shellfolder.exe
Antivirus scan for 840c63c719009a7e5f19903b1416555e0f698345840948e7023badc691be67f2 at 2017-07-01 11:14:15 UTC - VirusTotal
XSec_Updater.exe
Antivirus scan for c8de8423dc0767ab7f57012da808c69e5860788cdc546481405f1cf67036198c at 2017-07-01 11:16:16 UTC - VirusTotal
With best Regards
Mops21
Attachments
Hi @TwinHeadedEagle and Hi @Dani Santos
I have 2 Files for you
shellfile.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\shellfile.exe
MD5 : D291CD2D33AD06E8A85C8539DC8BF08B
Publisher : -
Size : 50688
Version : 7.0.0.0
Detection : Adware:Win32/Droon.A!Tttm
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\shellfile.exe
Registry Eintrag - HKLM\Software\Classes\*\shell\xvirus_context\Command\@ = C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe %1
xvirusstart.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\xvirusstart.exe
MD5 : 3BD1D71482C05A466AD251F2A51E1734
Publisher : -
Size : 82944
Version : 7.0.0.8
Detection : Adware:Win32/Fortif!Ekrk
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\xvirusstart.exe
Planmäßige Aufgabe - C:\WINDOWS\System32\Tasks\Xvirus startup
shellfile.exe
Antivirus scan for 0e520551c75b61fc9b25ceb55b81d78d3a0a906491fe1a2ee8ce1b8b877d755d at 2017-07-29 14:24:30 UTC - VirusTotal
VirusTotal
xvirusstart.exe
Antivirus scan for 2907720a31faf7bacfc571e60a39b32d52609c81800675cb9fec9dd5bf56fbde at 2017-07-29 14:26:08 UTC - VirusTotal
VirusTotal
With best Regards
Mops21
I have 2 Files for you
shellfile.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\shellfile.exe
MD5 : D291CD2D33AD06E8A85C8539DC8BF08B
Publisher : -
Size : 50688
Version : 7.0.0.0
Detection : Adware:Win32/Droon.A!Tttm
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\shellfile.exe
Registry Eintrag - HKLM\Software\Classes\*\shell\xvirus_context\Command\@ = C:\Program Files (x86)\Xvirus Anti-Malware\shellfile.exe %1
xvirusstart.exe
Status : Gescannt
Object : %programfiles%\xvirus anti-malware\xvirusstart.exe
MD5 : 3BD1D71482C05A466AD251F2A51E1734
Publisher : -
Size : 82944
Version : 7.0.0.8
Detection : Adware:Win32/Fortif!Ekrk
Cleaning Action : Quarantäne
Related Objects :
Datei - %programfiles%\xvirus anti-malware\xvirusstart.exe
Planmäßige Aufgabe - C:\WINDOWS\System32\Tasks\Xvirus startup
shellfile.exe
Antivirus scan for 0e520551c75b61fc9b25ceb55b81d78d3a0a906491fe1a2ee8ce1b8b877d755d at 2017-07-29 14:24:30 UTC - VirusTotal
VirusTotal
xvirusstart.exe
Antivirus scan for 2907720a31faf7bacfc571e60a39b32d52609c81800675cb9fec9dd5bf56fbde at 2017-07-29 14:26:08 UTC - VirusTotal
VirusTotal
With best Regards
Mops21
Attachments
pistol22cal
New Member
- Jul 29, 2017
- 1
Zemana reports aeroadmin as malware and will not allow the application to run and automatically deletes the exe when downloaded.
aeroadmin is not malware at all
aeroadmin is not malware at all
- Mar 10, 2017
- 228
If you use automatically , usually Zemana only quarantine the files ,
But if your Zemana deletes the files , you can change in the setting ,
using quarantine still can save back the files .
By the way ,
I think Zemana official won't come here and see this post ,
if you are sure there is a false alert , you can send a email to them
Just an update, as a Zemana Official, I will be monitoring the thread. Thank you for all the input. Your contribution helps us to make the product better to aid your protection.
- Jun 21, 2017
- 616
Today the Windows Store on my Win 10 x64 machine updated the built-in MS "Mail & Calendar" app. After it had installed, I launched the mail app and my Zemana Antimalware (Premium) flagged it as malware. So I tried the calendar app and the same thing happened. Both apps were quarantined.
I could not find an option within the Zemana software to report a false positive, and I was unable to upload the file to virustotal or jotti's as the files are in the WindowsApps folder which does not permit access. So I took a screen snip to show the file paths from the quarantine. I imagine this is a FP as the app is Microsoft's own software and was updated via the Windows Store. It hasn't flagged any other version of this app - just the one released today (version 17.8500.40955.0). I did try contacting Zemana via their support page using the bug report form, but I'm not sure it went through OK (the page it redirected to after submitting didn't finish loading). Here is the snip from my quarantine.
If Zemana monitor this thread, would they be able to advise me if this is a genuine detection or a false positive? If it's a FP I'd like to restore it as I do use both. Thanks.
I could not find an option within the Zemana software to report a false positive, and I was unable to upload the file to virustotal or jotti's as the files are in the WindowsApps folder which does not permit access. So I took a screen snip to show the file paths from the quarantine. I imagine this is a FP as the app is Microsoft's own software and was updated via the Windows Store. It hasn't flagged any other version of this app - just the one released today (version 17.8500.40955.0). I did try contacting Zemana via their support page using the bug report form, but I'm not sure it went through OK (the page it redirected to after submitting didn't finish loading). Here is the snip from my quarantine.
If Zemana monitor this thread, would they be able to advise me if this is a genuine detection or a false positive? If it's a FP I'd like to restore it as I do use both. Thanks.
Attachments
This is indeed an FP. I will ask the dev to whitelist the latest files. In the meantime, restore them from Quarantine and exclude them.
Thank you for reporting.
Thank you for reporting.
- Apr 28, 2015
- 8,905
You should report to Zemana this false positive...
did that
This happened during a full scan. When this file is scanned manually by Zemana, it is safe. Odd
- Nov 28, 2016
- 80
False positive in FF search engine. Mercadolibre is a Latin American company like Amazon.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}