Assigned Zemana False Positive Report Thread

  • Thread starter Deleted Member 333v73x
  • Start date
This thread is being handled by a member of the staff.
M

Mops21

Level 35
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,489
Hi @Miss Onnellisuus

Thank you very much for your Infos

I have 1 False Positive for you

Xvirus Firewall 5.0.0.0 Beta 1.exe
Status : Gescannt
Object : %userprofile%\downloads\xvirus firewall 5.0.0.0 beta 1.exe
MD5 : 80649FA8041CE0A7C0E680F2FC6694B9
Publisher : -
Size : 1643008
Version : 5.0.0.0
Detection : Trojan:Win32/Blackoat.A!Eakt
Cleaning Action : Quarantäne
Related Objects :
Datei - %userprofile%\downloads\xvirus firewall 5.0.0.0 beta 1.exe

xvirus-firewall-setup.exe

VirusTotal

With best Regards
Mops21
 

Attachments

  • Zemana AntiMalware 2.74.2.150 FP 01.jpg
    Zemana AntiMalware 2.74.2.150 FP 01.jpg
    197.1 KB · Views: 352
  • Like
Reactions: vtqhtr413, oldschool and harlan4096
F

ForgottenSeer 69673

Thread author
Will FP"s be dealt with quicker by posting here or by clicking the send feedback link at bottom of GUI and sending the file?
 
  • Like
Reactions: AriDfoix
M

Mops21

Level 35
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,489
Hi @ZAM3_PO and Hi @Miss Onnellisuus

I have a new 1 False Positive see my screenshot

MD5 : 6623C4BCB0C51061EC7F480029FB95DF
Status : Scanned
Object : c:\program files\7-zip\7-zip.dll
Publisher :
Size : 77824
Detection : Suspicious:SRC!R
Action : Quarantine

7-zip.dll

VirusTotal

With best Regards
Mops21
 

Attachments

  • Zemana Anti-Malware 3.0 FPs 06.jpg
    Zemana Anti-Malware 3.0 FPs 06.jpg
    137.7 KB · Views: 317
  • Like
Reactions: AriDfoix, oldschool, harlan4096 and 1 other person
oldschool

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,600
Two FPs today: Firefox browser extensions Privacy Possum and Emsisoft Browser Security quarantined, but nothing shows under "Quarantine" UI so I could not restore. Once again I failed to capture screenshot prior to taking action o_O but report was sent through UI. You must have much work to do!
 
  • Like
Reactions: Moonhorse, vtqhtr413, Gandalf_The_Grey and 4 others
A

AriDfoix

Level 3
Verified
Sep 2, 2018
125
oldschool said:
Once again I failed to capture screenshot prior to taking action
Click to expand...

Hi,

tick view hidden files,

move yourself to AppData\Local\Zemana\AntiMalware\reports you will find, unless wiped, a list of files ending with .json

you can open it with notepad

to identify the threat, this product use MD5, like this "DetectionObjects":[{"MD5":"6623C4BCB0C51061EC7F480029FB95DF"

is the MD5 of 7-zip.dll

About the deletion: be sure that quarantine, and not deletion, is ticked:

zemana1.png


A personal note to Zemana, using MD5, should be avoided, at least upgrade to SHA1, there are many reasons why is now deprecated. : )
 
  • Like
Reactions: Gandalf_The_Grey, harlan4096 and oldschool
ZAM3_PO

ZAM3_PO

From Zemana
Verified
Developer
Well-known
Dec 18, 2018
132
Mops21 said:
Hi @ZAM3_PO and Hi @Miss Onnellisuus

The Feedback is submitted via the UI to you

Zemana Anti-Malware 3 is detected 18 Files see my Textfile of it

With best Regards
Mops21
Click to expand...

Thank you for informing us @Mops21. I can see that you already reported them as safe. These files should be reanalyzed and you should get accurate detection results after a short while. Let me know if the issue persists.
 
  • Like
Reactions: JM Safe, oldschool, brambedkar59 and 2 others
M

Mops21

Level 35
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,489
ZAM3_PO said:
Thank you for informing us @Mops21. I can see that you already reported them as safe. These files should be reanalyzed and you should get accurate detection results after a short while. Let me know if the issue persists.
Click to expand...

Hi @ZAM3_PO

Thank you very much for your Infos that is fixed now i have send you an new E-Mail with some Logs for you

With best Regards
Mops21
 
Last edited:
  • Like
Reactions: stefanos, oldschool, harlan4096 and 1 other person
paulderdash

paulderdash

Level 6
Verified
Well-known
Apr 28, 2015
271
With browser cleanup now integrated and not an option (which I hadn't turned on before),
yes Heimdal Thor on 127.7.7.10 here too. Reported as Safe that, plus ...
searx.me search engine on Firefox and 4 entries related to add-ons (all scanned safe with HMP, MB and Emsisoft).
 
  • Like
Reactions: Nestor
Andrew999

Andrew999

Level 24
Verified
Top Poster
Well-known
Dec 17, 2014
1,355
@ZAM3_PO @Miss Onnellisuus Ccleaner file has been detected in Zemana Anti Logger 2.0 version for a long time now.
Here is link to download file. UPLOAD.EE - CCleaner.exe - Download

208194

CCleaner.exe
Status : Scanned
Object : %programw6432%\ccleaner\ccleaner.exe
MD5 : 1F9EB07F1C292E28C089744D254DE3A2
Publisher : Piriform Software Ltd
Size : 14449664
Version : 5.52.0.6967
Detection : Malware:Win32/Quarand!Atir
Cleaning Action : Report as safe
Related Objects :
File - %programw6432%\ccleaner\ccleaner.exe

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com
 
Last edited:
  • Like
Reactions: brambedkar59 and harlan4096
M

Mops21

Level 35
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,489
Hi @ZAM3_PO and Hi @Miss Onnellisuus

I have a new 1 False Positive for you

MD5 : 1193CBE87E8C399B0D52C6789AD560ED
Status : Scanned
Object : c:\program files\7-zip\7-zip.dll
Publisher :
Size : 78336
Detection : Suspicious:SRC!P
Action : Quarantine

7-zip.dll

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

Feedback is send to you via the internal Feedback Function

With best Regards
Mops21
 

Attachments

  • Zemana Anti-Malware scan vom 23.02.2019.jpg
    Zemana Anti-Malware scan vom 23.02.2019.jpg
    108 KB · Views: 268
  • Like
  • HaHa
Reactions: brambedkar59, harlan4096 and stefanos
J

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
Mops21 said:
Hi @ZAM3_PO and Hi @Miss Onnellisuus

I have a new 1 False Positive for you

MD5 : 1193CBE87E8C399B0D52C6789AD560ED
Status : Scanned
Object : c:\program files\7-zip\7-zip.dll
Publisher :
Size : 78336
Detection : Suspicious:SRC!P
Action : Quarantine

7-zip.dll

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

Feedback is send to you via the internal Feedback Function

With best Regards
Mops21
Click to expand...
Hello @Mops21 , did you download 7-Zip from the official website (https://www.7-zip.org/download.html ) ?Thank you.
 
  • Like
Reactions: Weebarra and harlan4096

Similar threads

Andy Ful
    • Like
    • Wow
Serious Discussion Problem with submitting false positives to Norton and Bitdefender.
Replies
31
Views
3,207
General Security Discussions
partha_roy
partha_roy
Bot
    • Like
New in 2023.12: Smarter and faster detection
Replies
9
Views
889
Emsisoft
Zartarra
Zartarra
[correlate]
    • Like
Vulnerable HTTP Report
Replies
0
Views
1,094
News Archive
[correlate]
[correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top