Solved

Webroot flags emailtray application as adware

  • 18 August 2020
  • 7 replies
  • 113 views

Userlevel 7

Webroot is flagging the email client “EMailTray” as adware causing it to continually close down?

icon

Best answer by TripleHelix 22 August 2020, 17:33

More info @acooldozen

 

False Positives have been reversed!

 

Starting Routine> Removing C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe...#(PX5: E401390800B2F45E705C05F7928FDD007B87B3AD - MD5: 398E485D5307A2E993B9F336B56AEB62 - UniqueID: 09309B60)...
Deleting File> C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe

 

 

Starting Routine> Removing C:\Users\Sonja Goliath\AppData\Local\Temp\is-25J0O.tmp\etactivator.exe...#(PX5: 0B894B32006496DF4499083F80D4B000058C7C8F - MD5: 999F343AB4071C1AB90258C734168F39 - UniqueID: 05040058)...
Deleting File> C:\Users\Sonja Goliath\AppData\Local\Temp\is-25J0O.tmp\etactivator.exe

 

 

View original

7 replies

Userlevel 7

Hi @acooldozen can you save a scan log and post the lines of detection in the log and it should be near the bottom of the log. Also if you feel it’s an FP just Submit a Support Ticket and they will look after it.

 

Thanks,

Userlevel 7

Thank you Daniel, I work remotely with a medium sized group of Olé Timers keeping their systems clean and all are using Webroot now. This is only happening with one user and emailtray application. Will complete your assignment when I next connect with the user.

Userlevel 7

Here is the info Daniel. Have submitted support ticket as well!

 

Automated Cleanup Engine
Starting Cleanup at 02/06/2020 - 22:37:26 GMT

Starting Routine> Removing C:\Users\Sonja Goliath\AppData\Local\Temp\is-25J0O.tmp\etactivator.exe...#(PX5: 0B894B32006496DF4499083F80D4B000058C7C8F - MD5: 999F343AB4071C1AB90258C734168F39 - UniqueID: 05040058)...
Deleting File> C:\Users\Sonja Goliath\AppData\Local\Temp\is-25J0O.tmp\etactivator.exe

Automated Cleanup Engine
Starting Cleanup at 02/06/2020 - 22:38:07 GMT

Starting Routine> Removing C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe...#(PX5: E401390800B2F45E705C05F7928FDD007B87B3AD - MD5: 398E485D5307A2E993B9F336B56AEB62 - UniqueID: 09309B60)...
Deleting File> C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe

Automated Cleanup Engine
Starting Cleanup at 02/06/2020 - 22:38:09 GMT

Starting Routine> Removing C:\Program Files (x86)\EmailTray\bin\etactivator.exe...#(PX5: 0B894B32006496DF4499083F80D4B000058C7C8F - MD5: 999F343AB4071C1AB90258C734168F39 - UniqueID: 09309B60)...
Deleting File> C:\Program Files (x86)\EmailTray\bin\etactivator.exe
 

Userlevel 7

Hi @acooldozen 

 

It could be a False Positive so stay with support until you hear back from them. https://www.virustotal.com/gui/file/82cd20504bb11da66f2e43380e017837a010776eac99b5a652e452efa1ef5c94/detection

 

 

Userlevel 7

More info @acooldozen

 

False Positives have been reversed!

 

Starting Routine> Removing C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe...#(PX5: E401390800B2F45E705C05F7928FDD007B87B3AD - MD5: 398E485D5307A2E993B9F336B56AEB62 - UniqueID: 09309B60)...
Deleting File> C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe

 

 

Starting Routine> Removing C:\Users\Sonja Goliath\AppData\Local\Temp\is-25J0O.tmp\etactivator.exe...#(PX5: 0B894B32006496DF4499083F80D4B000058C7C8F - MD5: 999F343AB4071C1AB90258C734168F39 - UniqueID: 05040058)...
Deleting File> C:\Users\Sonja Goliath\AppData\Local\Temp\is-25J0O.tmp\etactivator.exe

 

 

Userlevel 7

Yes, and thank you again Daniel, The latest scan this morning showed no Bads,. Had to reinstall the email app though. As usual great service from yourself and support.

Userlevel 7

Awesome and stay well Buddy! :wink:

Reply