Same issue on McAffe, except it dosen't explain anything why it's blocked (both the Auto-Update and the one from the Main website give the same error)
It is currently September 20th, 2024, 11:49 pm
💥 New Security Certificate. Need some help 💥
-
- Posts: 349
- Joined: September 3rd, 2018, 11:18 am
-
- Rainmeter Sage
- Posts: 8195
- Joined: February 27th, 2015, 2:38 pm
- Location: Terra Yincognita
Re: 💥 New Security Certificate. Need some help 💥
Yet the VirusTotal scan on the executable downloaded from the main site comes clean, bar the hopeless Bitdefender Theta.
https://www.virustotal.com/gui/file/6ab256e981c846937bb79d701140504d1e077987a211b72780dcb4d18355317d
What a joke!
https://www.virustotal.com/gui/file/6ab256e981c846937bb79d701140504d1e077987a211b72780dcb4d18355317d
What a joke!
-
- Moderator
- Posts: 1315
- Joined: February 16th, 2012, 3:32 am
- Location: Berlin, Germany
Re: 💥 New Security Certificate. Need some help 💥
I tried to look at that BitDefender detected problem called "Gen:NN.Zexa". I could not find clear description about this issue from the quick search, but it seems the term "Gen:NN.Zexa" is used predominantly (or perhaps only) by BitDefender, as per the few repots here:Yincognito wrote: ↑August 9th, 2024, 8:51 am Yet the VirusTotal scan on the executable downloaded from the main site comes clean, bar the hopeless Bitdefender Theta.
https://www.virustotal.com/gui/file/6ab256e981c846937bb79d701140504d1e077987a211b72780dcb4d18355317d
What a joke!
https://security.stackexchange.com/questions/229576/program-compiled-with-mingw32-is-reported-as-infected
The VirusTotal report above highlights that the issue(?) is with "peexe".
https://www.virustotal.com/gui/file/6ab256e981c846937bb79d701140504d1e077987a211b72780dcb4d18355317d
Is "peexe" related to the UPX compression/compiler of the installer? I am not sure, but seems that I could be right as this article suggests
https://www.alliantcybersecurity.com/when-the-hacker-is-hacked/
That article above describes the ransomware that uses that UPX compression/compiler.
This article below describes the ransomware being detected by BitDefender as "Gen:NN.Zexa", same name as Rainmeter being flagged by BitDefender now on the VirusTotal report.
https://id-ransomware.blogspot.com/2020/11/mobef-justfun-ransomware.html
But notice that in the case of the executable being identified as "ransomware", then more antivirus software flag this executable.
For example, this ransomware is flagged by BitDefender as Gen:NN.Zexa but also 50+ other anti-viruses flag this https://www.virustotal.com/gui/file/45a359e0ce3f3b2aeaf97b299ccab0d0f6308e22267fc5280574166b38fd26c8/detection
So I conclude that the problem could be with BitDefender flagging the executable due to the UPX compression/compiler because the same compression/compiler used by hackers or other viruses. (It is like if you are living on the same street as rapist, then you are automatically suspected as a rapist too.)
-
- Rainmeter Sage
- Posts: 8195
- Joined: February 27th, 2015, 2:38 pm
- Location: Terra Yincognita
Re: 💥 New Security Certificate. Need some help 💥
No, "peexe" is just their description of a portable executable (i.e. PE) and has nothing to do with viruses:Active Colors wrote: ↑August 9th, 2024, 11:16 amIs "peexe" related to the UPX compression/compiler of the installer? I am not sure, but seems that I could be right as this article suggests
https://en.wikipedia.org/wiki/Portable_Executable
It's just a widely used container format for "object files" (including executables):
https://en.wikipedia.org/wiki/Executable#Generation_of_executable_files
along with executable and linkable format (ELF) and probably others:
https://en.wikipedia.org/wiki/Executable_and_Linkable_Format
For example, almost every executable is described as a PE executable in disassemblers and reverse engineering tools like IDA Pro and such (which is where I first met this term over the years).
Yeah, it's more or less the same case with other tools like AutoIt / AutoHotkey and their scripts. Basically, looking for parts of a virus signature and rating stuff based on compression types is what's wrong with most AVs in general (the other is flagging other illegal stuff as viruses despite the fact they're not), which is why I said it's a joke. It's a consequence of the lazy heurists many AV use:Active Colors wrote: ↑August 9th, 2024, 11:16 amSo I conclude that the problem could be with BitDefender flagging the executable due to the UPX compression/compiler because the same compression/compiler used by hackers or other viruses. (It is like if you are living on the same street as rapist, then you are automatically suspected as a rapist too.)
https://en.wikipedia.org/wiki/Heuristic_(computer_science)#Antivirus_software
and less concern about developping true behavioral analysis on such files, so when checking these VirusTotal reports, or discussing general AV reports, I hardly care of what the vast majority of the AVs return, and only focus on two or three solid AVs to construct my opinion on the program. Needless to say, just like other well made things in the world, such solid AVs are hard to find, everybody seems to be happy with mediocrity nowadays, especially if it sells well...
-
- Posts: 1705
- Joined: February 17th, 2011, 7:45 pm
- Location: a Galaxy S7 far far away
Re: 💥 New Security Certificate. Need some help 💥
Sorry if I missed something in a previous post, but, do I have to install it or can I just extract and run? Does it require the act of installation in order to do what you want? I don't install software and would prefer not to.
57686174 77696C6C 6265 77696C6C 6265
-
- Developer
- Posts: 22749
- Joined: April 19th, 2009, 11:02 pm
- Location: Fort Hunt, Virginia, USA
Re: 💥 New Security Certificate. Need some help 💥
Don't do anything. The latest version with the new certificate will be automatically installed for you.
-
- Posts: 1705
- Joined: February 17th, 2011, 7:45 pm
- Location: a Galaxy S7 far far away
Re: 💥 New Security Certificate. Need some help 💥
Ah ok, I just saw the request to help, but I suppose I'm too late! lol
Thanks for your work
Thanks for your work
57686174 77696C6C 6265 77696C6C 6265