💥 New Security Certificate. Need some help 💥

[Jeff]

Same issue on McAffe, except it dosen't explain anything why it's blocked (both the Auto-Update and the one from the Main website give the same error)

[Yincognito]

Yet the VirusTotal scan on the executable downloaded from the main site comes clean, bar the hopeless Bitdefender Theta.
https://www.virustotal.com/gui/file/6ab256e981c846937bb79d701140504d1e077987a211b72780dcb4d18355317d
What a joke!

[Active Colors]

Yet the VirusTotal scan on the executable downloaded from the main site comes clean, bar the hopeless Bitdefender Theta.
https://www.virustotal.com/gui/file/6ab256e981c846937bb79d701140504d1e077987a211b72780dcb4d18355317d
What a joke!

I tried to look at that BitDefender detected problem called "Gen:NN.Zexa". I could not find clear description about this issue from the quick search, but it seems the term "Gen:NN.Zexa" is used predominantly (or perhaps only) by BitDefender, as per the few repots here:

https://steamcommunity.com/app/684410/discussions/0/3338785229797933851/
https://github.com/m417z/Textify/issues/9
https://security.stackexchange.com/questions/229576/program-compiled-with-mingw32-is-reported-as-infected

This StackExchange thread discusses some possibilities why BitDefender could behave this way:
https://security.stackexchange.com/questions/229576/program-compiled-with-mingw32-is-reported-as-infected

The VirusTotal report above highlights that the issue(?) is with "peexe".
https://www.virustotal.com/gui/file/6ab256e981c846937bb79d701140504d1e077987a211b72780dcb4d18355317d

Is "peexe" related to the UPX compression/compiler of the installer? I am not sure, but seems that I could be right as this article suggests
https://www.alliantcybersecurity.com/when-the-hacker-is-hacked/

That article above describes the ransomware that uses that UPX compression/compiler.
This article below describes the ransomware being detected by BitDefender as "Gen:NN.Zexa", same name as Rainmeter being flagged by BitDefender now on the VirusTotal report.
https://id-ransomware.blogspot.com/2020/11/mobef-justfun-ransomware.html

But notice that in the case of the executable being identified as "ransomware", then more antivirus software flag this executable.
For example, this ransomware is flagged by BitDefender as Gen:NN.Zexa but also 50+ other anti-viruses flag this https://www.virustotal.com/gui/file/45a359e0ce3f3b2aeaf97b299ccab0d0f6308e22267fc5280574166b38fd26c8/detection

So I conclude that the problem could be with BitDefender flagging the executable due to the UPX compression/compiler because the same compression/compiler used by hackers or other viruses. (It is like if you are living on the same street as rapist, then you are automatically suspected as a rapist too.)

[Yincognito]

Is "peexe" related to the UPX compression/compiler of the installer? I am not sure, but seems that I could be right as this article suggests

No, "peexe" is just their description of a portable executable (i.e. PE) and has nothing to do with viruses:
https://en.wikipedia.org/wiki/Portable_Executable
It's just a widely used container format for "object files" (including executables):
https://en.wikipedia.org/wiki/Executable#Generation_of_executable_files
along with executable and linkable format (ELF) and probably others:
https://en.wikipedia.org/wiki/Executable_and_Linkable_Format
For example, almost every executable is described as a PE executable in disassemblers and reverse engineering tools like IDA Pro and such (which is where I first met this term over the years).

So I conclude that the problem could be with BitDefender flagging the executable due to the UPX compression/compiler because the same compression/compiler used by hackers or other viruses. (It is like if you are living on the same street as rapist, then you are automatically suspected as a rapist too.)

Yeah, it's more or less the same case with other tools like AutoIt / AutoHotkey and their scripts. Basically, looking for parts of a virus signature and rating stuff based on compression types is what's wrong with most AVs in general (the other is flagging other illegal stuff as viruses despite the fact they're not), which is why I said it's a joke. It's a consequence of the lazy heurists many AV use:
https://en.wikipedia.org/wiki/Heuristic_(computer_science)#Antivirus_software
and less concern about developping true behavioral analysis on such files, so when checking these VirusTotal reports, or discussing general AV reports, I hardly care of what the vast majority of the AVs return, and only focus on two or three solid AVs to construct my opinion on the program. Needless to say, just like other well made things in the world, such solid AVs are hard to find, everybody seems to be happy with mediocrity nowadays, especially if it sells well...

[sl23]

Sorry if I missed something in a previous post, but, do I have to install it or can I just extract and run? Does it require the act of installation in order to do what you want? I don't install software and would prefer not to.

[jsmorley]

Sorry if I missed something in a previous post, but, do I have to install it or can I just extract and run? Does it require the act of installation in order to do what you want? I don't install software and would prefer not to.

Don't do anything. The latest version with the new certificate will be automatically installed for you.

[sl23]

Ah ok, I just saw the request to help, but I suppose I'm too late! lol
Thanks for your work