Zemana AntiMalware 2 BETA

Thanks for your feedback. This could be added as a feature in the future releases.

Exactly. Our default action is to quarantine and we always pay attention to not asking questions to average users and let the advanced users change the default options.

A big NO Because, we are focused on detecting and removing malware without user interaction and keep the product as simple as possible.

A second big NO Starting from the beginning (2007), we have never bundled our products with advertisers. So, we are not one of those major players who "ASK" toolbars for making money even though we got really good offers in the past

We have fixed the empty logs issue. Regarding the BSOD, we will be waiting for the crashdump file. Actually, we have not received any BSOD reports for a long time but let's see who is behind.

Also, we have increased the visible time of alert dialogs in the latest release.

Thanks a lot for your feedback.

Event logging is fixed in this release. Regarding the item 4, I don't agree with you. Development could be in alpha+ state for every new feature but it doesn't mean that "Product" itself is in alpha+ state. This is true for the newly added features but saying this for the product imo is not fair...

 

That could be related to the operating system version but I am not sure. You must ask this to the developer.

You can test it on any given system (without Zemana products installed) by installing the Microsoft Root CA update below and scan with RCC.

http://download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe

Thanks in advance.

 

Will try that tonight.

 

@Hiltihome also said: 'Not only RCC showed the questionable 90, they where present when running certmgr.msc'
So you are saying RCC put them there? Quite probably I am not understanding this!
RCC did not show the certs pre a ZAM scan, but did after (Win 7). But with my installed version did not, before or after (Win 8.1). Strange.
@XIII - let us know the outcome.

 

@Emre TINAZTEPE
You might want to take a look here: https://malwaretips.com/threads/zemana-anti-malware-2-0-beta.41014/page-15#post-456850

 

Once again, thank you for your personal and vigorous attention to this discussion.

1) I coined "Alpha+" as I couldn't come up with anything better to express the roll-out of a stable version release averaging every two weeks since the first in February. As well the unbroken waves of betas. While the published What's New candor of your development scope and efforts to produce what clearly looks to be a cutting-edge product are admirable, my point is I cannot risk the use of ZAM on a critical system while the team irons out its operation. The work in monitoring the bork-watch here and elsewhere and watching Windows Update complete once a month (even with waiting 10 days and "adjusting" KBs accordingly) is enough white-knuckle stress for me.

2) My experience with ZAM trial is well detailed in my postings to date and to support@ - check with Armagan, please. (Please take care not to cross over my customer ID in this forum.) As I most likely will not revisit ZAM in the near future, my concern is for other users who run acute encryption routines. A user exceptions schema for widely implemented architectures is unacceptable. I suggest your team work with the applications and processes I reported.

FYI: There were no issues mounting and using VeraCrypt containers built prior to the first run of RTP ZAM trial and subsequent no-choice updates. Building a container while running ZAM was not attempted.

3) This is impossible and I'm somewhat perplexed at its apparent acceptance by members here. History is peppered with the havoc wreaked by the "oops" of developers' attempts at it. Though the need to market a fully silent solution to the masses is fully recognized and no one would begrudge the quest for success in that arena. But an optional expert mode providing forceful user intervention and precise setting granularity seems to be outside your concern and sadly unfortunate.

My fear, panic actually, is this all-automatic and locked-settings logic will migrate to Anti-Logger Premium.

 

I'm in doubt about continuing this test on my production machine.

When I open the file from the link provided UAC warns me that the publisher of the executable is Unknown, not Microsoft...

 

Why does ZAM and the rootsup.exe, recommended by Emre TINAZTEPE, install 90 Root-Certificates, half of them expired?

The answer is simple: rootsup.exe, from Microsoft update/V3 is outdated, published in 2013.
A newer version is now longer available thru microsoft download center. Newer Root Cert updates are only available thru Windows update now.

 

Hi Emre,

Thanks for sharing your analysis. However I believe there are a few inaccurate statements leading to an incorrect conclusion, I'm afraid. It should be noted that Microsoft's Rootsupd.exe has not been updated for almost a year (and possibly even longer). It still contains many old roots that are no longer trusted ( as they were removed from Microsoft's Root Certificate Program).



But I am certainly not blaming you, as Microsoft has been making things quite blurry with regards to the Root Certificate Program lately and it's generating quite a bit of confusion, even among professionals.

So for some reason Microsoft has stopped updating Rootsupd.exe, and this is why RCC correctly flags 90 certificates after that old rootsupd.exe is launched. This is why I would strongly advise against using rootsupd.exe for now, and only rely on the STL file as it contains the latest information. Please have a look into this and let me know if I'm mistaken.

 

Ouch. What is the easiest way to remove these 90+ certificates (on the one machine I got them after running ZAM)?

 

@XIII :
If you do not have a restore point, to go back, than:

open certmgr.msc
in the left column click on root certificates and expand the sub folder
in the right column sort by expiring date
mark the oldest, press and hold shift and mark the last, that has expired
press del button.

This way you get rid of half the "dirty ninety"

The rest must be done manually, or with a script, I don't have...

 

New beta working good!

 

Except. the portable is still inserting 90 questionable Root-Certificates..., without asking for permission, or at least inform about.

THIS IS NOT A FALSE POSITIVE.

It is not only RCC, showing 90 certificates, after running ZAM-portable, also certmgr.msc shows that they were inserted.
Proven on some more machines, all running WIN7-64-bit.
Also proven on a few machines, running WIN8.1-64 bit.

 

Hello Everyone,

We are working around the clock to resolve the issue as quickly as possible and apologize for any inconvenience. We will provide an update ASAP.

 

Thank you in advance, Emre.

You certainly would not put questionable certificates in users machines, without a compelling reason, do this workaround.

I do believe that Zemana is trustworthy, please proof.

 

Hello,

First of all we apologize for the inconvenience.

We have just released a new version and a registry script for deleting the outdated certificates installed by rootsupd.exe which was used in the previous version.

You can download the latest version using the links below:

http://cdn9.zemana.com/AntiMalware/2.19.1.659/Zemana.AntiMalware.Portable.exe
http://cdn9.zemana.com/AntiMalware/2.19.1.659/Zemana.AntiMalware.Setup.exe

You can delete the outdated certificates by running the following registry script:

http://cdn9.zemana.com/download/Rootsupd_Fix.zip

Below are the release notes

Zemana Anti-Malware 2.19.1.659 Beta

Wednesday, December 9, 2015 12:56 AM

• Stopped using outdated Microsoft executable for updating root certificate store which was added in previous version
  • In order to delete the outdated certificates, please download and run this registry script
  • This fix will be automatically rolled out in the upcoming versions

Credits

• Hiltihome for bringing out the issue into our attention by using Svenfaw's RCC Tool (http://trax.x10.mx/apps.html)

Here are the details about the issue introduced in the previous version:

In order to update certificate store, we used to use Microsoft's authrootstl.cab file which was updated twice a month. But we had issues with Crypto API functions which are required for using authroot.stl file. So rather than using the cab file, that was the point we decided to use Microsoft's rootsupd.exe application which was later discovered (thanks to you) to have an outdated authroot.stl file embedded inside.

Please do not hesitate to contact us if you need any further clarification in this regard.

 

Well, that was unbelievably quick!

You're really working around the clock, Emre.

Have a good night, and sleep well.

Best Regards
HiltiHome

 

Updated...Impressive!

 

Thanks to @Hiltihome, @svenfaw, @Emre TINAZTEPE - Wilders as it should be.

 

Great job @ everyone!

 

Zemana AntiMalware Free
Check it out!
https://www.zemana.com/AntiMalwareFree

 

Premium and Freemium
Freemium is a pricing strategy by which a product or service (typically a digital offering or application such as software, media, games or web services) is provided free of charge, but money (premium) is charged for proprietary features, functionality, or virtual goods.

 

Appreciated!

I will try it this weekend on the one PC that got the 90+ certificates.

 

OK-thank you, it shall be fixed

 

And here is the info about the Zemana AntiMalware 2.19.1.659 Beta

Zemana Anti-Malware 2.19.1.659 Beta

Wednesday, December 9, 2015 12:56 AM

• Stopped using outdated Microsoft executable for updating root certificate store which was added in previous version
  • In order to delete the outdated certificates, please download and run this registry script
  • This fix will be automatically rolled out in the upcoming versions
• Updated language files

Credits

• Hiltihome for bringing out the issue into our attention by using Svenfaw's RCC Tool (http://trax.x10.mx/apps.html)
• Malware1 working with us to fix several translation issues

Known Issues

• Support for safe boot mode

https://www.zemana.com/WhatsNew/?ProductID=2

With best Regards
Mops21