Zemana AntiMalware 2 BETA

https://zemana.com/WhatsNew/?ProductID=2

Zemana Anti-Malware 2.18.1.634 Beta

Wednesday, December 2, 2015 12:05 PM

• Minor bug fixes and improvements
• Improved partner system
• Fixed issues with translation files

Credits

• malware1
• Pchb1

Known Issues

• Support for safe boot

 

https://zemana.com/WhatsNew/?ProductID=2

Zemana Anti-Malware 2.18.2.634
Thursday, December 3, 2015 1:34 PM

• This is the stable release of the previous BETA version (2.18.1.634)

 

"Improved partner system" - I don't know what that means, but hopefully it doesn't include any adds or pop-ups from some of their "partners".

I have been real time protection free on my main machine for well over two years without a single issue - No AV, no nothin'. I did test several AVs, AMs while using Time Freeze, but they always slowed my machine down too much for me to actually install them for real.......... Once you get used to the response of a machine with no real time protection, it's hard to go back to any slowdowns.

Then I tested ZAM and was completely impressed with its invisibility on the system, so it got installed for real. I am an experienced, low risk user, but it is nice having the extra protection of ZAM............. Hopefully they keep it invisible, and that includes pop-ups of any, and all kinds.

 

I submitted a bug report at Zemana's support@. And here, with a bit less detail, as an FYI.

Windows 7 HP SP1 x64 - Anti-Malware Trial

To begin: when ZAM's not running, these issues do not exist:

Ever since 2.18.2.519 I have been seeing "blocking dangerous file" alerts thereafter both the Quarantine and Reports panes are empty.

These occur when working with my encrypted self-extracting 7Z and ARC weekly backup and archives, using AES and Serpent256. And with files created with Steganos Locknote 1.5.2, which uses AES. The system (3rd gen i7, 16GB RAM) becomes sluggish and unresponsive.

What's worse, after these occurrences, opening a local portable password manager whose db files are Twofish encrypted, a BSOD will occur. Two so far, the first a surprise, the second a test - which I won't do again. (The only BSODs so far were a RAM stick fail earlier this year and an AMD video driver issue when I built this system almost four years ago.)

In fact, the Locknote files and the pw manager folder were excluded in ZAM since I started using it. (Their exclusions have been a consistent strategy over the years.) Excluding the Z7 and ARC components resolves some of the problem, but not completely.

BTW, those alerts go by so fast they're almost impossible to read.

Today's update to .634 - no fix.

 

I think it is something related to the cloud detection (Metascan).

 

Makes sense.............. Thanks!

 

Thanks for the reply.

The funny thing is there were none listed there when blocking occurred.

 

Zemana Anti-Malware 2.18.2.634

Working fine!

Win 10 x64 with WSA and Adguard.

 

https://zemana.com/WhatsNew/?ProductID=2

Zemana Anti-Malware 2.19.1.502 Beta

Friday, December 4, 2015 3:04 PM

• Highly improved IntelliGuard+ database
  • This version updates signatures every five minutes and thus it is much more responsive at detecting zero-day threats
• Major improvements in real time protection module
• Improved user experience in real time protection alert handling
  • Changed alert style
  • Added an option to ask user
• Improved browser extension cleaning
• Minor bug fixes and improvements

 

Whoopee !

Updated. Seems to be running smoothly.

 

http://cdn9.zemana.com/AntiMalware/2.19.1.502/Zemana.AntiMalware.Setup.exe
http://cdn9.zemana.com/AntiMalware/2.19.1.502/Zemana.AntiMalware.Portable.exe

 

It's working fine...

 

Gettin' better with each new release.....

 

This new release is already a favorite of mine, amazing piece of software

 

every 5 minutes? That's way too much, imo.

 

Just tested the latest beta release against a fresh of pack malware and it blocked all except one, which in any case looks like a false positive.

By way of (unscientific) comparison my regular a/v blocked all but three, whereas the "market leader" second opinion scanner failed to identify sixty nine.

ZAM also blocked the latest incarnation of Cryptowall 4 which is now being delivered as an exploit payload, although it is likely that most other a/v software is now doing likewise.

Well done ZAM - seems to be getting better with every release.

 

Tell that to those guys that got infected....

 

RE my post 1429...

I've exhausted attempts to implement an exclusions scheme that works around the issues when building Serpent and AES encrypted 7Z and ARC self-extracting archives and Locknote files.

And that Anti-Malware will present a split-second block alert without logging the event is a serious flaw.

I have un-installed the stable 2.18.2.634 trial because:
1) the issues described above,
2) my discomfort with TCP banging OpenDNS (or anything with any in-the-clear protocol) every five seconds,
3) the incredibly invasive right-now no-choice behavior of the UI "Check Updates" and the right-now no-choice automatic updates on ZAM startup,
4) the average every-other-day stable and beta releases suggests the development is still in an alpha+ state.

With regard to four, this is a Good Thing, of course, and ZAM is exemplary. But not for a production machine running critical processes. Like building encrypted backups for cloud storage.

As for three, it's incredulous this is acceptable to so many Wilders members.
•Or has this been resolved with "Added an option to ask user" in today's beta??

In the meantime, I continue to rely on Anti-Logger Pro (and some others) for its protection and wish none of these hair-brained automatic schemes migrate to it.

Hopefully, a revisit to Anti-Malware in a the near future will be rewarding and I'll keep this thread in my RSS feeds.

 

It was every 30. Emri posted up a short while back an anticipated change to every 15. Maybe a mis-info in the changelog??

Someone monitor the signatures.db in the AppData local folder. That should clear up the pondering in less than an hour.

Although five minutes is OK.

 

Let's do it every second then.........

There are some drawbacks if the software phone home every 5 minutes, imo.

 

Yes, noted.

 

Why does ZAM (portable), latest stable and latest beta, insert 90 Root-Certificates (Half of them expired) in the WIN7 Cert-Store?

Before I ran ZAM, I created a restore point.
I tested on 9 machines and 7 where affected.

Not only RCC showed the questionable 90, they where present when running certmgr.msc

Restored Windows, and the dirty ninety where gone.

This is a serious issue, that needs to be fully disclosed.

Spoiler: Dirty Ninety

RCC 1.55.247 (c) 2015 @hexatomium - All rights reserved
For long-term use in a production environment, please email cubaguy@gmail.com.

Scanning baselines available: 1
Definitions updated: 2015-11-28


*** Scanning Windows root CA store... (Baseline selected: RCC1_STD_MSCTL)

Number of 'interesting' items: 90 (Not part of baseline)

E392512F0ACFF505DFF6DE067F7537E165EA574B: NetLock Expressz (Class C) Tanus
Time of insertion: 2015-12-01 19:54:23 UTC

FAAA27B8CAF5FDF5CDA98AC3378572E04CE8F2E0: scr@registradores.org
Time of insertion: 2015-12-01 19:54:23 UTC

8CC4307BC60755E7B22DD9F7FEA245936C7CF288: TC TrustCenter Universal CA II
Time of insertion: 2015-12-01 19:54:23 UTC

67EB337B684CEB0EC2B0760AB488278CDD9597DD: DST RootCA
Time of insertion: 2015-12-01 19:54:23 UTC

CC7EA292AF8715D74CA4B415F320154B24F565FD: SA
Time of insertion: 2015-12-01 19:54:23 UTC

D29F6C98BEFC6D986521543EE8BE56CEBC288CF3: certificate@trustcenter.de
Time of insertion: 2015-12-01 19:54:23 UTC

54F9C163759F19045121A319F64C2D0555B7E073: Certisign - Autoridade Certifica
Time of insertion: 2015-12-01 19:54:23 UTC

85B5FF679B0C79961FC86E4422004613DB179284: America Online Root Certificatio
Time of insertion: 2015-12-01 19:54:23 UTC

F5C27CF5FFF3029ACF1A1A4BEC7EE1964C77D784: CertRSA01
Time of insertion: 2015-12-01 19:54:23 UTC

E5DF743CB601C49B9843DCAB8CE86A81109FE48E: http://www.
Time of insertion: 2015-12-01 19:54:23 UTC

EDB3CB5FB419A185066267E5791554E1E28B6399: SA
Time of insertion: 2015-12-01 19:54:23 UTC

40E78C1D523D1CD9954FAC1A1AB3BD3CBAA15BFC: Tha
Time of insertion: 2015-12-01 19:54:23 UTC

394FF6850B06BE52E51856CC10E180E882B385CC: Equifax Secure eBusiness CA-2
Time of insertion: 2015-12-01 19:54:23 UTC

317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6: http://www.
Time of insertion: 2015-12-01 19:54:23 UTC

049811056AFE9FD0F5BE01685AACE6A5D1C4454C: VeriSign Trust Network
Time of insertion: 2015-12-01 19:54:23 UTC

A1DB6393916F17E4185509400415C70240B0AE6B: Class 3 Public Primary Certifica
Time of insertion: 2015-12-01 19:54:26 UTC

DA40188B9189A3EDEEAEDA97FE2F9DF5B7D18A41: Equifax Secure eBusiness CA-1
Time of insertion: 2015-12-01 19:54:23 UTC

96974CD6B663A7184526B1D648AD815CF51E801A: VeriSign Individual Software Pub
Time of insertion: 2015-12-01 19:54:23 UTC

93E6AB220303B52328DCDA569EBAE4D1D1CCFB65: Wells Fargo Root Certificate Aut
Time of insertion: 2015-12-01 19:54:23 UTC

97E2E99636A547554F838FBA38B82E74F89A830A: VeriSign Trust Network
Time of insertion: 2015-12-01 19:54:23 UTC

DBAC3C7AA4254DA1AA5CAAD68468CB88EEDDEEA8: GTE CyberTrust Root
Time of insertion: 2015-12-01 19:54:23 UTC

838E30F77FDD14AA385ED145009C0E2236494FAA: certificate@trustcenter.de
Time of insertion: 2015-12-01 19:54:23 UTC

A5EC73D48C34FCBEF1005AEB85843524BBFAB727: Class 2 Public Primary Certifica
Time of insertion: 2015-12-01 19:54:23 UTC

CFF810FB2C4FFC0156BFE1E1FABCB418C68D31C5: Certisign Autoridade Certificado
Time of insertion: 2015-12-01 19:54:23 UTC

3070F8833E4AA6803E09A646AE3F7D8AE1FD1654: Agence
Time of insertion: 2015-12-01 19:54:23 UTC

24BA6D6C8A5B5837A48DB5FAE919EA675C94D217: IPS SERVIDORE
Time of insertion: 2015-12-01 19:54:23 UTC

3F85F2BB4A62B0B58BE1614ABB0D4631B4BEF8BA: VeriSign Trust Network
Time of insertion: 2015-12-01 19:54:23 UTC

4F65566336DB6598581D584A596C87934D5F2AB4: Class 3 Public Primary Certifica
Time of insertion: 2015-12-01 19:54:26 UTC

E619D25B380B7B13FDA33E8A58CD82D8A88E0515: A-Trust-Qual-01
Time of insertion: 2015-12-01 19:54:23 UTC

879F4BEE05DF98583BE360D633E70D3FFE9871AF: NetLock Uzleti (Class B) Tanusit
Time of insertion: 2015-12-01 19:54:23 UTC

68ED18B309CD5291C0D3357C1D1141BF883866B1: Xcert EZ b
Time of insertion: 2015-12-01 19:54:23 UTC

69BD8CF49CD300FB592E1793CA556AF3ECAA35FB: http://www.
Time of insertion: 2015-12-01 19:54:23 UTC

AB48F333DB04ABB9C072DA5B0CC1D057F0369B46: DSTCA E2
Time of insertion: 2015-12-01 19:54:23 UTC

679A4F81FC705DDEC419778DD2EBD875F4C242C6: A-Trust-Qual-02
Time of insertion: 2015-12-01 19:54:23 UTC

A9628F4B98A91B4835BAD2C1463286BB66646A8C: Autor
Time of insertion: 2015-12-01 19:54:23 UTC

9FC796E8F8524F863AE1496D381242105F1B78F5: certificate@trustcenter.de
Time of insertion: 2015-12-01 19:54:23 UTC

A3E31E20B2E46A328520472D0CDE9523E7260C6D: D.0.9.2342.19200300.100.1.3ca@di
Time of insertion: 2015-12-01 19:54:23 UTC

688B6EB807E8EDA5C7B17C4393D0795F0FAE155F: VeriSign Commercial Software Pub
Time of insertion: 2015-12-01 19:54:23 UTC

9FAD91A6CE6AC6C50047C44EC9D4A50D92D84979: Thawt
Time of insertion: 2015-12-01 19:54:23 UTC

8E1032E9245944F84791983EC9E829CB1059B4D3: a-cert@argedaten.at
Time of insertion: 2015-12-01 19:54:23 UTC

CFF360F524CB20F1FEAD89006F7F586A285B2D5B: VeriSign Trust Network
Time of insertion: 2015-12-01 19:54:23 UTC

E3D73606996CDFEF61FA04C335E98EA96104264A: D-TRUST Qualified Root CA 1 2007
Time of insertion: 2015-12-01 19:54:23 UTC

51A44C28F313E3F9CB5E7C0A1E0E0DD2843758AE: A-Trust-nQual-01
Time of insertion: 2015-12-01 19:54:23 UTC

0446C8BB9A6983C95C8A2E5464687C1115AAB74A: BG + OInfoNotary PLC + DCroot-c
Time of insertion: 2015-12-01 19:54:23 UTC

EC0C3716EA9EDFADD35DFBD55608E60A05D3CBF3: DST (UPS)
Time of insertion: 2015-12-01 19:54:23 UTC

4463C531D7CCC1006794612BB656D3BF8257846F: Secure Server Certification Auth
Time of insertion: 2015-12-01 19:54:23 UTC

CE6A64A309E42FBBD9851C453E6409EAE87D60F1: Class 1 Public Primary Certifica
Time of insertion: 2015-12-01 19:54:23 UTC

BC9219DDC98E14BF1A781F6E280B04C27F902712: DST-Entrust GTI CA
Time of insertion: 2015-12-01 19:54:23 UTC

7030AABF8432A800666CCCC42A887E42B7553E2B: eSign Imperito Primary Root CA
Time of insertion: 2015-12-01 19:54:23 UTC

CFDEFE102FDA05BBE4C78D2E4423589005B2571D: DST (NRF)
Time of insertion: 2015-12-01 19:54:23 UTC

2964B686135B5DFDDD3253A89BBC24D74B08C64D: A-CERT ADVANCE
Time of insertion: 2015-12-01 19:54:23 UTC

36863563FD5128C7BEA6F005CFE9B43668086CCE: T
Time of insertion: 2015-12-01 19:54:23 UTC

209900B63D955728140CD13622D8C687A4EB0085:
Time of insertion: 2015-12-01 19:54:23 UTC

89C32E6B524E4D65388B9ECEDC637134ED4193A3: Macao Post eSignTrust Root Certi
Time of insertion: 2015-12-01 19:54:23 UTC

B1B2364FD4D4F52E89B2D0FAF33E4D62BD969921: SA
Time of insertion: 2015-12-01 19:54:23 UTC

7AC5FFF8DCBC5583176877073BF751735E9BD358: SecureNet CA Class B
Time of insertion: 2015-12-01 19:54:23 UTC

5F4E1FCF31B7913B850B54F6E5FF501A2B6FC6CF: KISA RootCA 3
Time of insertion: 2015-12-01 19:54:23 UTC

0B77BEBBCB7AA24705DECC0FBD6A02FC7ABD9B52: VeriSign Trust Network
Time of insertion: 2015-12-01 19:54:23 UTC

8B1A1106B8E26B232980FD652E6181376441FD11: Certificado Empresarial Clase-A
Time of insertion: 2015-12-01 19:54:23 UTC

B3EAC44776C9C81CEAF29D95B6CCA0081B67EC9D: VeriSign Trust Network
Time of insertion: 2015-12-01 19:54:23 UTC

78E9DD0650624DB9CB36B50767F209B843BE15B3: Class 1 Public Primary Certifica
Time of insertion: 2015-12-01 19:54:23 UTC

9078C5A28F9A4325C2A7C73813CDFE13C20F934E: D.0.9.2342.19200300.100.1.3corre
Time of insertion: 2015-12-01 19:54:23 UTC

E70715F6F728365B5190E271DEE4C65EBEEACAF3: Telekom-Control-Kommission Top 1
Time of insertion: 2015-12-01 19:54:23 UTC

D904080A4929C838E9F185ECF7A22DEF99342407: Agence
Time of insertion: 2015-12-01 19:54:23 UTC

8EFDCABC93E61E925D4D1DED181A4320A467A139: Autoridade Certificadora Raiz Br
Time of insertion: 2015-12-01 19:54:23 UTC

4F555CE20DCD3364E0DC7C41EFDD40F50356C122: CERTICAMARA S.A.
Time of insertion: 2015-12-01 19:54:23 UTC

6A6F2A8B6E2615088DF59CD24C402418AE42A3F1: Primary Utility Root CA
Time of insertion: 2015-12-01 19:54:23 UTC

A399F76F0CBF4C9DA55E4AC24E8960984B2905B6: TC TrustCenter Time Stamping CA
Time of insertion: 2015-12-01 19:54:23 UTC

B9CD0CF69835EABF3F137F2049E4C924878477DB: Root CA
Time of insertion: 2015-12-01 19:54:23 UTC

67248980DE775D2C9B04E40307940BADB351F395: CESAM
Time of insertion: 2015-12-01 19:54:23 UTC

21FCBD8E7F6CAF051BD1B343ECA8E76147F20F8A: TDC Internet Root CA
Time of insertion: 2015-12-01 19:54:23 UTC

0048F8D37B153F6EA2798C323EF4F318A5624A9E: Certisign Autoridade Certificado
Time of insertion: 2015-12-01 19:54:23 UTC

E0AB059420725493056062023670F7CD2EFC6666: Tha
Time of insertion: 2015-12-01 19:54:23 UTC

E0925E18C7765E22DABD9427529DA6AF4E066428: Hongkong Post Root CA
Time of insertion: 2015-12-01 19:54:23 UTC

7639C71847E151B5C7EA01C758FBF12ABA298F7A: DST (ANX Network) CA
Time of insertion: 2015-12-01 19:54:23 UTC

7A74410FB0CD5C972A364B71BF031D88A6510E9E: ABA.ECO
Time of insertion: 2015-12-01 19:54:23 UTC

CFE4313DBA05B8A7C30063995A9EB7C247AD8FD5: ipsCA Main C
Time of insertion: 2015-12-01 19:54:23 UTC

90DEDE9E4C4E9F6FD88617579DD391BC65A68964: GTE CyberTrust Root
Time of insertion: 2015-12-01 19:54:23 UTC

720FC15DDC27D456D098FABF3CDD78D31EF5A8DA: certificate@trustcenter.de
Time of insertion: 2015-12-01 19:54:23 UTC

97226AAE4A7A64A59BD16787F27F841C0A001FD0: CCA India 2007
Time of insertion: 2015-12-01 19:54:23 UTC

B19DD096DCD4E3E0FD676885505A672C438D4E9C: VeriSign Individual Software Pub
Time of insertion: 2015-12-01 19:54:23 UTC

273EE12457FDC4F90C55E82B56167F62F532E547: VeriSign Trust Network
Time of insertion: 2015-12-01 19:54:23 UTC

4EFCED9C6BDD0C985CA3C7D253063C5BE6FC620C: Certisign - Autoridade Certifica
Time of insertion: 2015-12-01 19:54:23 UTC

C73026E325FE21916B55C4B53A56B13DCAF3D625: Gatekeeper Root CA
Time of insertion: 2015-12-01 19:54:23 UTC

B72FFF92D2CE43DE0A8D4C548C503726A81E2B93: DST RootCA
Time of insertion: 2015-12-01 19:54:23 UTC

81968B3AEF1CDC70F5FA3269C292A3635BD123D3: DSTCA E1
Time of insertion: 2015-12-01 19:54:23 UTC

3C71D70E35A5DAA8B2E3812DC3677417F5990DF3: ipsCA Glob
Time of insertion: 2015-12-01 19:54:23 UTC

90AEA26985FF14804C434952ECE9608477AF556F: Class 1 Public Primary Certifica
Time of insertion: 2015-12-01 19:54:23 UTC

6782AAE0EDEEE21A5839D3C0CD14680A4F60142A: Class 2 Public Primary Certifica
Time of insertion: 2015-12-01 19:54:23 UTC

BC7B3C6FEF26B9F7AB10D7A1F6B67C5ED2A12D3D: Post.Trust Root CA
Time of insertion: 2015-12-01 19:54:23 UTC


The items highlighted above might represent a security risk. It is highly
recommended to review their purpose, and distrust them if appropriate.


Hit any key to quit.

 

I too, run the portable version on XP, and I can't tell whether the same thing has happened, since I can't check with RCC, as it is incompatible with XP. Not good!

 

Can confirm your finding. Hmm ...
Using RCC, 3 questionable certificates before, 93 after running ZAM Portable 2.19.1.502.
Does not happen with installed version of ZAM.
Busy restoring.
@Emre TINAZTEPE ?

 

I run the latest stable portable version of ZAM on Windows 10 x64, but RCC does not report 90+ certificates on my system (only 2, which seems to be almost correct).