Zemana AntiMalware 2 BETA

I saw your screenshot. As my post indicates, I scanned Calibre with ZAM and it came up clean. NO FP.

It's puzzling as to why ZAM gave Calibre a clean bill of health on both my computers, but not on yours. Of course, my ZAM & Calibre are in English whereas yours is in German, but that shouldn't make a difference, should it?

By the way, which Ebook reader do you use (I need a better one)?

 

I have had that “Suspicous:SRC!P” (on other files) as well.

What does it refer to?

 

It's a detection from Zemana's heuristics and often they are false positives.

 

SugarSync, a legit app, but not in the eyes of ZAM.


Click on the screenshot, to enlarge

 

YES! For those folks who are troubled by ZAM's "suspicious" alerts, here a few thoughts....

Check the Antivirus test report at HERE. It's a bar chart depicting the results of testing several of the leading antirus apps.

• Notice the red line that travels across the base of the bar chart. That line records the number of False Positives (FP) detected by each of the Antivirus apps.
• The scale for the number of FPs is on the right side of the bar chart.
• Notice, also, that Microsoft (Windows Defender) is, by far, the "champion" FP generator. However, F-Secure, Norton (Symantec), and Panda also had fairly high FPs.
• The point here is that FPs are NOT uncommon for Antivirus apps that are aggressively defending the computers where they reside.

As you know, Antivirus apps use a combination of methods in seeking to detect malware.

• One method is *signatures*. Signatures can only be developed AFTER a malware is initially detected. Thus, signatures will NOT detect malware that is new or "zero day."
• Therefore, Antivirus apps use different methods in order to detect new, previously undetected malware for which signatures do not yet exist. These other methods include HIPS, behavior blockers, whitelists, "reputation", heuristics (ZAM's method), etc.
• These other methods often are watching for suspicious activities that are *typical* activities of malware. However, legitimate software will sometimes do these same kind of *suspicious* activities, but for legitimate purposes. When that happens, FPs occur.

ZAM is aggressive. ZAM is primarily a "second opinion" scanner. As such, one of its main jobs is to detect malware that somehow slips by a user's main Antivirus program. Thus, ZAM needs to be aggressive or it is of little value as a second opinion.

As @roger_m noted, ZAM's heuristics are often the main source of ZAM's FPs.

• As @XIII noted, heuristic detections are often reported as "Suspicious". (As to "SRCIP" see HERE.)
  
• "Suspicious" means that ZAM's signatures didn't see a problem, but its heuristics noted an activity that malware sometimes uses.
• So ZAM is merely telling its user to be careful and THINK.

In my case:

• If a "suspicious" app is something I have used for a long time and I am very sure of its "okay" status, I simply tell ZAM to ignore it.
• If I am NOT sure of the "suspicious" app, then I revert to a clean image** and report the problem to the app's producer and to Zemana.

** In my opinion, THE most important security app nowadays is imaging software such as Macrium Reflect or R-Drive Image. I image at least weekly to a separate drive, & retain images for at least 3 months.
~~~~~~~~~~~~~~~~~~~~~~~

NOTE: I am a ZAM booster but I am by NO means a fan-boy. Until the new, revitalized ZAM has been independently tested &/or has otherwise established a more definitive track record, it is by no means a "proven" substitute for apps such as MBAM. Further, ZAM is not designed to be a *primary* antimalware. It should only be used as an adjunct to proven apps such as ESET, Bitdefender, & Kaspersky.

 

Thank you bellgamin for your informative post about ZAM. I had an incorrect idea about it. I don't believe it it for me, too aggressive.

 

No matter why, to much is to much.


Foobar 2000

 

Yes and that's fine for more experienced users who understand that the files are detected by heuristics and that they may not be malicious. But it will be an issue for those who assume that everything detected is malicious and remove everything that gets detected. But to fair, as you noted, it's certainly not just an issue with Zemana.

 

For those folks who want great protection with very low FPs, the following AVs are good alternatives: Kaspersky, Bitdefender, Vipre, & Total Defense. To a large degree, they can be "set it & forget it" AV's.

ESET is another good option because (a) it's a great AV, (b) it has a very responsive forum when one wants to discuss FPs & other issues.

However, a second opinion scanner, such as ZAM, is still VERY useful if someone's computer contains sensitive info, such as finances or other *private* info. This is especially true if someone engages in activities such as messing with cracks or porn, or loves to trial every new app that comes along, or surfs the dark web, or trolls security forums, or has limited knowledge of good security practices, or whose computer may be mis-used by youth or careless people.

 

Hi all

Zemana AntiMalware 3.1.395 Beta

https://www.zemana.com/whats-new

With best Regards
Mops21

 

Not sure if this is the right place to ask, but here goes, just in case:

Would it be accurate to say that ZAM Premium is a combination of ZAL and regular ZAM?

Thanks.

 

No, it would not. ZAL is separate from ZAM (either 2.7.xx or 3.1.xx versions). Premium versions of ZAL or the two ZAMs provides real-time protection FWIW. I wouldn't bother with it myself.

 

Thanks very much. I've read Zemana's descriptions of ZAL and ZAM on their website but am having a hard time telling the difference between them. Somehow the product info doesn't seem to be quite specific/detailed enough to know what each program does relative to the other. Maybe I just haven't found the right pages on the Zemana website. A product chart comparing the features of ZAM, ZAM Premium, ZAL, and ZAL Premium would be helpful. I thought I had the distinction nailed down (the way I'd described them above), but I guess that's not the case.

 

ZAL incorporates anti-keylogging with the protections of ZAM. ZAL and the old ZAM are now outdated products for real time protection. Zemana has moved on to the new version (as above) and its real time protection is questionable as well. ZAM 2.7..xx is still good as a free 2nd opinion scanner and is superior to the real time protection component. The old ZAM free version is still available if you search for it at other download sites, not at Zemana's website.

 

Thanks for this, good to know!

 

Not so sure for this .

I send a email to Zemana at end of July ,
and here is my questions :

1.
Did the old portable version (v2.XX) still working ?
2.
If the portable version is already in the future plans ,
Is there any expected or estimated release time ?

And here is Zemana's official reply :

From official reply , seems portable(v2.XX) are already stop update for virus definition ,
I think this will affect the results and detection rate of the scan.

 

On my daily experience with customer machines, the portable V2.XX is superior.

While V3.XX flags unknown files as suspicious and checks the quarantaene box,
V2.XX uploads them to the cloud and recognizes them as what they are: clean.

 

They obviously don't get it right.
The highlighted extension is Google remote desktop.
The second extension is clean.
Intel files are clean also.

 

Lots of FPs with version 3.1.xx.

@KevinYu0504 They may not update definitions in 2.74.xx as Zemana claims, but more malware testers still rely on it instead of the new version.

And if they believe what they say, why are they still selling Zemana Anti Logger when it is based on the old ZAM version. It's hard to believe anything that Zemana says nowadays.

 

For now, it seems that v2 has better detection rates and far less false positives.

 

I guess they still selling ZAL is because it's still available ?
ZAL is the only product had keystroke encryption function ,
and won't need any update to work .

Maybe Zemana really need more money ,
so they didn't remove the old product ?

Same feeling ,
but i am not so sure , can't proof it .

When i ask about detection rates between v2 and v3 ,
this is what Zemana official reply to me on Malwaretips forum :

Even Zemana claiming that v3 is better than v2 ,
still can't explain why so many FP .

Also , always often see news of engineers leaving Zemana ,
makes people doubt what happened on Zemana ,
and did they really solve the crisis that occurred within the company at the end of 2017 ?

 

I hope, they do not upgrade users with paid version to V3.XX
This would cause me issues with customers that I recommended ZAM V2.XX

 

ZAM still has GUI bugs to iron out. On the GUI for my ZAM license, as illustrated below, notice that the Activation Date is 5/9/2019 and the Expiration Date is correctly shown as 5/9/2022, showing that I paid for a 3-year subscription.

Even so, the GUI says I have ZERO days left, and (in the lower portion) says that my license is expired.

I have opened a ticket at Zemana's site.

 

Zemana AntiMalware v3.1.395 (September 6, 2019)
Changelog

 

Zemana replied to the ticket. They view the issue as "interesting" and they have created a task to "investigate it further".

Not quite the response I was hoping for but their fast reply indicates that, at least, someone is "taking care of business." All too many security software proponents never even acknowledge customer requests.