Zemana AntiMalware

Discussion in 'other anti-malware software' started by Wendi, Oct 12, 2019.

  1. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Well, IMO, if they are still taking people's money, they should still be working to keep it current. This is not something that can only be done in "the office".
     
  2. Bertazzoni

    Bertazzoni Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    652
    Location:
    Milan, Italia
    You can put a fork into Zemana! They were as good as dead long before Covid.
     
  3. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    An official announcement would be nice.
     
  4. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    :thumb:
     
  5. Stelica

    Stelica Registered Member

    Joined:
    Nov 10, 2014
    Posts:
    71
    Location:
    Romania
    Zemana mobile antivirus last update 25.04.
     
  6. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Recent posts quoted me as posting: "There's a remote possibility that they may resurrect again." Those posts ignored the fuller context of my post, which was...
    Based on TWO past actual experiences where ZAM came out of the doldrums, I still have hopes that ZAM will be revived again once this bloody pandemic settles down. ZAM's engine still works splendidly, & it is relatively fast & efficient. However, I have NO idea as to the current status of its sigs because my computers (all Win 7) are preternatually clean.

    I take note that all those who have pronounced ZAM as moribund have offered no specific factual basis for their statement except that it's been a long while since we heard from their reps. No one has offered any indicators of abandonement such as out-dated sigs. By the way, the version 3 engine itself is not actually that old.

    Okay, beat me, kick me, call me dirty names -- but I honestly would appreciate some hard, specific facts -- one way or the other -- as to the current efficacy of ZAM's engine & sigs. And it would be helpful if we had fewer posts containing mere innuendos and meaningless NO-word-posts such as just a ":thumb:".

    In other words, enough with the FUD already -- does anyone have something meaningful & factual to offer, over & above emojis & FUD?
     
    Last edited: May 25, 2020
  7. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    How long do you want to wait @bellgamin?

    In my view there is no 'official announcement', as there is no-one to make it.
    There was plenty interaction with beta testers on the 'other forum', but nothing since about June last year.
    For me that renders an anti-malware product useless.

    Even hardened supporters started uninstalling from about October last year.
     
  8. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    @paulderdash -- I was very clearly referring to what plat1098 wrote in post #74 when my post #81 included the statement "it's been a long while since we heard from their reps." Yet you twisted your post to make it seem like I had made that statement myself. That's a fake news tactic.

    Over the years, I have used many security apps where I have NEVER heard from their reps, so I consider that fact is hardly a basis for saying, unequivocally, that an app has been permanently abandoned.

    I really would like to know if the ZAM engine is mal-functioning, or if its sigs are demonstrably out-dated. I will readily cease even incidental usage of ZAM if anyone can provide those two vital bits of factual information. But when it comes to those who merely use anecdotal comments, or misquote other posts, or apply innuendos and FUD to support their assertions -- that is simply NOT at all helpful, not even in the slightest.
     
    Last edited: May 26, 2020
  9. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    The ZAM software itself reports the last version update being 6 months ago. Though that's probably the App, not the signatures.
     
  10. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Totally unintentional, just copied from your post.
    I was an active beta tester, but personally I had to stop using it (v3) due to ever-increasing number of FPs after the 'apparent' abandonment. :D With no resolutions after reporting.
    So for me, the sigs were demonstrably outdated.
    I actually only uninstalled it a few days ago.
     
  11. boombastik

    boombastik Registered Member

    Joined:
    Oct 7, 2010
    Posts:
    271
    Location:
    Greece
    Version 2 dont update definitions and version 3 has near zero detection rate and is full false positives.
    Version 3 i think after testing that it uses cloud only for scan that why the real-time is so bad.
    To keep selling this with another skins also for another companies is questionable for me.

    Also another companies sell the version 2 and i know that version 2 dont update definitions.
     
  12. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    I re-installed Zemana AM from Bleeping Computer again. Not only were several processes of the same release version of Afterburner flagged, there were an additional two more compared to the previous scan. lol! Plus, an .exe from latest version of Hard_Configurator--wow, but I'm not surprised there.

    So it's like why bother? Sorry bellgamin, but you give them chances, it's like vapor. They do post on Instagram but it seems a front, a facade. Thing is, I also really liked the product when there was activity around it, like two years ago. You can't help but wonder.

    zem.PNG
     
  13. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    I did not ignore the fuller context of your post - or more to the implied meaning here - I did not take out of context any meaning.

    My point stands based on what I quoted from your comment, and my reply. And that is "in my opinion", even if they are working on an entirely new version, they could and should still be developing and pushing out updates to the existing versions even if working from home. But there have been no updates whatsoever since 3.1.495 which was released Nov 7, 2019, nearly 7 months ago as seen here. And when actually looking at that page, that last whitelist improvement was made 3 months before that in August.

    But that's not all. The latest update for Zemana AntiLogger is V 2.74.2.664 from Feb 2019. Really? No updates, bug fixes, anything in 15 months?

    IF the company is still alive and will resurrect itself with entirely new versions, that's great. Competition is great. Malwarebytes needs competition. Consumers need choices.

    But in the meantime, existing security programs (especially those consumers pay good money for) need to remain current to stay ahead of the malware - because, for sure, the bad guys have not been sitting around doing nothing for the last 7 - 15 months.
     
    Last edited: May 26, 2020
  14. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    As I had some free time yesterday I did a quick and dirty test of ZAM (ver 3.1.495). Procedure and results:

    1). Saved 5 older ransomware file to a folder- did an on demand scan, and ZAM detected and deleted all. actually ran these five (one by one) and ZAM detected and deleted all.

    2). Found 5 malware files, that although new, worked by older mechanisms. An on-demand ZAM scan found nothing, but on run ZAM stopped and deleted all 5.

    3). Wrote a quickie MBR locker. Although this was a true zero day file, it worked by a know mechanism. Needless to say a ZAM on demand scan did not see it, but on run it was stopped and deleted.

    4). Ran 5 older worm files with a vbs extension. A ZAM on demand scan detected and deleted all 5. However when these same files were run, ZAM ignored all and left the system infected. A new (and clean system system was then provided, and I then converted these vbs worms to 5 executable files. A ZAM on demand scan did not detect them. Running all 5 infected the system. After a reboot, a ZAM system scan was run and ZAM did detect delete 2 of the 5. However, on system reboot I noticed that all five were back and happily still infecting the system (I do so LOVE a good Worm persistence routine!!!!).

    (ps- please note that running a second opinion scan with the likes of MB, HMP, Norton eraser, EEK would not help a User, as these also then to ignore pre-existing worm infections. Only KVRT is efficient).

    5). Keeping in mind the lack of efficacy of ZAM a detecting simple scriptor worms, I found a few ransomware files that utilized various methods to work (a Python- PyLocky, a js (Spora), and a Powershell (PowerSnif variant). All were undetected by a ZAM on demand scan, and when run, all infected the system (encrypted files).

    So to sum up, other and better malware protection modalities exist and should be used instead.

    Hope this helps.

    m
     
  15. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    @cruelsister
    Thanks for providing members with your findings on Zemana.
     
  16. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    @cruelsister -- at last, facts instead of pure FUD. Thank you for that -- to the nth degree of happiness. :thumb::thumb::thumb:

    Also, much Much thanks for putting me on to KVRT.

    @paulderdash -- I apologize for misunderstanding your intent. Live long & prosper.

    @Bill_Bright -- I totally agree with last paragraph in your post #88!

    ==> To all mods & denizens of Wilders: a warm aloha from Hawaii. Please stay healthy & happy. :-*
     
  17. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    512
    Location:
    Bulgaria
    Can you share the names of the worms you used? Some of the worms use really nasty tactics and even rootkit techniques to be more stubborn (like Conficker).
    That's why I am using tools which are scanning the loading points instead and not relying on signatures in addition to the second opinion scanners to check for malware activity and other system anomalies and unusual system behaviour.
     
  18. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Yeah, no sorry but not buying that either. You are assuming that all those scanners are exactly alike, comparing the exact same code to the exact same databases of signature/definition files and behavior patterns, always achieving the exact same hit rates. And that is just not true.

    A second opinion by a different maker is just that, a second opinion. A second set of eyes using a second set of parameters, databases, and algorithms. And hopefully, the second opinion finds nothing.

    And I too would like to see a link to your source that claims "pre-existing worm infections" are ignored. And I would like to understand how such a worm made it past all the security to get on the system in the first place.

    ~Comment removed~
     
    Last edited by a moderator: May 29, 2020
  19. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    ~Comment removed~

    Also, it seems to me that the #89 post by @cruelsister was by no means saying that 2nd opinion scanners are useless in general. What she wrote was, "...as these also tend to ignore pre-existing worm infections..." To me, "these" refers to the specific 2nd opinion scanners she mentioned, and thus her comment means that they are not so good at detecting pre-existing worm infections, specifically, but does not in any way infer that they are useless in general. Therefore the semi-sarcastic response in your post's second paragraph seems unwarranted when responding to an informative, helpful post by a recognized computer security mavin.
     
    Last edited by a moderator: May 29, 2020
  20. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Since you mentioned this I wonder if you can be more specific about better security apps for android?
     
  21. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Aloha Vic -- cruelsister visits Wilders very infrequently nowadays. In the meantime, you might find your answer by reading THIS web page. Note especially the table about a quarter of the way down the page where it lists test results, for Android AVs, from 3 excellent labs: AV-Test, AV Comparatives, & MRG-Effitas.

    Please notice that Webroot has elected to remain untested and, thus, choosing it is a shot in the dark compared with the other listed AVs. (^_^).

    Please notice, also, the editor's note not quite three-quarters of the way down the page. Some are concerned about that issue. Some are not. It's your decision, of course.

    Stay well. Aloha from Hawaii!
     
    Last edited: May 30, 2020
  22. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    How to get rid of all the leftovers and drivers, of ZAM?
    Is there an uninstaller from Zemana?
     
  23. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
  24. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    Copy and paste the following into a batch file and then open it.
    https://malwaretips.com/threads/uninstalling-zemana-leaves-drivers-behind.67551/post-648446
    Code:
    sc config ZAM start= disabled
    sc config ZAM_Guard start= disabled
    net stop ZAM /y
    net stop ZAM_Guard /y
    sc delete ZAM
    sc delete ZAM_Guard
    reg delete "HKCU\Software\Zemana" /f
    reg delete "HKLM\Software\Zemana" /f
    reg delete "HKLM\Software\ZmnGlobalSDK" /f
    takeown /f "%WINDIR%\System32\drivers\zam64.sys" /a
    icacls "%WINDIR%\System32\drivers\zam64.sys" /grant:r Administrators:F /c
    del "%WINDIR%\System32\drivers\zam64.sys" /s /f /q
    takeown /f "%WINDIR%\System32\drivers\zamguard64.sys" /a
    icacls "%WINDIR%\System32\drivers\zamguard64.sys" /grant:r Administrators:F /c
    del "%WINDIR%\System32\drivers\zamguard64.sys" /s /f /q
    takeown /f "%ProgramFiles(x86)%\Zemana AntiMalware" /a /r /d y
    icacls "%ProgramFiles(x86)%\Zemana AntiMalware" /inheritance:r /grant:r Administrators:(OI)(CI)F /t /c
    rd "%ProgramFiles(x86)%\Zemana AntiMalware" /s /q
    rd "%LocalAppData%\Zemana" /s /q
    rd "%WINDIR%\SysWOW64\config\systemprofile\AppData\Local\Zemana" /s /q
    
     
  25. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    512
    Location:
    Bulgaria
    I would include in the bat file these as well:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.