** New Beta **: Free ZoneAlarm AntiVirus 10

Discussion in 'other anti-malware software' started by fax, Mar 15, 2012.

Thread Status:
Not open for further replies.
  1. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
  2. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    Thanxx for the info.
     
  3. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    Tested it with zeroday malware on Real System XP SP3 32 Bits

    Protection was not bad but decent.

    I think it can be a good free product if -

    Frequency of updates are more instead of 1 in 24 hours. The updates made quite a difference in my tests here i.e after doing initial updates I tried again & it mentioned up to date. I scanned the folder with malware. After about 1 hour I tried manual updates & it updated again & I again scanned the malware folder & there was quite a good more detection.

    RealTime & On-Demand difference in protection/detection was there i.e I scanned malware folder with 55 zeroday malware & also executed & run all the 55 malware & installed completely whaever installed.

    On-Demand missed 25.
    RealTime missed 30.

    I checked & executed the missed 5 malware again but no detection from RealTime when On-Demand detected those, dont know why?

    RiskWare detection should be there.

    The ability to select all the malware at once in result window to quarantine the malware & in quarantine window to remove the malware is needed.

    Any one know what eng & sigs is it using? i.e

    Is it using kasperky eng + sigs & inhouse eng + sigs or what actually it is using?
     
    Last edited: Mar 21, 2012
  4. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Only Kaspersky engine for on-demand scanning. With retail versions you can scan downloaded files with an advanced heuristic engine running files in a sandbox (ZA engine).
     
  5. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,063
    Location:
    USA
    Thanks for confirming. That takes testing it off the table for me. Is that true for the "final'' products are well? Testing in a VM is pretty common these days - it would be nice if the lack of VM support could have been stated in the "system requirements".
     
  6. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
  7. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    What engine & signatures for RealTime Protection in this Free Version?
     
  8. Legendkiller

    Legendkiller Registered Member

    Joined:
    Jun 29, 2006
    Posts:
    1,053
    as mentioned below those are features of kaspersky AV.Update was on the slower side and no fdm/media player classic working.

    Did your browser hangup when you try to download eicar's AV test file?
     
  9. MDRockstar

    MDRockstar Registered Member

    Joined:
    Mar 21, 2012
    Posts:
    14
    Hi have sent feedback to zonealarm to include riskware detection to the beta and here is the reply from them :

    We've listened to your feedback and the next beta version will include riskware/potentially unwanted programs in the anti-virus database.



    Thanks for helping make the new release of ZoneAlarm the best ever!



    - ZoneAlarm Beta Team

    cool !
     
  10. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Just curious but is forcefield being utilized here?

    Ice
     
  11. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    Thats a good news.

    Can you request them to give info on AV engine, sigs, etc & what is missing in the free version if compared to its equivalent paid version of FW + AV?
     
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Kaspersky engine + ZA web protection (ZA websites blacklist + ZA heuristics of phishing and malware websites).
     
  13. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    From the screenshots I have seen these are the main differences (Comparing with retail ZA AV)

    - Riskware detection (to be included)
    - Checker and Swift technology for fast scanning
    - On access settings
    - Mailbox scanning
    - Network drive scanning
    - Automatic treatment
    - Advanced heuristic download protection
    - Advanced firewall (OSfirewall, component control, advanced program control)

    You have to understand there will be differences otherwise they will risk to be out of businness very soon :D

    Fax
     
  14. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    Kaspersky engine means kaspersky signatures too, right?
     
  15. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    OK.

    So I think with RiskWare detection to be included, we will not lose much in terms of protection i.e protection/detection wise it will be the same as the paid, if the signatures provided are not limited, and I hope signatures provided are full, right?

    MailBox scanning - is it the email protection?

    What do we miss on On-Access settings?

    Its ok if they are not providing HIPS features, many users dont like or understand HIPS & basic ZA FW is good too.

    Instead of 1 update in 24 hours, I wish they provide the same autoupdate as paid version & restrict the priority updates, wot say?

    Is the behaviour blocker active in this beta? And is it automatic i.e blocks & notifies or gives the option allow/block?

    I tested 55 zeroday malware i.e executed every malware but didn't got any BB alerts so asking if BB is active in this beta or not.
     
  16. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    The overall concept seems good and kudos to Checkpoint for developing a free suite, but based on my personal experience this application needs lots of work !

    Updating the signatures was extremely slow; about sixteen minutes for the initial update and just under seven minutes for a manual update roughly three hours later.
    Two more subsequent updates took about the same amount of time.

    On-demand full scan including archives (14.1 GB) took slightly under 27 minutes.

    Boot time has at least doubled.

    Going from desktop to the home page took 21 seconds.
    A second attempt took 16 seconds.
    A third attempt took 18 seconds.
    (All using IE 8 with Sandboxie).

    Page rendering was noticeably slower but did complete every time without error.

    Running XP SP-2.
    Pentium 4 630 Prescott. Four GB RAM. No other real-time scanner.
    CPU usage at 35-40%; 250 MB to about 1300 MB of RAM in use. Way too high in both cases.

    I can't use anything that slows me down this much. Hopefully, the resource usage will soon improve to the point where I will have a better experience. For now, I'll skip any further involvement.
     
    Last edited: Mar 21, 2012
  17. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    It means manly the signature + heuristic + behavioral scan part of the KAV SDK engine. ZA and Kaspersky are very different products with different GUI and options.
     
  18. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    yes, it would be crazy to have ZA skipping one trojan out of three because its free or blocking Zeus.a but not Zeus.b :D

    Mailbox scanning--> scanning of e-mail while downloading. E-mails are scanned "on-access" instead.

    On-access settings --> choosing between different mode: smart, read/write, write.

    No idea, sorry. You should try the same with KAV enterprise and see if you get different/same results.
     
    Last edited: Mar 21, 2012
  19. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Sorry for the double post but does anyone know if this suite is utilizing forcefield? The reason I ask is I see some componets actively working with the browser. I didn't install the toolbar.

    thanks
    Ice
     
  20. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Yes, it should be there to provide the web protection (you can check in the task manager). This is regardless the toolbar that only provides additional control and info.
     
  21. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    thanks!
    Ice
     
  22. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    In my previous posts I forgot to mention -

    Here the RealTime Alert is always behind open windows, anyone confirm this?

    Oh & its not an autoupdate for AV database but scheduled update & it will update at specific time only, I hate this.
     
    Last edited: Mar 22, 2012
  23. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Last edited: Mar 22, 2012
  24. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,158
    I tried it quite a few times but it mentions correct the errors & shows no errors.

    I tried with different browsers & running Ccleaner too but the same prob.
     
  25. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    One problem in the past was that too much text is inserted in the box. Try to introduce less text and see if it works otherwise I am not sure what to suggest. As I see from previous posts users seems able to provide feedback successfully.

    A real pity since with no feedback all your time dedicated to test as well as your finding and recommendation will be wasted... development does not monitor this or the ZA board :(
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.