Zemana AntiMalware and WinRAR archive scans

I use Windows Defender and am running Zemana AntiMalware Premium on a trial. i'd like to be able to scan archives by invoking WD from WinRAR. The problem is that ZAM interferes with this.

When WinRAR performs an archive scan, it creates a batch file in the system temporary directory. The batch file is created in a subdirectory. Both the subdir and the BAT file have variable names. For example, given C:\Temp as the system temp directory, a BAT file created by WinRAR might be:

C:\Temp\Rar$VR0.463\Rar$Scan1939.bat

Given that the path and file name are variably named, I see no way to exclude them from ZAM. Given that ZAM blocks every BAT created by WinRAR, this seems to mean I have no options other than:

1. Don't scan from WinRAR.
2. Disable ZAM real-time protection, or remove ZAM completely.
3. Exclude the entire temporary directory.

Am I missing something?

I've exchanged quite a few emails with Zemana support, but I'm really frustrated, because they don't seem to even read what I send. I've sent screenshots and a video (!) and we're just not on the same page.

 

An alternate option is to use HaoZip instead of WinRAR, as it automatically scans the files in any archive you open, with Avira, Qihoo 360 and Tencent.
It is free, and has been translated to English.
http://haozip.ru/en/index.html

 

Yes, but 360 Total Security finds that haozip_v5.9.3.exe contains malware when it's downloaded.

 

Don't worry, it's a false positive, related to the installer being used. I just scanned every exe file in the HaoZip folder in C:\Program Files, at VirusTotal and they are all clean.

 

I still don't trust it. Zemana AntiMalware also finds a browser hijack in the files. It's not from the official site, but from Russia. No thanks!

 

It most definitely is safe to use. I just scanned the installer and the HaoZip folder in Program Files with Zemana and HitmanPro and they both detected nothing. I've been using Russian versions of HaoZip for some time now, as well as the original version.

 

http://haozip.ru/en/index.html

This website had also blocked by Emsisoft ,
and note it " Malware site " .

 

QmScan.dll belongs to Tencent.
ZAM flags everything Tencent, whether it's malicious, or not.

 

Recently there was a discussion, in another thread, that WinRAR keeps the attribute "from internet", while 7-zip does not.
How does haozip?
Where is the related thread?

 

Okay, that file is installed in the AppData folder and I only scanned the HaoZip folder in Program Files. It is used to scan files for malware with Tencent, and as @Hiltihome stated, Zemana detects anything related to Tencent.

I scanned the file at VirusTotal and with HitmanPro, and ZAM is the only program which detects it. So, I will say once again, that HaoZip is safe to use, and 62 different malware scanners confirm this.

 

Stay away from HaoZip. The installer is malware according to VirusTotal.

~ Removed VirusTotal Results Image as per Policy ~

 

Actually, as I keep posting, it is most definitely not malware. To prove my point, I just scanned every file in the C:\Program Files\HaoZip folder and the HaoZip folder in the roaming AppData folder, at VirusTotal. Out of 65 files scanned, four files were identified as malicious by just a single scanner. This was usually Zillya, which has major issues with false positives. Another file was detected by three scanners. Baidu detected it as Trojan.WisdomEyes, which is a false positive and it has been detecting many clean files as this during the last few months. It was also detected by the heuristics of Trend and Endgame, both of which have overly sensitive heuristics. The remaining 61 files were not flagged by any scanners.

 

https://www.tenforums.com/tutorials...hive-files-windows-defender-windows-10-a.html

I don't really see the point of these AV scan features by archivers, unless you have a format WD doesn't support. Even then, files within an archive are not dangerous until extracted.

 

VirusTotal shows that AVG, Avast, Avira, McAfee, Trend Micro, Symantic and others all say that HaoZip is Malware. Certainly these top av's can't all be wrong.

~ Removed VirusTotal Results as per Policy ~

 

The installer may have bundled something. According to @roger_m, the program files are clean.

Anyhow, can we please get back on topic?

 

Agreed

 

It shouldn't be. But it is possible.

You only need one trusted and reputable company (for example Symantec or Kaspersky) to incorrectly classify a file as malware(or pup), and other vendors will simply copy that detection without doing any proper analysis.
I'm not saying that is what happened here but it is something people should consider

There are so many malware being discovered every day that they need to rely on each other in other to classify them all.