Assigned Evjl's Rain Zemana Report - January 2017

Evjl's Rain · Jan 11, 2017

Evjl's Rain · Jan 11, 2017

I decided to stop testing zemana AM so these are the results
You can decide its effectiveness based on the table above but you should take results with a grain of salt

Zemana is great as a second opinion scanner however its realtime protection with pandora is lacking against zero-day malwares. It has great signatures so it can protect you against older malwares

Adz. · Jan 11, 2017

Thank you for the report, hopefully the devs will look at this :--)

Aktiffiso · Jan 11, 2017

I will consider not use semana. I really think is a very good product bur that...

XhenEd · Jan 11, 2017

@TwinHeadedEagle What happened?

harlan4096 · Jan 12, 2017

It seems ZAM is quite good as a second opinion scanner but not so good as a resident protection...

cryogent · Jan 12, 2017

I suppose ZAL has the same problems considering that ZAM is included.
And if it stops the Pandora from settings the results are worse or better?

Evjl's Rain · Jan 12, 2017

cryogent said:
I suppose ZAL has the same problems considering that ZAM is included.
And if it stops the Pandora from settings the results are worse or better?

ZAL will have the same result. Without pandora, it can only be worse. I think when pandora is off, dynamic tests will be all 0.

the problem with ZAM's realtime protection is it doesn't scan every access of the PC, perhaps to reduce server load. The fact is when I ran the malwares, the system was infected and then I performed a system scan with zemana, it found so many malwares -_-
I emailed to zemana support and they said they passed this message to the developers

SHvFl · Jan 12, 2017

Seems like pandora sucks or doesn't support the kind of files the malware runs(script?) but i am too lazy to go check the topics with the malware :S

Evjl's Rain · Jan 12, 2017

SHvFl said:
Seems like pandora sucks or doesn't support the kind of files the malware runs(script?) but i am too lazy to go find the topics with the malware :S

I think it sucks. I executed .exe files but it was silent
at 1 test I saw it didn't scan .hta file by static scan

Sundaram999 · Jan 12, 2017

Thanks for report! Well done)))

SHvFl · Jan 12, 2017

Evjl's Rain said:
I think it sucks. I executed .exe files but it was silent
at 1 test I saw it didn't scan .hta file by static scan

Yeah, you run an exe but maybe that was just the downloader of the malware? Maybe the actual malware executed was not exe and pandora ignores it?

Anw one or the other way it sucks especially when this program sucks memory pretending it's chrome.

Evjl's Rain · Jan 12, 2017

SHvFl said:
Yeah, you run an exe but maybe that was just the downloader of the malware? Maybe the actual malware executed was not exe and pandora ignores it?

Anw one or the other way it sucks.

yeah, many of them were downloaders. Zemana didn't have the signatures for them and when the parent files were passed, dropped files were likely to be allowed without being scanned
I was confused when I say this because when I executed a .hta file, zemana was able to block the dropped malware in temp folder. However when I executed .exe downloaders, zemana allowed everything

SHvFl · Jan 12, 2017

Evjl's Rain said:
yeah, many of them were downloaders. Zemana didn't have the signatures for them and when the parent files were passed, dropped files were likely to be allowed without being scanned
I was confused when I say this because when I executed a .hta file, zemana was able to block the dropped malware in temp folder. However when I executed .exe downloaders, zemana allowed everything

I will need to check the actual malware to know more but anw something is wrong. Had similar disappointing experience every time i tried the program and i skipped it for a few months now.

_CyberGhosT_ · Jan 12, 2017

Thanks for sharing some honest results.
That and the constant net usage is why I jumped on board with SurfRight.
HMPA and HMP are a dynamic duo that outperform both Zemana's quite handily.
Great share Rain

Deleted member 2913 · Jan 12, 2017

I simply dont like the idea of supplementary/complementary realtime AV...1 good realtime AV is enough & go with anti-executable or other protection mechanism.

Zero Knowledge · Jan 12, 2017

I have a license for Zemana but it has always seemed a amateur type AV/AM.

Tests like these confirm it's really not that good at protection. 33% of malware samples was not detected!

Biggest problem for me is Zemana won't confirm what AV engine they are using. Strikes me as strange behavior.

cryogent · Jan 12, 2017

[SIZE=4]@Evjl's Rain[/SIZE] i know there have been tests "who vs who" and is a sensitive issue but it would be possible to do a test with exactly the same malware samples but on other two programs: MBAM 3.0 and Emsisoft AM.
Just to see how its handle.

TwinHeadedEagle · Jan 12, 2017

Just tested all 7 samples within 11th January archive with Pandora enabled and all of them were blocked.

Are you sure you had Real Time Protection ON like on the image below and Pandora enabled?

XhenEd said:
@TwinHeadedEagle What happened?

Nothing happened, this test is not valid

Evjl's Rain · Jan 12, 2017

TwinHeadedEagle said:
Just tested all 7 samples within 11th January archive with Pandora enabled and all of them were blocked.

Are you sure you had Real Time Protection ON like on the image below and Pandora enabled?

yes of course I had it enabled, always double checked them before the tests and also performed a scan to see if the internet connection was intact or not. That's why there were some detections in Dynamic tests

Assigned Evjl's Rain Zemana Report - January 2017

Level 47

Attachments

Level 47

Level 2

Level 9

Level 28

Super Moderator

Level 7

Level 47

Level 35

Level 47

Level 6

Level 35

Level 47

Level 35

Level 53

Deleted member 2913

Level 20

Level 7

Level 41

Level 47

Similar threads