Assigned Which engines does Zemana use?

This thread is being handled by a member of the staff.
Status
Not open for further replies.
5

509322

They aren't saying and they're not gonna say:

Dear User,

Thank you for contacting us,

We have activated our own technology and AV engines which are provided by our partners are used for classification and clustering purposes in the cloud but they are removed from the UI. I can assure you that our detection rate is one of the best in the market.
 

KevinYu0504

Level 5
Verified
Well-known
Mar 10, 2017
227
They aren't saying and they're not gonna say:

Dear User,

Thank you for contacting us,

We have activated our own technology and AV engines which are provided by our partners are used for classification and clustering purposes in the cloud but they are removed from the UI. I can assure you that our detection rate is one of the best in the market.

They seems always reply the same answer ,
To all user who ask this question ,
Ctrl+C and Ctrl+V , o_O

It's still ok for me , Zemana still did a good job on AntiMalware ,
maybe they will talk about the engines they use on new product (ZAU) :rolleyes:
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
they don't disclose what engines they are using. I don't understand the reason behind

what we know:
- It has the license for metascan 16 and zemana uses the best 5 engines out of 16 engines, to reduce false positive rate
- they use their own engine too. I have seen files uploaded to virustotal - 0/61 by me but were detected by ZAM as PUPs/adwares
- this is the screenshot of the older version of zemana when we were still able to choose which engines to use. Things can change now
View attachment 144020

this is the screenshot of metascan 16 engines
untitled-png.143512
So whichever these engines are, are they being employed only for on-demand scans (in normal and portable versions both) or only for real-time scans or both?
I'd read earlier that Zemana uses only their own engine, including Pandora, for real-time protection.
 
  • Like
Reactions: frogboy

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
So whichever these engines are, are they being employed only for on-demand scans (in normal and portable versions both) or only for real-time scans or both?
I'd read earlier that Zemana uses only their own engine, including Pandora, for real-time protection.
I think these engines are used for both on-demand and realtime protection. I tried to perform a right-click scan, it found some malwares but I didn't click remove. Then, I executed the malwares which were detected and all were blocked (red popups) so I assume they are working in realtime protection too. Pandora blocks files with a yellow popup, if I'm not mistaken

They have their own engine, I believe. I uploaded a few files to VT (which haven't been uploaded before) = 0/62
When I scanned them with zemana, they were detected as PUPs/adwares

I don't think they use only their own engine because if they do, Zemana cannot get good results as we all know

without a testing environment (VM and VPN), zemana performed much better than I expected. It always failed under a VPN but it blocked some stuffs in my host PC without a VPN (yellow popups)
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
They seems always reply the same answer ,
To all user who ask this question ,
Ctrl+C and Ctrl+V , o_O

It's still ok for me , Zemana still did a good job on AntiMalware ,
maybe they will talk about the engines they use on new product (ZAU) :rolleyes:
That's true, not too long ago someone asked this exact question. We can expect someone to ask again next month, remember to Ctrl+C and Ctrl+V. :)

Zemana's intention to not disclose this information is fine, as not everyone wants to know the engines used and may be seen as over-kill with an existing engine?
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
I think these engines are used for both on-demand and realtime protection. I tried to perform a right-click scan, it found some malwares but I didn't click remove. Then, I executed the malwares which were detected and all were blocked (red popups) so I assume they are working in realtime protection too.
That can very well be possible. I just ran a search about what I recollected and I got the following post from this thread:
No. They won't conflict because it's not that all these 3rd party engines are as if they are actually there in the system. What is there is only Norton, and all the 3rd party engines are in the cloud.

Moreover, as far as I know, these 3rd party engines only apply to ZAL/ZAM's on-demand scan. ZAL/ZAM's real time protection uses only their own engines (realtime + Pandora).
But if it does detect those stuff that were detected in on-demand scan in RT as well, it can be the other way. Zemana doesn't even state the name (naming conventions used by AV companies) of the threat detected in RT right? If it did, we could have surely known some engines..
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
That can very well be possible. I just ran a search about what I recollected and I got the following post from this thread:

But if it does detect those stuff that were detected in on-demand scan in RT as well, it can be the other way. Zemana doesn't even state the name (naming conventions used by AV companies) of the threat detected in RT right? If it did, we could have surely known some engines..
yes, zemana doesn't show the name of the threat detected in realtime, only in on-demand scanner. However, I tried to scan several malwares which were detected by >45-50 vendors in VT, also malwares which low detection rates but still I couldn't track down the engines they are using because the naming system is completely different. I also checked hybrid analysis for the names they applied for some malwares but zemana used different names

after several attempts to find out at least 1 or 2 engines zemana are using, I gave up :(
 

Amelith Nargothrond

Level 12
Verified
Top Poster
Well-known
Mar 22, 2017
587
yes, zemana doesn't show the name of the threat detected in realtime, only in on-demand scanner. However, I tried to scan several malwares which were detected by >45-50 vendors in VT, also malwares which low detection rates but still I couldn't track down the engines they are using because the naming system is completely different. I also checked hybrid analysis for the names they applied for some malwares but zemana used different names

after several attempts to find out at least 1 or 2 engines zemana are using, I gave up :(

You're efforts are admirable and thank you for this.
I'm thinking that they have their own engine, wrapped around the other's, like an interface, probably the reason why is so difficult to find them. If i'm talking rubbish, please let me know :D
 

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
I honestly don't see anything wrong if Zemana has decided not to share official info about the used engines.
If the product works then it is the important thing.
Professionally I use also proprietary software to manage some control interfaces, and my company has decided not to share specific information about this, even if the customer requires them.
Reason? Simply, the customer may change these interfaces and creating dangerous situations.
Of course, this is not the case of Zemana :)
 

Amelith Nargothrond

Level 12
Verified
Top Poster
Well-known
Mar 22, 2017
587
I honestly don't see anything wrong if Zemana has decided not to share official info about the used engines.
If the product works then it is the important thing.
Professionally I use also proprietary software to manage some control interfaces, and my company has decided not to share specific information about this, even if the customer requires them.
Reason? Simply, the customer may change these interfaces and creating dangerous situations.
Of course, this is not the case of Zemana :)

It's just a geekish curiosity i presume :)
From Zemana's part, it must a strategic/marketing move not to disclose the engines anymore. Companies usually do this when it's not in their best interest or if it might change the user's perspective (negatively) on the product BUT it does not affect the functionality of the product (so to avoid useless and unnecessary feedback).
 
  • Like
Reactions: Winter Soldier
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top