Assigned Zemana Antilogger's injected dll causes persistent explorer.exe CPU usage

[Evjl's Rain]

today, I had a bit of free time and I monitored my CPU usage
I noticed that explorer.exe CPU usage rarely stayed at 0%. It constantly varied between 0.1-1% while I was doing nothing for several minutes

I used Process Explorer to find the culprit and I could see that zemana antilogger caused it
Zemana antilogger injected a few .dll files to explorer.exe

I disabled ID thief protection

here is some screenshots proving it
note: ke6d28~1.dll = KeyCrypt64(1).dll = KeyCrypt64(2).dll = KeyCrypt64(3).dll (just different names)

Spoiler: screenshots

What is your opinion?
I believe that Zemana antimalware won't have this problem because it doesn't have these kind of .dll files

 

[509322]

today, I had a bit of free time and I monitored my CPU usage
I noticed that explorer.exe CPU usage rarely stayed at 0%. It constantly varied between 0.1-1% while I was doing nothing for several minutes

I used Process Explorer to find the culprit and I could see that zemana antilogger caused it
Zemana antilogger injected a few .dll files to explorer.exe

I disabled ID thief protection

here is some screenshots proving it
note: ke6d28~1.dll = KeyCrypt64(1).dll = KeyCrypt64(2).dll = KeyCrypt64(3).dll (just different names)

Spoiler: screenshots

View attachment 166005 View attachment 166004 View attachment 166006 View attachment 166007 View attachment 166008View attachment 166009

What is your opinion?
I believe that Zemana antimalware won't have this problem because it doesn't have these kind of .dll files

1. Explorer.exe will typically show < 0.05 % with a browser open and not moving the cursor around (move the cursor along the taskbar and it will spike)
2. Process Explorer itself averages approximately 1.5 % CPU
3. Unless there is some kind of problem\issue that you have not stated...
4. Zemana will say you have too much free time on your hands

 

[Evjl's Rain]

I did a reboot and everything was the same
I uninstalled zemana using geek uninstaller, the dlls were not removed. I performed a reboot and manually deleted all files in that folder. Now, explorer.exe is staying at absolutely 0% no matter what I'm doing
The dlls are no longer injecting into explorer so no more CPU usage

I can expect that kind of answer from zemana. That's why I don't want to email them and wait for unhelpful answers

 

[509322]

I uninstalled zemana using geek uninstaller, the dlls were not removed. I performed a reboot and manually deleted all files in that folder. Now, explorer.exe is staying at absolutely 0% no matter what I'm doing

1. Open a browser and open Explorer
2. Hover the cursor across the browser and Explorer taskbar icons
3. Explorer should temporarily spike to above 1 % CPU in Process Explorer (Windows TaskMgr rounds off to whole numbers and then you also have to take into account the update rate)

I don't think 1 % CPU for Explorer is a deal breaker; compare that to some internet security suites running at idle

Also, compare the the Zemana anti-logger HIPS CPU consumption to the integrated AV scanner monitoring at idle

 

[Deleted member 65228]

note: ke6d28~1.dll = KeyCrypt64(1).dll = KeyCrypt64(2).dll = KeyCrypt64(3).dll (just different names)

An estimation could be that they inject code into running processes and then the injected code communicates with the driver so the correct keystrokes can be sent to the correct process and spoofed for all the others which may or may not be trying to intercept. That would make sense at least.

Personally, I don't see problem here. I suggest you contact Zemana at their official support, they'll be able to assist you best in diagnosing any potential problems and resolving them: Support For AntiLogger

 

[Evjl's Rain]

I don't think 1 % CPU for Explorer is a deal breaker; compare that to some internet security suites running at idle

Also, compare the the Zemana anti-logger HIPS CPU consumption to the integrated AV scanner monitoring at idle

I agree but I don't want my laptop resource to be used by the feature I disabled. Instead of antilogger, I can use ZAM, which doesn't have this problem
but both still create and inject dll to the system even after removal as we have discussed a lot here. They don't want to answer the exact reason

An estimation could be that they inject code into running processes and then the injected code communicates with the driver so the correct keystrokes can be sent to the correct process and spoofed for all the others which may or may not be trying to intercept. That would make sense at least.

Personally, I don't see problem here. I suggest you contact Zemana at their official support, they'll be able to assist you best in diagnosing any potential problems and resolving them: Support For AntiLogger

thank you, my may try but according to my experience with zemana support, they all said everything was normal and didn't admit the bugs I reported
I expect the same answer this time

 

[509322]

I agree but I don't want my laptop resource to be used by the feature I disabled. Instead of antilogger, I can use ZAM, which doesn't have this problem
but both still create and inject dll to the system even after removal as we have discussed a lot here. They don't want to answer the exact reason

You will have a much better experience with SpyShelter. More importantly, it is a much more capable\powerful product in your knowledgeable hands.

Just sayin'...