App Review Zemana AntiMalware vs some Worms

[cruelsister]

I promised this one earlier but somehow got sidetracked...

 

[Enju]

The lovely GEMA is blocking your video in Germany.

 

[frogboy]

Thanks for this review @cruelsister very informative video.

 

[cruelsister]

Enju- Yeah, it is aggravating that Germany blocks so much. I was aware of it for this one, but I really wanted to hear the song.

 

[Tony Cole]

All these worms are scary - cruelsister, apart from Comodo are there any other AV's out there that can deal with these harsh viruses, watching your previous video's not many actually work?

Where you trying out new Jimmy Choo shoes, so there was a slight delay producing the video

 

[Secondmineboy]

The lovely GEMA is blocking your video in Germany.

I hate them since they existed. Use ZenMate to view it

 

[Solarquest]

Thank you for the review!
As expected Zemana detected more, unfortunately not as much as expected..and not enough....it's really true, it's better to prevent than to cure!
To cure is really,really tough nowadays.

 

[cruelsister]

Tony (and Solar)- When worms like these are true zero-day malware no traditional AV will touch them. That's why they are the Blackhat's malware of choice in retail breaches (and also why Corporations are moving toward virtualization solutions). The additional issue with malware such as this is that in addition to raw definition based defection the scanner must be strong enough to detect all of the traces so resurrection isn't possible.

For a second opinion scanner I am eagerly anticipating version 11 of Emsisoft's Emergency Scanner. It appears that they are targeting this exact gap in detection.

 

[Nightwalker]

Tony (and Solar)- When worms like these are true zero-day malware no traditional AV will touch them. That's why they are the Blackhat's malware of choice in retail breaches (and also why Corporations are moving toward virtualization solutions). The additional issue with malware such as this is that in addition to raw definition based defection the scanner must be strong enough to detect all of the traces so resurrection isn't possible.

For a second opinion scanner I am eagerly anticipating version 11 of Emsisoft's Emergency Scanner. It appears that they are targeting this exact gap in detection.

Did you tried the beta 11 version of Emsisoft Antimalware? Many changes in the behavior blocker and in the real time guard seems to be inspired by your videos (just a feeling).

 

[Moose]

Salutations, Greetings!

Could you test WinantiRansom Pre-beta? Would love to see if WinantiRansom Pre-beta work with-out question!
Really enjoyed the review on Zemana! Wondering, if having the real-time protection on would have made a different?

 

[RmG152]

@cruelsister can you test zemana as companion av in the same scenario? (no video is needed, only a little text)

 

[cruelsister]

Moose- Great minds think alike! I'm waiting for the final release in order to test it fairly (it's now up to beta 4). I also have to contact Rulware first to make sure that I run the test in an acceptable manner.

About ZAM in real-time, they have been releasing constant beta's to improve this area. Once things are finalized we can revisit it.

 

[Moose]

Thank you! For your kind words! Truly appreciate!

 

[Atlas147]

Interested to see if the real time protection would totally prevent the infection from occurring or not, my guess is it probably will

 

[Tony Cole]

Thanks Cruelsister, so Comodo's sandbox (in these more dangerous situations) really comes in handy - do worms attack homeusers, or more directed at enterprises?

 

[Azure]

Interested to see if the real time protection would totally prevent the infection from occurring or not, my guess is it probably will

Especially with the pandora realtime analysis since it claims it will dramatically increase zero day protection.

 

[Solarquest]

Cruelsister,
Did Zemana (as Hmp and Mb) detect some of these malwares before infecting the system or are these all 0 day?

 

[iIda15]

Hello everyone,

Thanks for posting the video @cruelsister

Best regards,

Ida

 

[iIda15]

Hello again @cruelsister

We had some improvements in the past week about vbc worms, as you can see on our release notes. We would be happy if you retest again with our latest beta which I think can remove all these worms (of course we don't know which worm you are testing but most probably we believe that the latest beta will kill them all).

Thanks in advance!

Ida

 

[cruelsister]

I totally agree with you. You certainly have been releasing betas at a fast and furious rate with significant improvements in each build (which in itself speaks highly of the Development Team). I do have ZAM scheduled for a redo when the beta is finalized. I'm actually anticipating perfection on this area.

In the Worm video series, as I used the current released versions of Malwarebytes and NitmanPro (both of which ZAM surpassed) this precluded me (in fairness) from using a ZAM beta.

And thank you for your presence here at MT!

M