App Review ZoneAlarm Extreme Security Next-Gen Antivirus 2023

[Shadowra]

Content source

https://odysee.com/@Shadowra:f/ZoneAlarm-Extreme-Security-Next-Gen-Antivirus-2023:9

ZoneAlarm is best known for its firewall, which was a benchmark in the 2000s.
The editor has evolved little until this year, with the release of its NextGen version.
ZA abandons the Kaspersky engine for Sophos and an AI Machine Learning technology.
Let's take a closer look at its ability to keep PCs out of harm's way.



Interface: 9/10

ZoneAlarm's interface is uncluttered and self-contained.
With very few settings, it's a far cry from the gasworks of the past in terms of configuration!
I'm withdrawing 1 point, however, because ZoneAlarm's WEB extension clearly sucks!
In fact, ZoneAlarm handles all downloads. To do this, it emulates files internally with DeepAnalyse to detect malicious code. This is a good thing... but the process is still running without stopping!

Protection:9/10 Web / Fake crack 1/1 Remains 17 threats on 171 malware / PC Infected - EXE damaged

ZoneAlarm has evolved into an excellent antivirus!
It successfully avoided many of the traps set during the test.
The protection is very solid and provides a very good detection rate.
However, ZoneAlarm does not protect the registry.
A Russian virus written in BATCH was able to modify several registry keys, making it impossible to execute EXE and LNK files.
It's a pity, because it started out so well for excellence.

Result : No scan ! EXE damaged

Recommand : Yes, but beware of unknown applications.
System Clean : No system infected - EXE damaged

@Trident and @Decopi request

 

[Trident]

I will forward this information to ZoneAlarm escalations (related to the registry keys), they need to improve that as soon as possible. Together with all other suggestions I’ve sent. Excellent test @Shadowra !!!

 

[Shadowra]

The video is available, but strangely it hadn't copied the link...

 

[Decopi]

@Shadowra

Firstly, a big "THANK YOU"... specially because at your new job (congrats) you're very busy now, and despite that, you managed to deliver your video.

Now and with regards to your test results, it's good to know ZAESGN went well, not excellent, but well at least.

IMHO, ZAESGN is still an "interrogation mark". But this is not necessarily negative.
I think everything will depend on next ZAESGN versions. For example, the App Control and the Granular Firewall, both might improve ZAESGN protection capabilities. Same logic for new features, if ZAESGN keeps adding new features at each new version, and also keeps improving internal mechanisms (registry protection etc), then ZAESGN may have a chance to challenge big security software players, and this will be great for users.

Anyway, I would like to see more ZAESGN tests.
I hope that other users will be interested in ZA, also having the motivation and curiosity to test ZA in depth.

 

[Trident]

@Decopi, once I am back home (I’m on the beach these few days, it’s 30 degrees in the UK), I will be back to testing ZoneAlarm little by little every day as well.

The registry protection is presented but the operation of messing up execution policies may look like a user-created script and not necessarily like malware. Maybe a user wants to block execution of lnk and exe files.
I sent an email to Check Point Threat Operations Centre (TOC) and Check Point Research (CPR).
I am awaiting their reply. They are very quick in replying.

On top of that I discovered a vulnerability (development is aware and passed a message), UI inconsistentency (for example spacing between anti-bot and firewall is less than betwen anti-ransomware and keylogging protection) as well as in the main UI some sentences are closed with a full stop, others are not and many others.

I constantly report to them

 

[Decopi]

@Decopi, once I am back home (I’m on the beach these few days, it’s 30 degrees in the UK), I will be back to testing ZoneAlarm little by little every day as well.

I hope 30 degrees isn't... Fahrenheit
A beach is a beach, it doesn't matter if it's beautiful or ugly, enjoy the sun, the 30°C and the sea!

Back from holidays, it'll amazing if you can make "another" video with a deep ZA test. I say "another", because you already made a test. But I believe the new ZA versions are supposed to be better than the one you tested. It'll be nice to see under tests the new ZA version with App Control.
Also will be great if you can keep your weekly (with few samples, no video).

The registry protection is presented but the operation of messing up execution policies may look like a user-created script and not necessarily like malware. Maybe a user wants to block execution of lnk and exe files.

Totally agree. Shadowra said the malware was similar to a batch, so you're right, an user can write a batch, and the AV shouldn't block that.
Despite that, IMHO, ZA should alert about changes in sensitive system areas (registry, drives, start up etc).
In addition, I don't know why any malware will be interested on "modifying registries to block exe files". I mean, one thing is to block an exe file, which is not necessarily a dangerous behavior. But to block exe files, and after that to run something else, or to connect to the internet etc... perhaps then the ZA behavioral blade should detect that potentially dangerous behavior.

However, the whole discussion always is about the limits between the "minimalist default ZA settings" VS adding new features and more power customization at every new ZA version.
It'll depend on ZA project!
If they keep the current minimalist ZA, then it'll be enough for average Joes. But it won't be enough against big players.
If ZA project expects to be among big security software players, yes or yes, ZA needs to make room for customization + new features in new versions.
I'm not an expert, but from my point of view, it's very hard to increase protection capabilities keeping current ZA minimalist UI.

I sent an email to Check Point Threat Operations Centre (TOC) and Check Point Research (CPR).

I am awaiting their reply. They are very quick in replying.

On top of that I discovered a vulnerability (development is aware and passed a message), UI inconsistentency (for example spacing between anti-bot and firewall is less than betwen anti-ransomware and keylogging protection) as well as in the main UI some sentences are closed with a full stop, others are not and many others.

I constantly report to them

You're the Man!
Excellent job.

I honestly don't care about ZA marketing, branding etc.
If ZA hears you, and they make changes, protection is improved, new features are added... it'll be be perfect for me!

 

[Trident]

Yeah, I outlined more than once to them that this default “policy” (it is a policy from Harmony Endpoint) doesn’t necessarily work for everyone and in all cases. So far, they seem to listen. We will see how it will evolve from now onwards with program control (if it’s similar to HEP, it will be very powerful). I will do a video soon.

It is 30 degree celsius here, it went up suddenly.

Spoiler: Spoiler

 

[Decopi]

It is 30 degree celsius here, it went up suddenly.

Beautiful photos!... it seems quite cloudy, hope you had some sun ... you don't deserve a beach on a cloudy day

 

[Trident]

Beautiful photos!... it seems quite cloudy, hope you had some sun ... you don't deserve a beach on a cloudy day

It was cloudy in the morning
During the day it’s amazing and it will stay this way for quite some time.

 

[Decopi]

It was cloudy in the morning
During the day it’s amazing and it will stay this way for quite some time.

With changes in world temperatures, Europe may become a kind of Caribbean place
France was experiencing 40° Celsius.
They say "El Niño" this year will raise temperatures even more. Who knows, UK will become Caribbean or Sahara

 

[Shadowra]

With changes in world temperatures, Europe may become a kind of Caribbean place
France was experiencing 40° Celsius.
They say "El Niño" this year will raise temperatures even more. Who knows, UK will become Caribbean or Sahara

I'm in France and it's 30 degrees today

 

[Decopi]

I'm in France and it's 30 degrees today

Many times I heard that Paris was experiencing incredible different high temperatures during the past years, with 40° degrees.
I saw pictures of Parisians at the both sides of the Seine river, using the spaces like a beach

I have family in Sweden, and they also say that they're experiencing very hot unusual summers.

 

[Digmor Crusher]

Beautiful photos!... it seems quite cloudy, hope you had some sun ... you don't deserve a beach on a cloudy day

I would actually prefer clouds on a hot day at the beach. I never understood what the enjoyment is for sitting at a beach in the sun and roasting. That's why I prefer my vacations in Europe as opposed to the Caribbean or Mexico. Now give me 30C in the shade with and I'm golden.

 

[Trident]

Check Point TOC replied that threat prevention engines can not handle batch files disabling execution of files as the same threat prevention engines run on servers and disabling execution is frequently used there.

To re-enable execution of exe and other files, these steps must be followed:

1. Click Start, and then select Run.
2. Type "command.com", and then press Enter. (A DOS window opens.)
3. Type the following command lines:
   ConsoleCopy
   
   cd\
   
   cd \windows
   
   Press Enter after typing each one.
4. Type copy "regedit.exe regedit.com" and then press Enter.
5. Type "start regedit.com" and then press Enter.
6. Navigate to and select the key:
   

   HKEY_CLASSES_ROOT\exefile\shell\open\command

7. In the right pane, double-click the (Default) value.
8. Delete the current value data, and then type:
   "%1" %*
   Tip: Type the characters: quote-percent-one-quote-space-percent-asterisk.

 

[piquiteco]

Thanks for the video @Shadowra. ZoneAlarm Extreme Security NextGen did well in the tests.