Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
ZoneAlarm NextGen Antivirus 2022
Message
<blockquote data-quote="Trident" data-source="post: 1028350" data-attributes="member: 99014"><p>I tested ZoneAlarm Next Gen Extreme yesterday. Very mixed feelings about it.</p><p></p><p>My findings as in a timeline:</p><p>The installer is a Chrome installer copy. Upon opening it said “On your marks” and initiated the download. UI is the same as installing Chrome. Installation didn’t ask any questions but was rather slow. Specially considering that it’s not a feature-packed product.</p><p></p><p>After installation:</p><p>Immediately can be noticed that the product has no settings whatsoever. There are no antivirus settings such as whether to scan archives or not, no aggressiveness levels, no alerts settings/silent mode, nothing. Ease of use is important, but in this case way overdone.</p><p>All you can do is turn antivirus on/off and schedule scans. Firewall settings all come down to 2 sliders to set up the trust zone.</p><p></p><p>Malware Protection:</p><p>ZoneAlarm protection is a mixed bag. Though I didn’t find any samples that were not detected (I did not try very hard), detecting a sample took forever. One example was an MSI installer. After execution, it took about 3 minutes for ZoneAlarm to kick in and delete a malicious DLL. ZoneAlarm left startup items and a seemingly harmful (abused) exe. On every computer start it generates errors. Majority of detections are produced by “Threat Emulation” some were called “Abnormal File”, “Reputation” and “Behavioural Detection”. Interesting fact is ZoneAlarm will detect even malware in password-protected archives (they probably use a list of commonly used passwords).</p><p></p><p>For all downloads (not in an archive) ZoneAlarm would act as a download manager, display an alert and then remove the file. This included scripts, documents and Java malware.</p><p></p><p>Though it all was slow and not great in terms of experience, ZoneAlarm did not leave the system compromised neither from documents, nor MSI installers, signed files, inflated samples, scripts and everything else I tried. However other products like Norton and Kaspersky detected everything far quicker and remediated better.</p><p></p><p>Ransomware Protection:</p><p>Very effective. It reacts quick and it reverses encryption.</p><p></p><p>Phishing Protection:</p><p>That was very iffy. ZoneAlarm adds extension in browsers without begging users to install it (unlike other vendors). This extension provides an option called “Scan Site”. When opening ebay.com this scan got triggered, an alert called “Zero Phishing” appeared and site was scanned. When I started to open various links from my junk folder, the scan was not triggered and I could open many. Manually clicking on “Scan Site” detected many. New tab was opened in the browser where ZoneAlarm claims site is blocked. However, the site is still open in another tab and I was able to interact with it.</p><p></p><p>ZoneAlarm is not great in terms of blocking Phishing as their “heuristic-based Zero Phishing” scan triggers only sometimes automatically and I don’t think anyone would initiate manual scans. Very shaky implementation.</p><p></p><p>Botnet Protection:</p><p>ZoneAlarm displays no alert and keeps no logs to make botnet protection existence evident. However, on many occasions trying to download a malicious file resulted in a browser error.</p><p></p><p>Performance:</p><p>The system overall felt very snappy and no visible indicators of compromised performance were observed. I have not performed benchmarks.</p><p></p><p>Logs/user communication:</p><p>The only logs kept are for detected malware. They are displayed in a timeline manner and contain time, date, file name and path, and the component that blocked it. There is a button that says “Not Malware” to restore the file (not recommended).</p><p></p><p>Final verdict:</p><p>ZoneAlarm is great product that is in no way underdeveloped but according to their official release notes, updates are not very frequent and some features are visibly not quality-tested. For a paid product this is not acceptable.</p><p>Once again it is proven that the signature-less approach that many vendors so tout brings no benefit to the users.</p></blockquote><p></p>
[QUOTE="Trident, post: 1028350, member: 99014"] I tested ZoneAlarm Next Gen Extreme yesterday. Very mixed feelings about it. My findings as in a timeline: The installer is a Chrome installer copy. Upon opening it said “On your marks” and initiated the download. UI is the same as installing Chrome. Installation didn’t ask any questions but was rather slow. Specially considering that it’s not a feature-packed product. After installation: Immediately can be noticed that the product has no settings whatsoever. There are no antivirus settings such as whether to scan archives or not, no aggressiveness levels, no alerts settings/silent mode, nothing. Ease of use is important, but in this case way overdone. All you can do is turn antivirus on/off and schedule scans. Firewall settings all come down to 2 sliders to set up the trust zone. Malware Protection: ZoneAlarm protection is a mixed bag. Though I didn’t find any samples that were not detected (I did not try very hard), detecting a sample took forever. One example was an MSI installer. After execution, it took about 3 minutes for ZoneAlarm to kick in and delete a malicious DLL. ZoneAlarm left startup items and a seemingly harmful (abused) exe. On every computer start it generates errors. Majority of detections are produced by “Threat Emulation” some were called “Abnormal File”, “Reputation” and “Behavioural Detection”. Interesting fact is ZoneAlarm will detect even malware in password-protected archives (they probably use a list of commonly used passwords). For all downloads (not in an archive) ZoneAlarm would act as a download manager, display an alert and then remove the file. This included scripts, documents and Java malware. Though it all was slow and not great in terms of experience, ZoneAlarm did not leave the system compromised neither from documents, nor MSI installers, signed files, inflated samples, scripts and everything else I tried. However other products like Norton and Kaspersky detected everything far quicker and remediated better. Ransomware Protection: Very effective. It reacts quick and it reverses encryption. Phishing Protection: That was very iffy. ZoneAlarm adds extension in browsers without begging users to install it (unlike other vendors). This extension provides an option called “Scan Site”. When opening ebay.com this scan got triggered, an alert called “Zero Phishing” appeared and site was scanned. When I started to open various links from my junk folder, the scan was not triggered and I could open many. Manually clicking on “Scan Site” detected many. New tab was opened in the browser where ZoneAlarm claims site is blocked. However, the site is still open in another tab and I was able to interact with it. ZoneAlarm is not great in terms of blocking Phishing as their “heuristic-based Zero Phishing” scan triggers only sometimes automatically and I don’t think anyone would initiate manual scans. Very shaky implementation. Botnet Protection: ZoneAlarm displays no alert and keeps no logs to make botnet protection existence evident. However, on many occasions trying to download a malicious file resulted in a browser error. Performance: The system overall felt very snappy and no visible indicators of compromised performance were observed. I have not performed benchmarks. Logs/user communication: The only logs kept are for detected malware. They are displayed in a timeline manner and contain time, date, file name and path, and the component that blocked it. There is a button that says “Not Malware” to restore the file (not recommended). Final verdict: ZoneAlarm is great product that is in no way underdeveloped but according to their official release notes, updates are not very frequent and some features are visibly not quality-tested. For a paid product this is not acceptable. Once again it is proven that the signature-less approach that many vendors so tout brings no benefit to the users. [/QUOTE]
Insert quotes…
Verification
Post reply
Top