ZoneAlarm Antivirus + Firewall PDF Print E-mail

ZoneAlarm Antivirus + FirewallPros: Powerful, hardened two-way firewall. Quick all-defaults installation. Pre-install scan for active malware. Good rootkit removal score. Very good malware blocking scores. Very good phishing protection. Includes free online backup and credit monitoring.

Cons: Failed to install on two infested test systems. Low malware cleanup score in PCMag's tests. Download protection frequently contradicts antivirus component. Big drag on boot time in performance tests.

Bottom Line: Need a free security suite? ZoneAlarm Free Antivirus + Firewall combines excellent personal firewall protection with good malware blocking. Note, though, that it may have trouble cleaning up a badly-infested PC.


ZoneAlarm is a powerful antivirus software program and one of the top 20 leading paid products in the industry. Its scanning engine is supplied by Kaspersky and this is one of the main reasons it is so effective. And it also includes a firewall that blocks all forms of malware (malicious software) threats.

Some of its most prominent features are:

  • Advanced Download Protection - This feature analyses browser downloads in three ways so that no malware infection gets to your PC.
  • Unified Scan Engine -This feature performs superior detection and removal of malware threats such as Trojans, viruses, spyware, worms, bots and others.
  • Two-Way Firewall - Its firewall blocks out hackers by making your computer invisible online and blocking intrusions.
  • Anti-phishing - This feature blocks dodgy websites that purport to be genuine sites that you're familiar with, like your bank.

ZoneAlarm Antivirus + Firewall has been tested and certified by two leading test labs. Both Virus Bulletin and West Coast Labs show that it's effective against many threats and employs some of the latest technology when providing protection. But no tests appear for ZoneAlarm among other test labs like AV-Test and ICSA and this is one of the reasons it still lags behind many other antivirus software programs.

Compared to other antivirus software programs, ZoneAlarm Antivirus is missing many features like a laptop mode and gamer mode. These features are essential to many users and without them, it is missing out on a large percentage of the antivirus market.

Effective Firewall

Naturally this product's firewall protection is exactly the same as that of ZoneAlarm Free Firewall (free, 4.5 stars). Check Point will continue to make the standalone firewall available for those who prefer a different antivirus.

ZoneAlarm passed all port scan tests and other Web-based attack tests. It doesn't attempt to identify attacks on system vulnerabilities at the network level, but none of the exploits I tried managed to crack the test system's security. And as always I couldn't find any way to break down the firewall's protection programmatically, the way a targeted malicious program might do.

Early versions of ZoneAlarm effectively put the user in charge of controlling which programs can access the Internet. When a program tried to connect for the first time, the firewall asked the user whether to allow or deny it, this time or always. Modern firewalls, including ZoneAlarm, automatically configure permissions for known good programs identified through a huge online database. If it does confront you with a popup query, pay attention, as the program in question may well be a problem.

Antivirus Lab Results

Checking the independent labs for ZoneAlarm results is a bit confusing. Virus Bulletin is the only lab that regularly tests ZoneAlarm. Even then, over the past four years ZoneAlarm has participated in just five VB100 tests and passed four of them.

Why this lack of love? Because the antivirus component in ZoneAlarm is licensed from another well-known security company, so most of the labs simply test the original. Check Point officially does not identify its antivirus partner, but you will find dozens of DLLs and other support files whose digital signature, copyright notice, and internal company name point to Kaspersky Lab. Coincidence? You decide.

Installation Ups and Downs

ZoneAlarm's installer gets right to business with a quick install option that configures all settings with default values. Do keep your eyes open; if you don't opt out you'll find that you've changed your browser's home page and default search to ZoneAlarm.

The installer runs a quick scan for active malware. If it finds threats, it runs a pre-install scan, reboots, and starts the installation again. That's a smart way to avoid having the installer derailed by malware. Half of my malware-infested test systems got this treatment.

Despite the pre-install scan, installation failed on three test systems. On advice from tech support I ran the Kaspersky Virus Removal Tool—there's Kaspersky popping up again! After KVRT one of the problem systems was fixed. For the other two, tech support recommended scanning with the Kaspersky Rescue Disk.

ZoneAlarm still wouldn't install after the rescue disk's cleanup. With a commercial product tech support would most likely have escalated the situation, perhaps arranging for a support agent to clean up the system using remote control. Since this is a free product, that wasn't an option. ZoneAlarm simply failed to install on two of twelve test systems.

Rocky Malware Removal

When ZoneAlarm's antivirus scan encounters a threat, it almost always treats the problem immediately. Occasionally it marked low-risk threats as "Action required," meaning I had to give permission to treat the threat. A few needed a reboot for full cleanup.

On more than half of the test systems ZoneAlarm kicked the cleanup process to the next level. A big popup window announced the need for advanced disinfection, with a warning not to use the computer during this process. In every case I let it perform the advanced disinfection and then, after the required reboot, launched a full scan. That turned out to be important, as the full scan frequently found items not removed by advanced disinfection.

Boot Time Slowdown

This stripped-down suite had a lower-than-average impact in most of my performance tests. A script that fully loads 100 Web sites took just 6 percent longer under ZoneAlarm's protection than with no suite at all; the average among current suites is 23 percent. Another script that moves and copies a large collection of file between drives took 8 percent longer, while the average is 13 percent. And a script that zips and unzips the same collection of files ran 11 percent longer with ZoneAlarm watching, compared to the average of 17 percent.

I was surprised, then, to find that ZoneAlarm lengthened my test system's boot time by 60 percent, significantly more than any other current product. Results were consistent across 100 test runs. Boot time here refers to the time elapsed from the start of the boot process (as reported by Windows) until the system is ready for use. I define ready as meaning CPU usage is under 5 percent for 10 seconds in a row.

Most users spend a lot more time surfing the Web and working with files than rebooting the PC, so ZoneAlarm's impact won't make a big difference.

A Good, Free Choice

ZoneAlarm's free firewall has outlived many competitors. It's the gold standard for free personal firewall protection. The antivirus protection that takes ZoneAlarm Free Antivirus + Firewall into the security suite realm doesn't quite measure up to that standard. On the other hand, its phishing protection is among the best.