Results 1 to 3 of 3

Thread: ZA A V and Anty Spy misses long established Trojans and other Malware.

  1. #1
    hoveton Guest

    Default ZA A V and Anty Spy misses long established Trojans and other Malware.

    Recently I suffered a hit with a Trojan down loader and as a result it took me 4 days to clear the infection. The invasion came first via a Goolgle News Alert (a key word that I had set up.) Clicking on what I naturally assumed was an inocent Google News Alert link to my requested page I was requested to load an "Active X control" which then proceeded to deposited "Trojan-Downloader.Win32.Zlob". The rest well that is history as the Trojan did exactly what it was supposed to do according to ZA.

    I only managed to purge my system of this Trojan after purchasing PC Tools Doctor which after running a full scan of my system highlighted 3 other Trojans and other keylogging and advertising malware that I thought ZA was supposed to protect me from.

    I am running the following:-
    ZoneAlarm Security Suite version:7.0.462.000
    TrueVector version:7.0.462.000
    Driver version:7.0.462.000
    Anti-virus engine version:3
    Anti-virus SDK version:5.0.1.82
    Anti-virus signature DAT file version:943996749
    Anti-spyware engine version:5.0.189.0
    Anti-spyware signature DAT file version:01.200802.3265
    AntiSpam version:5.0.6.8903

    My question is four fold:-
    1. Is there something we can do about this issue, as having to purchase other software to act as a belt and braces concept can become a tag expensive?
    2. Why did my ZA software not protect me?
    3. Why could my ZA software not remove the infection once embedded on my system?
    4. Why could my ZA software having run a full in depth scan not pick up the other problems that I apparently had which PC Tools picked up and removed successfully?

    Kind regards.

    Operating System:Windows XP Home Edition
    Software Version:
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,290

    Default Re: ZA A V and Anty Spy misses long established Trojans and other Malware.

    Hi!
    No security solution can protect you 100% for all malware.
    Consider that there is a new Zlob variants every few hours.

    1. Yes, first of all you should have contacted ZA technical support at: www.zonelabs.com/tsform. They would have assist you on recovering the machine and adding detection to the malware. You would have saved some money, especially because SD is not a great tool and it conflicts with ZA. There are better tools that are also FREE (e.g. superantispyware).
    2. Really difficult to assess why ZA did not protect you. Is your ZA working? Test with www.eicar.org. Did ZA warned you about installing software on the machine? It should have.
    3. Was the malware detected in the first place? Or you did not receive any warning or failed cleaning? Was ZA firewall alerting you about new programs trying to connect out?
    4. Probably that specific variant was not recognised as infection. However, you should also be careful on what you download on the internet.

    You should ensure your ZA is set to maximum protection (program control set to maximum) and your AV signature is updates every hour (1 hour). This is essential to protect you from new malware.

    Please avoid to mention names of other software tools unless they are free.
    Messages may be removed due to past abuse by competitors or fun boys.

    Cheers,
    Fax

    Message Edited by fax on 02-04-2008 12:57 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: ZA A V and Anty Spy misses long established Trojans and other Malware.

    It is surprising how many antiviruses miss the zlob variations. Almost each and every antivirus vendor has tools specifically designed to remove the variants that are missed by their own scanners. Such as this one.

    Google pages asking to install an acitveX is by itself suspicious and this should have been questioned.

    The ZA has two activeX safe guards in the OSFirewall and in the Privacy. The former does blocking of new activeX installs and the latter stopping activeX from web sites from entering the PC. Using both of these security features properly will increase the security of the PC and eliminate many of the web found infections.

    Oldsod
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •