I ve been a very long time ZA user since version 2.0 when it was originally by ZoneLabs. ZA has continually been a great product and has always met my needs and I ve always recommended it to others. However, lately I ve steadily seen problems with the product. After trying to test version 8.0, I had to revert to the last 7.0 version which was more stable because 8.0 had too many issues. Now the most recent issue I m discovering is even the AV and Anti-Spyware software, the walls of defense I ve depended upon for so many years, are penetrable.
The problem is with IE and my Google search results.
When I click on a search result link, the page is redirected to something entirely different.
Most often, I m temporarily sent to web sites/URLs that start with "qiwisearch.com" (I can see them quickly change/searching in the address bar) then ultimately end up at sites with "info.com", but I've also been redirected to other sites.
My ZA is on automatic definition updates so I know both the AV and Anti-Spy are current. In Normal Mode, I ve already performed a full virus/spyware scan (since ZA doesn t have a Safe Mode scan ability) and nothing was found. Not surprisingly since nothing was prevented/detected coming in to begin with.
I then downloaded, installed, and updated the FREE version of Malwarebytes' Anti-Malware. Disabled Windows System Restore. Since Trojans can hide in the restore files and just reactivate themselves from there, it s best to disable this function, which in turn deletes the files, until the system is clean then it can be turned back on. Rebooted to Safe Mode, then ran the program and did a complete scan. Malwarebyte s Anti-Malware found 5 infections, 2 registry entries and 3 files, all of which were successfully treated. Then rebooted back to normal mode and ensured all was well, which it was.
It s quite a shame that ZA didn t detect the malware and was oblivious of its ongoing infection, but even more concerning is it didn t even detect/prevent the initial intrusion. Furthermore, could it remove it even it was aware? Highly unlikely seeing as how ZA doesn t have a Safe Mode scan ability.
I am no way affiliated with Malwarebyte. I simply found their application to be an effective tool where ZA was not, and so decided to point it out. More importantly, to warn other ZA users of ZA s obvious AV/Anti-Spy vulnerabilities and shortcomings.
Windows XP Pro SP3
ZoneAlarm Internet Security Suite
Anti-virus engine version:3
Anti-virus SDK version:18.104.22.168
Anti-virus signature DAT file version:963130134
Anti-spyware engine version:22.214.171.124
Anti-spyware signature DAT file version:01.200810.4795
Message Edited by Justnalias on 11-08-2008 04:15 AM