Results 1 to 4 of 4

Thread: High Security Alerts during Virus Scan

  1. #1
    bobsec Guest

    Default High Security Alerts during Virus Scan

    Hello,
    On my Win2000 computer using ZA Security Suite ver. 7.0.470.000, Anti virus engine ver. 3 I alway get a ZA "High" Security pop up for the 1st ~ 700-800 files scanned during my weekly virus scan. I click through them, but realize I don't know whether I should be allowing them or not, let alone why I get these pop ups at all. Here are 2 examples of the pop ups, and I think these are the majority of what they show.Again these are "Smart Advisor High Security Alerts":

    #1:

    C:\WINNT\system32\ZoneLabs\avsys\ScanningProcess.e xe

    (ScanningProcess.exe) event=0

    subevent=0 class=1

    ("C:WINNT\system32\ZoneLabs\vsmon.exe",& quot;","&quot


    Application:



    ScanningProcess.exe


    Smart Defense advisor

    High Security alert

    ----------------------------

    #2:

    C:\WINNT\system32\ZoneLabs\avsys\ScanningProcess.e xe

    (ScanningProcess.exe) event=0

    subevent=0 class=1("C:\ProgramFiles\ZoneLabs\ZoneAlarm\M ailFrontier\mantispm.exe",""," &quot

    Application: scanningProcess




    Please let me know what is going on and how to fix, or whether there is something malicious going on. This has been happening ever since I went to the ZA Security Suite on that computer, And it doesn't happen on my Win XPPro computers. All my computers have experienced Outlook Express lock up errors since installing the Security Suite, which is annoying also, but I am usually able to close and reopen to get that working.


    Thank you,


    Bob

    Operating System:Windows 2000 Pro
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: High Security Alerts during Virus Scan

    Hi!
    this is happening if your ZA settings are corrupted. Please reset them and you should not see this anymore.
    Be careful on restoring previous ZA settings backups because you may 'reload' the same problem.

    To reset ZA settings, do this:

    1.) Hold down the Ctrl and Shift keys together
    2.) Right click on the ZA icon near your clock
    3.) Choose 'Reset' from the box that comes up
    4.) Choose Yes on the Reset Settings dialog box
    5.) When prompted, choose OK to restart your system
    6.) Follow the on screen configuration prompts after reboot

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    bobsec Guest

    Default Re: High Security Alerts during Virus Scan

    Hello,
    Yes, I'm respnding late, but I just lived with it. I did as you stated and all was well while it was learning the enviornment again, but as soon as it came out of learning mode it started doing this again with every virus scan. I t happens during the first half of the scan with me having to click ok to allow the scan to continue. My question on top of is there a fix, is am I getting an actual scan this way or is it corrupted?
    Thank you

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: High Security Alerts during Virus Scan

    Hi!no, it should scan correctly. This is not normal and may point to other issues in your system.For example, other software corrupting ZA settings.ZA settings can get corrupted if:- Your PC has crashed/hanged or hangs regularly- You perform cold shutdown (power button or improper shutdown by forcing the system to shutdown)- You have a malware infection- You are running a third party software that conflicts with ZALast try you can do is to manually remove core traces of ZA and reinstall from scratch. This way:First remove ZA from add/remove programs then:01.) Restart your computer
    02.) When you see the screen go black and it starts booting back up keep
    tapping the "F8" key (at the top of your keyboard)
    03.) This should bring up a menu. Choose Safe Mode off the menu by
    using the arrow keys on the keyboard to highlight Safe Mode and press
    Enter
    04.) If you get a message asking to go to Safe Mode, choose Yes. If you
    get a help and support window, close this.
    05.) Once you are at the desktop, Click Start, My Computer
    06.) Click Tools, Folder Options, View Tab
    07.) Place a dot next to "Show Hidden Files and Folders"
    08.) Remove the check from "Hide Protected Operating System Files
    (Recommended)"
    09.) Choose Yes to the warning
    10.) Click OK
    11.) Double click C:

    Note: In the future steps if you do not see any files or folders, please click
    the "Show Files" link to view them.

    12.) Double Click the Program Files Folder
    13.) Right Click the Zone Labs Folder, click Delete, and choose Yes

    NOTE: If you cannot delete the entire folder, please open the Zone Labs -
    > ZoneAlarm folder and delete out as many of the files listed here as
    possible.

    14.) Close this window
    15.) Click Start, My Computer
    16.) Double Click the C:
    17.) Double Click the Windows Folder (It may also be WinNT)
    18.) Right Click the Internet Logs Folder, click Delete, and choose Yes
    19.) Double Click the System32 Folder
    20.) Right Click the Zone Labs Folder, click Delete, and choose Yes

    NOTE: If you cannot delete the entire folder, please open the Zone Labs
    folder and delete out as many of the files listed here as possible.

    21.) Locate and delete the following files in the System32 folder if they are
    present:

    - vsconfig.xml
    - vsxml.dll
    - vsregexp.dll
    - vsdata.dll
    - vsdata95.vxd
    - vsdatant.sys
    - vsmonapi.dll
    - vspubapi.dll
    - vsinit.dll
    - vsutil.dll
    - vswmi.dll
    - zlcommdb.dll
    - zlcomm.dll
    - z llictbl.dat
    - zpeng24.dll

    22.) Clear your Temp Directory per the instructions below.

    - Go to Start -> Run
    - Type %temp% and click OK
    - Select all of these files and delete them

    23.) Clear the Prefetch folder per the instructions below.

    - Go to Start -> Run
    - Type Prefetch and click OK
    - Select all of these files and delete them

    24.) Remove the following registry entries by going to Start -> Run and
    typing in regedit. Use the folders on the left side of the window to navigate
    to the specified directories.

    HKEY_LOCAL_MACHINE\Software\Zone Labs
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\vsmon
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\vsdatant

    *Important Advisory: Deleting registry entries incorrectly may cause
    serious problems to your operating system, which may necessitate the
    need to reinstall it. Please make sure you are able to perform these
    deletions correctly before you decide to edit the entries. If you are not
    sure, you should seek help from someone who is familiar with editing the
    registry.

    For information about how to edit the registry in Windows, from your
    desktop, click Start >> Run >> and type regedit. Click on Help >> Help
    Topics. Under the Contents tab, click Change Keys and Values (this may
    be found under the How to... section).

    Also, you should always make a backup of the registry before editing it.
    You can find this in the same section of the Help files.

    25.) Close this window, then empty your recycle bin.
    26.) Restart the computer.27.) Install latest version. You find it here: www.zonealarm.com/zasuitedownload/
    Cheers,Fax

    Message Edited by fax on 07-10-2008 07:31 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •