Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Unable to stop 'suspicious behaviour' alerts.

  1. #1
    handdlep Guest

    Default Unable to stop 'suspicious behaviour' alerts.

    Hi, can anyone help me out here please? Despite repeatedly ticking the 'always apply this action' checkbox on the suspicious behaviour alerts for some programs, the alerts will still come up next time the program starts. I have checked the program control page in the Control Centre, and the settings for the relevant programs are correct - for some reason ZA is ignoring my wishes. I think, but I am not 100% sure, that this is only happening on programs where I have set the 'always allow' option since installing the last upgrade. Here is what I am using:

    ZoneAlarm Anti-virus version:6.5.722.000
    TrueVector version:6.5.722.000
    Driver version:6.5.722.000
    Anti-virus Vet engine version:
    Anti-virus signature DAT file version:11.9.9843.000

    Has anyone got any ideas what's happening? Many thanks in advance.


    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Antivirus
    Software Version:6.5

  2. #2
    jamworld Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.


    I'm just a suffering customer like yourself. But I notice this and the 2 separate threads immediate following it seem to be complaining about the same problem.

    I, too, have the identical problem since updating ZoneAlarm Pro to v 6.5.722.000

    While there seemed to be no big problem with Norton Utilities during installation like the one that lit up this board, so to speak, I had no trouble installing, but now whenever Norton Anti-Virus tries to run a scan or run LiveUpdate - which I have set to run at night - it gets stopped by ZA Pro. It's frustrating to sit down to work and find your system has been locked up since 1AM.

    I read about other problems of this nature in earlier versions of ZONEALARM PRO and the advice there mentioned a problem that some programs update themselves frequently and therefore are set to "AUTO" in the SMART DEFENSE COLUMN of PROGRAM CONTROL. I checked and some of the Norton and Symantec modules are, indeed, set to "auto" while others were not. When I changed the "TRUST LEVEL" on those programs ZoneALarm Pro Automatically changed the SmartDefense to CUSTOM. I assume this renders it "locked," as it were, so that when Norton updates itself - which it theoretically can do many times a day - it then presents a different profile to ZA from the one you taught it and it spits out an alert and waits for your action. In other words, I wonder if everytime Norton Anti-Virus updates, it appears to be a new program to ZA.

    I say "I assume this" and "I wonder" because I am just a long suffering customer who has been waiting for someone to post this problem and for ZA or a stray Guru to post a response. I updated the thing and have been suffering this annoyance since the upgrade was released weeks ago.

    ONE: I would be curious if your problems and the problems which follow directly behind your thread are, first of all, with any Norton or Symantec Products.

    TWO: I wonder if it involves the Catch 22 of manually having to set the TRUST level in Program Control and thus locking the SmartDefense setting to "Custom" which doesn't allow Norton to update and still be recognized.

    I wish someone at Zone Labs would pick up on these different posts and combine them all and give us a clue what to do. Should I copy this post to the other two I found and let everyone know of each other? Maybe we need a better description for a message subject. I put off posting my question because there was such a hubbub of Nortom problems that there was even an update to the upgrade. When that didn't solve this, I had trouble figuring out WHERE to post this problem.

    Meanwhile, I have set the trust level at high and then gone back where that changed the SmartDefense setting to CUSTOM and returned it to AUTO. This is the opposite of what someone advised for a similar problem in an earlier ZA update - but I tried that and it didn't work.

    CheckPoint, ZA, you out there? You getting this? There's a bunch of us with this problem but we've all called it something slightly different and we're scattered all over the boards. Help.

    Meanwhile, I just made the above adjustments and if I have no more problems, I'll come back and let you know.


  3. #3
    jamworld Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.

    It doesn't look like there's any activity on this thread. I was hoping someone who actually knew what they were doing and could solve the situation might pick up on it.

    Meanwhile, because I said I'd report back, I am:

    What I did seems to have worked.

    I did just as I described in the previous post, I found the offending programs in ZA's Program Control - Program list and changed the TRUST level upwards to either "Trusted" or "Super," depending, and I set the ACCESS, SERVER and SEND MAIL settings to "allow" as I deemed necessary (since I'm only playing with ZA's settings for Norton AntiVirus, I figured I couldn't get into much trouble trusting it all and allowing it all except "Send Mail" which I don't really understand.) As I've seen, this changed the SmartDefense setting from "Auto" to "Custom" on every module I altered. so I switched them all back to "auto" and closed ZA.

    So far, I have not had the problem recur and I have a smooth running ZAPro like always ever since.

    To be honest, I don't know for sure what I was doing, I can't find the original post I read that advised this or something very close to it. So whether it really did what I surmised it did (see previous post), all I know is that it worked.

    I've used ZA since version 5 and I still think it's the single best software firewall you can get. But really, for a great program, every update since about the first 6.5 are the buggy-est updates EVER! Maybe it's just an indication of how complex the computer stuff we take for granted is. It protects better than any of the rest, it learns on the job and it has the most comprehesible and easy to use GUI on the market. It's just not possible to upgrade it easily.

    I'm glad I'm not having all these install problems I'm reading about in this section. Good luck.


  4. #4
    handdlep Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.

    Jeff, thanks for your suggestions, I'll give them a try.

  5. #5
    handdlep Guest

    Default Re: Unable to stop 'suspicious behaviour' alerts.

    No, unfortunately didn't work, if I set the level, it changes from Auto to Custom. Then if I reset it to Auto, next time the programme starts there is an alert again, and it has gone back to the '?'. :-(

  6. #6
    lwiley Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.

    I have the same problem. On two computers. One running XP Home and ZA Pro. The other running XP Media and ZA AV.To be clear, for methe programs trying to run were not new versions. In other words, I can1. start Photoshop and get the "Suspicious Behavior" message,2. answer "Allow" and "Remember this setting",3. close Photoshop4. start Photoshop and get the same "Suspicious Behavior" messagePhotoshop was not updated to a new version in between steps 1 and 4. We've always had the nuisance of having to answer these "Suspicious Behavior" messages when we install a new version of something. However the activity I'm complaining about is a brand new annoyance that camewith this last version update and is persistent.I have had to open up the main ZA window and set things manually. What a pain.Sincethis problem occurred on both computers with two different ZA types, I assumed this was a widespread problem and that ZoneLabs would come out with a fix pronto. No such luck.Leroy

  7. #7
    jamworld Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.

    I stand almost corrected!

    Simultaneous with Leroy's posting, I started experiencing the same problem all over again - this time my ages old DELL PRINTER BUTTONS and management programs!

    I have yet to have anymore trouble with Norton, though! My fix worked for Norton.

    As far as I know, like Leroy, my DELL programs had not been updated. What gives?

    So I went to apply my own fix to the offending programs: dlblbmon.exe and dlbkbmgr.exe
    The latter worked just fine but I was unable to apply my fix to the first one. Every time I changed an ACCESS or SERVER setting the SMARTDEFENSE would annoyingly change back to custom and not let me switch it back to auto! Every time I set it back to auto, all my green checks would magically jump back to blue question marks. And it didn't do that with Norton!

    Something is defintely wrong here. But the punchline is... (wait for it)... it seems to have fixed the problem anyway!!!!!!

    So what are we to make of that? Just messing with the settings in any way "fixes" the "problem?"

    This does not add up very well, does it?

    I am suddenly very suspicious of a program I rely on for protection "sort of messing up" and then allowing me to correct it by random clicking that I think is doing something - even if it doesn't allow me to actually do it. Yes. I seem to be able to correct the annoying alerts on programs that shouldn't have alerts (on my system anyway). But it begs the questions, what is really happening and is ZA Pro working at all?

    Could it be messing up the opposite way? Could there be malicious software executing and accessing our drives and the internet and -contrary to its behaviour with my printer and Norton- it's just not letting me know?

    Also, usually in this amount of time after a release with this many problems all over the discussion groups, ZoneLabs has usually come out with some sort of patch or minor fix or two. I feel like we're oddly alone in this thread...


  8. #8
    handdlep Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.

    I'm getting even more worried now!

    I can't be ceretain of this, but I'll throw it in just in case. I have recently been experiencing several unexplained freezes, necessitating a reset. I suspect these could have started after I upgraded, but I wouldn't put hard earned money on that. Yesterday, I ran several spy and malware scan programs, Spybot, a-squared, and AdAware - all of them threw up some nasties, which I have removed (don't know yet if that has stopped the freezing). Shouldn't ZA have been able to stop these intrusions, or would that be expecting too much (help me out here, I'm no expert). Or, is there something in Jeff's idea?

  9. #9
    jamworld Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.

    Just so we're clear, Pete, my idea is a non-idea. It was a delusion. I was so sure I had it figured out - and with Norton, I think I may have hit on it. But there is something else at work under the hood that I am ill-equipped to understand. All I wound up doing was the same thing as jiggling a few wires when the car won't run. It worked for me but it could be just coincidence. Who knows what it did?

    I fixed the last set of programs that ZA kept thinking were new and now on a restart it treats my AnyDVD driver as if it had never seen it before. If this goes like it's been going, I'll go in and try to reset the AnyDVD program settings and regardless of what I do - whether I can set it to auto after making custom changes or not - it will most likely "fix" it.

    But I would give it try and see if you get that same result - fixing that one problem while a new one rises up - because it might give the good people at ZA something to diagnose.

    As for me, I'm ready to clean it from my system completely and resinstall. The question is, should I back up my settings - which seem to be problematic - or resign myself to reprogramming ZA all over again? I think I have to teach it from scratch just to be sure I'm not pulling in previous errors or corruptions. (In ZA Pro, you can back up and restore all your settings from the PREFERNCES tab in the OVERVIEW section. Handy. Usually.)

    As far as your adware and spyware, go to to Gibson Research find SHIELDS UP! and enter the site, scroll down past all the SPINRITE material and other news and stuff and near the bottom you will find the clean link to SHIELD UP! It's a very detailed and very fast firewall tester and IT'S FREE. And it will tell you everything that's happening. You will be pleased to see that ZoneAlarm gets the highest marks and you will feel so safe when you see that your computer does not even appear in the Internet. (Don't worry so much if you fail the PING test unless complete and absolute stealth is what you want.)

    ZA's antispyware is, in my experience so far, not very good at blocking something that you have clicked on and voluntarily downloaded in some way. I'm not sure if it's true "Active Protection" the way other dedicated anti-spyware programs are and not more of a "find it and get it after the fact" kind of thing.

    I was relying on a couple of other programs for that - including of course, my problem child who couldn't get along with ZA, Norton Anti-spyware. I thought Norton was saving my **bleep** on numerous occassions blocking Worm Intrusions. But I just recently found out is wasn't really, it was just set wrong and blocking perfectly harmless images.

    I hope someone can figure this all out soon.


  10. #10
    jamworld Guest

    Default Re: Unable to stop 'suspicious behavior' alerts.


    I posted this problem under a different subject line - but still in this group:

    "ZA Pro 6.5.722.000 Upgrade Will Not Remember Settings"

    I got one of the most comprehensive and expert responses I've ever gotten on any user group forum ever. He leaves no name, I suppose I could look up his profile, but he signs himself
    Author: SoCalReviews (Senior Contributor)

    If something that this guy recommended doesn't work, I would be very surprised. It's a lot to do but what resource this single response is!

    Subject: Re: ZA Pro 6.5.722.000 Upgrade Will Not Remember Settings
    Author: SoCalReviews (Senior Contributor)

    Good luck,

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts