Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Please Help: ZAISS Upgrade Causing Problems

  1. #1
    Join Date
    Mar 2007
    Location
    The UK
    Posts
    86

    Default Please Help: ZAISS Upgrade Causing Problems



    Hi Guys

    I hope you can help me:

    System:

    Operating System:

    XP SP2

    Motherboard:







    ASUS TeK P58-Delux Rev1.xx

    Graphic Card








    NVDIA GeForce 88000 GTS

    Sound Card:









    SoundMax Integrated Digital HD Audio

    Processor:













    Intel 2 Core Quad CPU @ 2.4Ghz

    Hard Disk Drive:


    253 GB

    Memory:















    4.096GB




    ZAISS Configuration:

    My Firewall is configured for my wireless network, DHCP server, a printer on one of the PCs and the loopback adapter. Programme and SmartDefence are set to auto and cookies and Ad-blocking are on medium.

    Problem:

    I have 3 PCs and I've run ZAISS (version 7.0.337.000) on all of them for a year without a problem. But on 29 Dec I downloaded the latest update and it has caused serious problems to one of my PCs, which is only a few months old and had been working perfectly until then. The other two seem OK but the ZA logo doesn t now appear in one of their system trays.

    After launching the new version 7.0.462.000, it continuously indicated incoming and outgoing traffic, which continually makes the HDD click away (it seems caused by the generic host [SVCHost] win32 service programme because there are 3 of those files at the top of the control centre of which 1 is always flashing).

    After attempting unsuccessfully to solve the traffic problem, ZAISS would not allow the system to restore (which I did eventually from safemode command prompt). But my restored 7.0.337.000 version was somehow corrupted and did not appear on the desktop as it did at that restore point and did not work properly, along with other programmes (and my DVD writer, which I used minutes before downloading version 7.0.462.000, but does not work properly now).

    I completely uninstalled ZAISS, following Oldsod s guidance at the top of this section, and ran a registry clean-up programme to be doubly sure. Unfortunately I don t think it fully cleaned ZAISS because on reinstallation I found my license number already entered. After many hours I've got it running again but it still has the traffic problem and my system overall seems slower, especially at log-on and some programmes have started to hang!

    What can I do to solve the problem? I'm a small business and this is my primary PC! I have limited/ average knowledge of pcs.

    Regards,

    Graham

    Operating System:Windows XP Pro
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite
    Regards,
    [/B]Graham[/B]

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi!follow closely the below instruction to manually remove core traces of ZA from your system:http://www2.nohold.net/noHoldCust542...tallNonNT.htmlAfter the complete removal run a registry cleaner (ccleaner is quite good and free: www.ccleaner.com- do not install the Yahoo toolbar)Redownload the latest ZASS installer:http://download.zonelabs.com/bin/fre...teSetup_en.exeInstall with default settings, do not alter them.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    Join Date
    Mar 2007
    Location
    The UK
    Posts
    86

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi Fax
    Many thanks; that's helped put it back to a clean install, which needed my license number.
    Unfortunately, traffic is still showing continuosly on the monitor, caused by three Generic Host process for Win 32 icons flashing away on the control center (either in concert or one at a time). How can I configor this out?
    My HDD is continually clicking away. I never had this with the earlier version of ZAISS and my other 2 PC's, which I loaded at the same time with this later version,
    don't show this problem either.
    Regards,Gra
    Regards,
    [/B]Graham[/B]

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi!was your machine infected by malware recently?Are you running any other tool in the backgorund?Activity by svchost.exe may be normal depending on what you are running on your system.You can have ten's of Generic Host process for Win 32 in your task manager depending on the software you are running.Activity may be also related to WindowsUpdates, ZA scannning for viruses, a defrag tool... and any other tool that run on your system. <BLOCKQUOTE><HR>glaustin wrote:
    ...three Generic Host process for Win 32 icons flashing away on the control center (either in concert or one at a time). <HR></BLOCKQUOTE>Control Centre? Which control center?---------------------One way to isolate the issue is to boot your system with only ZA and default MS Services/softwareTry this:1.) Click Start -&gt; Run
    2.) Type MSConfig in the run box and click OK
    3.) Once in MSConfig, click the Startup Tab
    4.) Remove the checks from everything except ZLClient
    5.) Click the Services Tab
    6.) Place a check in "Hide All Microsoft Services"
    7.) Now remove checks from everything other than TrueVector Internet
    Monitor, and click OK.
    8.) Restart your computerHow does it work?
    NOTE: You can place your computer back into a normal startup process by
    going back into msconfig and choosing the Normal Startup option on the
    General tab.
    Cheers,Fax

    Message Edited by fax on 01-05-2008 02:48 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    Join Date
    Mar 2007
    Location
    The UK
    Posts
    86

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi FaxI'm a bit worried now. First I thought I'd solved the problem. When I ran Task Manager I saw there were 4 &quot;scanningProcess.exe&quot; programmes running and suddenly the system started its virus check that it scheduled on installation. After that it behaved normally. Today I booted-up and it's clattering away again.
    Now to why I'm worried. On examining the Task Manager again I noticed Explorer.exe was clattering away but it wasn't on ZAISS' list of programmes. Before adding it I thought I'd do a quick Google and found it could be spyware!!! The official explorer.exe should just be in the Windows folder, where there is a copy. However, from my research, I found the trojan is found in the system32 folder and hidden away in in my System32 dllcache is a prgramme called
    explorer.exe!!!
    I ran a ZAISS scan on the file and then the folder but it is coming up blank, so I'm confused if it is a real threat or not (althogh I fear it is). How can I be sure and how on earth can I remove it if ZAISS is not recognising it as a threat? Obviously, if it is a threat I'm very worried. From the moment I set up this new PC, it has been protected by ZAISS, so I'm not sure how it got through the defences and why it isn't showing as a threat.
    Can you help me please, with some urgent advice?Gra
    Regards,
    [/B]Graham[/B]

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi!Are you running on a Intel Core 2 Duo or equivalent? Then its normal you see 4 scanning processes (one for each processor).Upload that version of explorer.exe to www.virustotal.com to check for malware.The file will be scanned by more than 30 malware engines. If it is clean there... it is unlikely a virus.If you are not able to upload it, try it in SAFE MODE (copy the file in another location) and then boot normally to upload the file.Are you sure explorer.exe is not on the ZA program control list of files? it may be with under another name... Look well... Did you actually completely remove ZASS as suggested? Does ZASS update AV/AS correctly?Is it functional? Have you check with EICAR test? Here: http://www.eicar.org/download/eicar.comCheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    Join Date
    Mar 2007
    Location
    The UK
    Posts
    86

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Thanks again Fax, for your help.
    I just sent it to virustotal and one scan found it is &quot;Worm.Win32.Huhk.c&quot;. Bizzarely that was Kaspersky Labs, which I thought was the ZAISS virus check engine. Any ideas how ZAISS missed it (and how can I set-up ZAISS to pick it up in future) and how can I get ZAISS to remove it if it cannot see it???
    Yes, you're right I do run Core 2 Duo. Explorer appears as windowsexplorer (apols for being thick on that one). Also, I did clean the PC following the instructions you posted and it required me to re-enter my license number after installation (which hopefully shows **bleep** was cleaned (although some references were left not mentioned in the instructions, such as in the recent folder and recyclers) and it do go up to ZA to update my virus/ spyware definitions without a problem.
    I'll go up to eicar to test.
    Regards,
    [/B]Graham[/B]

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi!be careful on Worm.Win32.Huhk.c it might be a false positive...Is it only Kasperksy detecting it??? If yes, still it might be a false positive.See also the malware section here on kaspersky forum:http://forum.kaspersky.com/index.php?showtopic=55669Is your ZASS updating correctly??Go to the antivirus tab and manual update...Then scan the file you uploaded with the right click of the mouse.Also check in the ZA antivirus exclusion list (advanced option of the AV/AS tab) if the malware (or false positive :8} )has been put there....Cheers,Fax

    Message Edited by fax on 01-06-2008 01:05 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  9. #9
    Join Date
    Mar 2007
    Location
    The UK
    Posts
    86

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi Fax
    Thanks for your time on this. The update is working Ok and updates itself every 3 hours (updated this morning just a few hours ago). I still ran a manual update and the scan on explorer gave no result so perhaps, as the Kaspersky site says, it's a false positive or whatever (I'm confused!)
    I'm just naturally suspicious its in the system 32 folder in the dll cache.
    The bottom line is I still have this irritating traffic constantly running. According to Task Manager, only Zclient and explorer are using resources. My explorer programme settings are: Trust level (super), Access (trusted &amp; internet) and server (trusted &amp; ask). Internet explorer is set to: Trust level (ask), Access (trusted &amp; internet) and Server (ask, ask). I noticed one of the Generic host process for win 32 services has a share symble, saying 'listening to port(s) UDP 123'.
    Begining to tear hair out here as this small business is supposed to be open again for business tomorrow. Any ideas gratefully recieved.
    Regards,
    [/B]Graham[/B]

  10. #10
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Please Help: ZAISS Upgrade Causing Problems

    Hi!as already asked... is Kaspersky the only one detecting it?If yes, then is a false positive...May be the virustotal defintion is not updated and your yes... don't know.Try to upload the file again in few hours.For a definitive answer send the file to newvirus@kaspersky.com; Subject: Possible false positive.Zip the explorer.exe, password protect the zip. Include the password in the e-mail and wait for the malware expert to answer you.This way you will be sure if you have to worry or not...The rest you describe is normal. Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •