Page 1 of 2 12 LastLast
Results 1 to 10 of 26

Thread: Think my Zone Alarm has been hacked??

Hybrid View

  1. #1
    azamber Guest

    Default Think my Zone Alarm has been hacked??

    I've been using ZA for years and nothing like this has ever happened to me. Lately, the TrueVector service has been crashing (I know this was supposed to be a problem with newer versions, but I didn't upgrade - using v 6.5.737.000). Now, this morning, I get up, my computer is frozen on a black screen and when I restart, ALL of my programs secured for internet access have been removed from ZA and so has my home network! **bleep**??? Help??

    Operating System:Windows XP Pro
    Product Name:ZoneAlarm (Free)
    Software Version:6.5

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Think my Zone Alarm has been hacked??

    The black screen or Black Screen of Death is not related to the ZA.

    Black screen of death happens when the operating system cannot boot. This is usually due to a missing file. The file is missing from Windows, not the ZA.

    Solutions:

    In the Safe Mode menu, try "last Known Good Configuaration"

    Reboot and do a "sfc /scannow" command and have the Windows OS media disk handy and insert it in the media drive. This can be done also in DOS or in the Recovery Panel using the Windows OS media disk when the PC is set to boot from the media drive. The normal mode is the easiest- the Windows GUI makes things easier.

    Let it do it's thing and when it is finished, it says nothing of any value- it never says what it did or replaced. Just take the Windows OS out of the media drive and reboot.

    The next best advice is to do a disk check. The complete kind that must be done in the boot time and not in the normal mode. Often the drive has lost some important files and this will help make the Windows operate better and perhaps avoid some future issues.


    This may fix the problem. But often there was some damage done that cannot be repaired by the sfc /scannow and you must reinstall Windows.

    You may want to check the health or the status of the harddrive and consider a replacement drive.

    Oldsod
    Best regards.
    oldsod

  3. #3
    azamber Guest

    Default No, no, no that's NOT the problem

    No, this isn't the problem, please refer to my original post. My problem is this: 1) TrueVector service keeps crashing. 2)The programs secured for internet access in ZA, and my home network, were all MISSING. How did this happen? I'm not a newbie to computers, I know about freeze ups, etc, my problem is with ZA. Thank you.

    Message Edited by azamber on 02-18-200701:21 PM

  4. #4
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,473

    Default Re: No, no, no that's NOT the problem


    <BLOCKQUOTE><HR>azamber wrote:
    No, this isn't the problem, please refer to my original post. My problem is this: 1) TrueVector service keeps crashing. 2)The programs secured for internet access in ZA, and my home network, were all MISSING. How did this happen? I'm not a newbie to computers, I know about freeze ups, etc, my problem is with ZA. Thank you.

    Message Edited by azamber on 02-18-200701:21 PM
    <HR></BLOCKQUOTE>Please report your Problem to Zonelabs Tech Supporthttp://www.zonelabs.com/tsform---------------------------------------
    My Configuration:
    Operating System: Windows XP SP2 Home with IE7 MS Outlook 2003

    Product Name: ZoneAlarm Pro
    Software Version: 7.302.000
    TrueVector version:7.302.000
    Driver version:7.302.000
    ZA Anti-spyware engine version:5.0.162.0
    ZA Anti-spyware signature DAT file version:01.200702.1005

    Kaspersky Anti_Virus 6.0.0.303


    Message Edited by GeorgeV on 02-18-2007 07:04 PM
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    azamber Guest

    Default I would but...

    I guess I can't with the free version, which is why I am in the forums to begin with.

  6. #6
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,473

    Default Re: I would but...


    <BLOCKQUOTE><HR>azamber wrote:
    I guess I can't with the free version, which is why I am in the forums to begin with.
    <HR></BLOCKQUOTE>Yep, your correct about the Free Version..have you tried the Safe Mode, ""last Known Good Configuaration"
    BSOD's are Usually related to a conflict with Windows..
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    azamber Guest

    Default Additional info

    Also, I just noticed in Event Viewer that right around the time this all happened, the TrueVector service crashed only to be immediately followed by an event that said &quot;The TrueVector Internet Monitor service was successfully sent a start control.&quot;. which I didn't do because I was in bed. So I'm assuming that after this, somehow my program and network permissions were RESET. Does ANYONE know WHY this would happen???

  8. #8
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Additional info

    In the services, the true vector engine is listed.

    In the properties, change the restart values. ie from restart to not restart and disable the wait and time.

    That should stop that problem.
    Like I said the 6.1.744.001 is the better version and hopefully this problem is gone for good.


    If the 6.1.744.001 crashes, then slow the sppeds and reduce the connections. That will solve the problem.

    Oldsod
    Best regards.
    oldsod

  9. #9
    azamber Guest

    Default Re: Additional info

    Actually, it was already set to &quot;Take No Action&quot;. So a) does that mean I was hacked when event viewer previously listed the service as being restarted although I didn't manually do it?, and b)would setting it to restart be easier than going through the trouble of uninstalling, reinstalling, and resetting my permissions? Or is this just a symptom of a larger problem that I should fix before it gets worse? Also, I didn't notice anything for disabling wait and time. (I'm not very proficient in the mmc yet.) Thank you very much Oldsod, you've been very helpful.

    Message Edited by azamber on 02-19-200709:38 PM

    Message Edited by azamber on 02-19-200709:39 PM

  10. #10
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Additional info

    If you were hacked, it would require some remote desktop or file sharing. If it was malware, the security executibles would have been hit and disabled. So neither apply. You are safe.

    The true vector engine or firewall engine of the ZA is the vsmon.exe. It is listed in Windows as a Service- hence it is tough. Basically nothing can disable it unless it does it itself or by Windows. There is an advantage and disadvantage to restarts in the services properties. Good if the application needed to be restarted, but bad if the system is crashing or in error and the repeated restarts just makes the whole thing even worse.

    Tracing the Event Viewer is the best method. There should be an "Event ID" in the Properties.

    A short list of the error code

    Security:

    http://support.microsoft.com/kb/q174074/

    A more complete list of Event ID:

    http://www.chicagotech.net/wineventid.htm

    What is the exact event ids for the errors shown in the event viewer? What are the categories and other details?

    Oldsod

    Message Edited by Oldsod on 02-20-2007 05:17 AM
    Best regards.
    oldsod

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •