Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


What did it take to "un-launch" my ZoneAlarm?

  • Please log in to reply
4 replies to this topic

#1 faster


  • Members
  • 108 posts
  • Local time:10:56 AM

Posted 03 December 2017 - 09:23 PM

This has never happened to me before, though I have been attacked more than once. An hour ago, ZA was turned off while I browsed, not knowing I was totally vulnerable. I turned the PC off, and it reloaded properly. But I've noticed a few things different - nothing big that I could tell, but who knows? WHAT HAPPENED TO MY PC? It's probably likely to happen again. What was used? A registry entry or something? I call this both serious and alarming.

Edited by hamluis, 04 December 2017 - 09:24 AM.
Moved from Win 7 to Am I Infected - Hamluis.

BC AdBot (Login to Remove)


#2 ranchhand_


  • Members
  • 1,748 posts
  • Gender:Male
  • Location:Midwest
  • Local time:10:56 AM

Posted 03 December 2017 - 10:03 PM

In this case I suggest that you pop over to "Am I infected?" and post in; follow directions there and someone will help you check out your system. It may (or may not) take a couple of days, but someone will get back to you. In the meantime:

> Disconnect from the internet, especially if you do banking online, have personal identifying data stored on your computer, CC numbers, D. License number, etc. Do not use the internet again until one of BC experts tell you your computer is clean. Viruses can hide, send information back to a hacker and you will never know it.

> Download and run Malwarebytes and allow it to remove anything it finds.

> Download and run Malwarebytes Anti-Rootkit and allow it to remove anything it finds.

> Download and run Hitman Pro and allow it to remove anything it finds. Use the trial free version and delete it after it is finished.

> Use your existing antivirus to run a deep scan of your computer.

This will not guarantee your computer is clean, but it will get you started. Nothing should ever shut down your firewall without your permission.

[EDIT: Clarification]:  Of course, you will have to be connected to the internet to download, install and update the indexes of the scanners, with the exception of your antivirus program which should be updating itself regularly. However, I suggest you not contact any sensitive websites (eg: banking) while connected.

Edited by ranchhand_, 03 December 2017 - 10:37 PM.

Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.

#3 faster

  • Topic Starter

  • Members
  • 108 posts
  • Local time:10:56 AM

Posted 03 December 2017 - 11:14 PM

I do no financial transactions online, ever. All important personal info is on paper. Moreover, I have never used social media - never will. I recently downloaded a free trial of Malwarebytes, to find what my free version couldn't. It was tainted and I had to uninstall it. I'm tempted to try Hitman Pro, but never if I have to accept ALL of its changes. I learned the hard way when CCleaner deleted dozens of my videos. I need an advisor. What I'm really asking is what did someone have to DO in order to turn off Zone Alarm. That's serious stuff, and requires great expertise to pull off. I'd like to learn essentially how they pulled it off. Do you or anyone else there have any ideas? I've been curing some malware on my own, through the registry, and with help of safe mode when necessary. Much of my infections are very deep. Some reg entries can't even be deleted in safe mode. Some were caused by a tainted version of Avast. I doubt Avast did it. I'm still stuck with a lot of junk. The install file I got directly from their site, yet it was tainted badly. Someone can taint almost anything, even while I am downloading or installing it. This is most likely due to hacking. Chances are, they could taint any antimalware the same way they tainted Avast and Malwarebytes. The only antivirus that finds more than PUPs on my system is Clamwin. It has at least found trojans and other small stuff, and blocks incoming junk too. It's ironic that the ones you pay for don't do as good a job as the free one. So please put my question to your colleagues. In what method can someone unload my Zone Alarm? Hack, probably? Who has the necessary expertise to help? You've been very sweet and helpful. I'm hoping you can help me again. Somehow.

#4 ranchhand_


  • Members
  • 1,748 posts
  • Gender:Male
  • Location:Midwest
  • Local time:10:56 AM

Posted 04 December 2017 - 09:00 AM


In what method can someone unload my Zone Alarm?

Unknown. It could have come from a downloaded virus which attacked from within. It could have come from a direct hack that got through your firewall. Or...it may be nothing at all and a glitch. Since I am not a staff virus remover at Bleeping Computer, I am not allowed to start giving you directions for scanning/removal of infections, although I regularly do it for my personal clients.



Who has the necessary expertise to help?

Your question is answered in my first sentence in Post#2.  At this point, that is all I can do for you, but maybe someone else can post in with a suggestion I have not considered. Wish you the best!

Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.

#5 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,530 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:11:56 AM

Posted 05 December 2017 - 01:05 PM

Hello, if a malware was installed that phones home it can change settings. also many malware will disable or stop security tools from running so they can protect themselves.. Could you run these....

  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users