-
When I clicked F3 then Default would highlight with zaMailSafe next to it and I happened to notice a little folder open on the left. I deleted each default (on the right) but the little folder remained on the left. I left those (because this was making me nervous). But it seems to me that the free ZoneAlarm carries all the extension. I know people have questioned that.
I can answer that question Nancee - Mailsafe in some versions of ZoneAlarm free version is only supposed to protect you against against two or three suspect attachments but in fact give the full protection of Zone Alarm Pro (37 file types). That was what you saw in your registry. Just checked the latest release, unless my browser is acting up, it seems that Zone Alarm free does not now offer MailSafe protection.
-
I got an email this morning with an attachment called; www.myparty.yahoo.com
it was obviously a command file, the icon proved it, I had last updated my virus defs 4 days ago, I scanned it and no result, I updated my defs and rescanned and this is what it was http://[email protected]
I emailed the sender as to confirm if valid email address and no rebound daemon yet, I pasted the URL www.myparty.yahoo.com into my browser while the com virus was still on my computer and hit enter, a blank ms-dos box appeared and dissapeared, no commands executed.
I ran the virus scan and deleted the virus and made sure everything was fine and it is. As I never executed it.
Now I try the URL again and it is All about this particular virus.
Fun but a tad simple.
Who on earth would open a com file thinking it is a URL?, well its spreading fast so a lot of people are just plain silly.
-
Hi AnnMarie!
I don't know how MailSafe works, well, actually I think it changes the extension of a bad extension so you can't open it. I don't use Outlook Express and I think it applies to that. So I also don't understand how using your browser would tell you if you have those extension protections. But, in my short-lived https://discussions.virtualdr.com/ history with ZA, I had version 2.6.362. And I had a box for mailsafe in the configure area.
In the registry when I used the "Find" at Classes_Roots z10 thru z18
(maybe 19) came up; then zla thru zlt; then z1, zlu, zlv, zlx, zly. Then they all came up again, it seemed with the little folders opening. That's why I thought all that protection is still in there.
Thanks again for all your help. That tool does sound good and I copied your instructions.
Luteg - Thanks for posting about that virus. It's my understanding it's going around fast.
Sincerely, Nancee
-
Sorry Nancee - I didnt make it very clear what I meant. I checked the ZA site and compared features in the latest release of Zone Alarm and Zone Alarm Pro to see how much protection MailSafe offered - I wasnt looking in the registry.
------------------
Moderator at Suggest A Fix
-
That's okay AnnMarie https://discussions.virtualdr.com/
I just have the feeling (from what I saw - not that I understand much of it) that ZA is "saying" you get all those extensions only in ZAPro, but it seems it's also in the free version. Which if I'm right, is good for everyone with the free version.
Sincerely, Nancee
-
Thats because the difference between the 2 is minor, although you would need a hex editor and something like w32dasm to find and view the missing stuff, it is probably in the executable, rather than the registry.
Have you learn`t how to export a selected branch of the registry yet nancee?.
Nice to SEE what you are talking about.
-
Amthmi - if I would have had a problem, wouldn't copying that good reg backup back to the
sysbckup file worked to use scanreg /restore? It's still in my temporary file. For extra insurance, I
exported the registry to my desktop before I started also.
Yes Nancee it could have been used "but" there are many variables to consider first.
When scanreg /restore is used it is better if it's applied as soon as possible because
the registry is constantly changing and it's not just with software installs.
If things really went bad for you, although I thought that wouldn't happen, I wanted
you to have a known good copy of one of your registry cabs. The problem lies when
you wait to long to restore because whatever changes that were made to the registry
would be lost with a restore from a previous date.
Some people don't boot very often which I see as a problem because those backup cab files
could be dated too far back to do any good. Remember it's the 1st boot in a calendar day only.
It's not every boot. I also didn't know how often you boot , some people leave their pc on 24/7.
I boot every day that way I have 5 fresh copies of the cab files just in case I needed
a scanreg /restore routine.
What you could have done as soon as the uninstall went bad was to run the restore routine,
( especially if you boot every day and 5 days hadn't past ) to the date prior to the ZA install,
then you would not have had to go into the registry to clean up all the keys.
You would have just had to delete the files left behind.
My advice...boot every day if you can.
I'm glad you got your problem fixed !
------------------
Please remember to post back.
-
amthmi
I know this isn't my thread but you wanted to know whether anyone with AOL had problems with Zonealarm-
I have Compuserve (basically the same monster in different skin) and i had huge problems. I would get cut off repeatedly, my messengers and email alerts would not work correctly (if at all), and eventually i was unable to get a connection to the internet about 90% of the time i tried. When i uninstalled ZA, guess what, NO internet connection at all. So i had to follow the uninstall instructions including deleting things from the registry.
Some members on this site had walked me through a ton of things that they thought might be the cause, thinking it was a damaged global org, aol adapter, modem, anything you can think of. Turns out it was just ZA. I found out by coming across some posts about other people having the same problems. Go Figure. Hope you got it all worked out Nancee https://discussions.virtualdr.com/
-
Hi Luke,
I hope this worked (I first copied the whole key and tried to paste it here and the browser froze, so I just copied the extensions I think go with ZA) Here they are (they are from the classes_root key:
I want to mention that in the registry it didn't look like this, the first one looked like a little yellow folder with .z10, etc.
[HKEY_CLASSES_ROOT\.zl0]
"Original Extension"="ADE"
[HKEY_CLASSES_ROOT\.ADE]
[HKEY_CLASSES_ROOT\.zl1]
"Original Extension"="ADP"
[HKEY_CLASSES_ROOT\.ADP]
[HKEY_CLASSES_ROOT\.zl2]
"Original Extension"="BAS"
[HKEY_CLASSES_ROOT\.BAS]
[HKEY_CLASSES_ROOT\.zl3]
"Original Extension"="BAT"
[HKEY_CLASSES_ROOT\.zl4]
"Original Extension"="CHM"
[HKEY_CLASSES_ROOT\.zl5]
"Original Extension"="CMD"
[HKEY_CLASSES_ROOT\.CMD]
[HKEY_CLASSES_ROOT\.zl6]
"Original Extension"="COM"
[HKEY_CLASSES_ROOT\.zl7]
"Original Extension"="CPL"
[HKEY_CLASSES_ROOT\.zl8]
"Original Extension"="CRT"
[HKEY_CLASSES_ROOT\.zl9]
"Original Extension"="EXE"
[HKEY_CLASSES_ROOT\.zla]
"Original Extension"="HLP"
[HKEY_CLASSES_ROOT\.zlb]
"Original Extension"="HTA"
[HKEY_CLASSES_ROOT\.zlc]
"Original Extension"="INF"
[HKEY_CLASSES_ROOT\.zld]
"Original Extension"="INS"
[HKEY_CLASSES_ROOT\.zle]
"Original Extension"="ISP"
[HKEY_CLASSES_ROOT\.z0]
"Original Extension"="JS"
[HKEY_CLASSES_ROOT\.zlf]
"Original Extension"="JSE"
[HKEY_CLASSES_ROOT\.zlg]
"Original Extension"="LNK"
[HKEY_CLASSES_ROOT\.zlh]
"Original Extension"="MDB"
[HKEY_CLASSES_ROOT\.MDB]
[HKEY_CLASSES_ROOT\.zli]
"Original Extension"="MDE"
[HKEY_CLASSES_ROOT\.MDE]
[HKEY_CLASSES_ROOT\.zlj]
"Original Extension"="MSC"
[HKEY_CLASSES_ROOT\.MSC]
[HKEY_CLASSES_ROOT\.zlk]
"Original Extension"="MSI"
[HKEY_CLASSES_ROOT\.zll]
"Original Extension"="MSP"
[HKEY_CLASSES_ROOT\.zlm]
"Original Extension"="MST"
[HKEY_CLASSES_ROOT\.MST]
[HKEY_CLASSES_ROOT\.zln]
"Original Extension"="PCD"
[HKEY_CLASSES_ROOT\.zlo]
"Original Extension"="PIF"
[HKEY_CLASSES_ROOT\.zlp]
"Original Extension"="REG"
[HKEY_CLASSES_ROOT\.zlq]
"Original Extension"="SCR"
[HKEY_CLASSES_ROOT\.zlr]
"Original Extension"="SCT"
[HKEY_CLASSES_ROOT\.zls]
"Original Extension"="SHS"
[HKEY_CLASSES_ROOT\.zlt]
"Original Extension"="URL"
[HKEY_CLASSES_ROOT\.z1]
"Original Extension"="VB"
[HKEY_CLASSES_ROOT\.VB]
[HKEY_CLASSES_ROOT\.zlu]
"Original Extension"="VBE"
[HKEY_CLASSES_ROOT\.zlv]
"Original Extension"="VBS"
[HKEY_CLASSES_ROOT\.zlw]
"Original Extension"="WSC"
[HKEY_CLASSES_ROOT\.zlx]
"Original Extension"="WSF"
[HKEY_CLASSES_ROOT\.zly]
"Original Extension"="WSH"
So since I went back there and you can look at them, can I delete them? And could I do it by editing that file and then right clicking merge - or just double clicking on the file? (If I can do this, how's the best way to edit that file? In other words, would I highlight ALL of the above and delete it?) Thanks.
Sincerely, Nancee
[This message has been edited by Nanceel0 (edited 01-30-2002).]
-
Hi Amthmi,
It seems that at the point of Windows asking for that vxd file I could have just used scanreg /restore and all that work in the registry would have been done for me.
Thank you for explaining how restoring an old registry file may not always work out well. I used to think restoring the registry restored EVERYTHING at that point and would be a total cure all.
While I was looking thru that key posted above, I was amazed to see so many references to the disabled extensions my NoScript disables - and now I know it disables a lot more than just WSH.
Hi Dala,
Thank you for your good thoughts, everything's worked out okay so far. https://discussions.virtualdr.com/ I think it's a bit of a mystery why ZA works with AOL sometimes and sometimes not. I had nothing checked in the subnet area, so I don't know if that could have contributed to my problems, but I don't think anything was checked when I first installed it and I was able to use my browsers. Then, next day, ZA was blocking AOL from my computer - I could only get the AOL welcome page. Well, it's been an experience.
Sincerely, Nancee
