You NEED a Firewall — ZoneAlarm Recommended
If you are continually connected to the Internet (most people are) you cannot afford to be without a firewall. See Firewalls: Your First Line of Defense….
The nature of threats on the Internet has changed.
- Know how your security software warns you about threats.
- Newer threats are much harder to detect and very difficult to remove.
- Recovery from ransomware is unlikely.*
- Many websites are infected with programs that appear to be legitimate, but whose purpose is to scare you into downloading dangerous software.
- Many “free” download sites confuse users with multiple download links (those not related to the intended download often retrieve malware instead).
*Ransomware encrypts your data and provides only a short time to make payment (usually hundreds of dollars and in untraceable bitcoins) before the recovery key is destroyed. Trying to break the recovery key results in the immediate destruction of your data. Your uninfected backups of your current data is your only safety net (you'll need to do a complete reinstallation of Windows and software).
Mobile Also Vulnerable
The massive move to mobile has led to huge increases in attacks on mobile devices. Android devices have been the hardest hit, but Apple iOS devices are also vulnerable.
In fact, in the first half of 2015, IBM researchers found that the rates of mobile devices infected with malware were equal to the rate of computers infected with malware. This indicates that malware creators are beginning to shift their attacks from computers to mobiles. — ZoneAlarm
I recommend mobile users check out ZoneAlarm's Mobile Security app. It is available for both Android and iPhone (iOS).
Paid or Free?
ZoneAlarm provides two basic classes of products:
- paid versions for which you need to purchase a license; and
- free versions which are available at no charge (provided you can meet the license requirements).
The freeware security packages make quite an impressive showing in the test, but anyone who wants the highest level of security is required to use one of the commercial packages. The free products tend to concentrate mostly on their pure protection function. — AV-TEST
ZoneAlarm Extreme Security Recommended
- Best antivirus software, including zero-day attack prevention
- Total protection for your PCs and Android devices — Guaranteed
- Defends your entire family with Parental Controls
- Includes Find My Laptop, PC Tune-Up, Online Backup,
- Identity Protection Services, and more.
Download ZoneAlarm Extreme Security — The most comprehensive suite on the market for everything you do online. Reg. USD 89.95* (save up to 50% for up to 3 PCs plus Android devices) .
When placing your order ensure that the 3-PC license is indicated and deselect any unnecessary options like the Backup CD. Upgrade to the two-year license where it makes economic sense.
*Prices indicated are for a one-year subscription and subject to change.
Don't install ZoneAlarm alongside other security products.
ZoneAlarm 2016 is only compatible with MS Windows Defender, and is not compatible with any other antimalware software.
To install ZoneAlarm 2016, you must first uninstall other antimalware software. Otherwise, you may experience OS stability and computer performance issues. — zonealarm.com
Be sure you're using the most recent version (see sidebar).
ZoneAlarm Free Firewall for Personal Use
The Zonealarm Free Firewall 2016 provides basic firewall protection for FREE (if you qualify) but is missing the antivirus components. It depends upon the built-in Microsoft Windows Defender for protection. Use alongside other security products is not supported.
Check the License Agreement
The ZoneAlarm Free Firewall (firewall protection for personal use) is FREE for individual and not-for-profit charitable entity use (excluding governmental entities and educational institutions). Be sure to read the ZoneAlarm license agreement.
Free Basic Antivirus + Firewall Discontinued
ZoneAlarm's Free Basic Antivirus + Firewall is no longer supported. The older product is currently available from the Free Antivirus + Firewall Release History page.
Paid Products Recommended
Even if you qualify for to use the free ZoneAlarm, for better security I strongly recommend you purchase ZoneAlarm Extreme Security so you have the most complete protection.
- If you use the basic free firewall, conflicts with other security software may leave you vulnerable to the more dangerous threats you face on the Internet today.
- Loss of your computer or data will cost you much more than the annual subscription fee and is extremely inconvenient.
- Get discounts on one-year subscriptions to ZoneAlarm Extreme Security for up to 3 computers using these links.
I'd recommend choosing ZoneAlarm Extreme Security because of the more complete protection.
- Review the advantages of ZoneAlarm's paid products.
- Do NOT install the paid versions unless you wish to try the full version (after the trial period you'll need to either purchase the product or uninstall it then reinstall the free version).
- You can download the ZoneAlarm Free Firewall (free if you meet the requirements).
- The installer is a small file that starts the installation process then downloads the remainder of the required files.
- If you are offered TrialPay, look for the free download link. (TrialPay requires you to purchase other qualifying products to obtain the software for “free”).
- Make a note of where the file is saved on your computer (usually in your Downloads folder or on the desktop).
Avoid installing multiple security products. Multiple antivirus and other security products can appear as a threat to each other and, in the process, allow your computer to become infected.
These instruction will help you to install ZoneAlarm smoothly and avoid issues. These same instructions apply if you're doing a major product upgrade requiring an install.
- Close all programs running before installing — you'll need to restart your computer before the installation is complete.
- If you're updating ZoneAlarm, you'll need to ensure you're installing the same product as is currently installed and you will need a valid license.
- If you install a 30-day free trial version for which you don't have a valid license, you'll either need to purchase a license for that exact trial product or uninstall it after the trial period ends.
- If you choose to use another product, you'll need to uninstall your current version before installing the trial version. Once the trial period ends you'll need to either purchase a license for the new version or uninstall the product then reinstall the version for which you have a valid license (or meet the ZoneAlarm license agreement if you're using the free products).
- Follow the instructions as each dialogue box appears.
Starting the ZoneAlarm Install
Double-click on the ZoneAlarm icon for the product you are installing. The installation will begin with this dialogue box for the ZoneAlarm Extreme Security product (other versions are slightly different):
Options & License Agreement
Choose the “Custom Install” option (the text is under the yellow Quick Install button) so that you can choose the options you want for the Security Toolbar:
Depending upon the version you're installing, one or more of options may be pre-selected.
ZoneAlarm Extreme Security
ZoneAlarm Extreme Security installs the Blur browser add-on by default (you need to uncheck it if you don't want it installed). If the Blur premium options are included with your ZoneAlarm Extreme Security subscription it makes it a more attractive option.
ZoneAlarm Free Firewall
ZoneAlarm Free Firewall 2016 currently provides on options but previous free versions included the following options with at least one required:
- Make ZoneAlarm search my homepage
- Install ZoneAlarm toolbar
- Make ZoneAlarm my default search
My recommendation is to deselect all of the above. Otherwise your current homepage and default search choices will be changed and the toolbar will be installed. If the free product you're using requires you to select at least one of the options as part of the license agreement I'd select the search engine option.
- While toolbars may be convenient, there are significant privacy issues.
- Search engines track your search queries. I recommend Startpage because it offers you search results from Google in complete privacy!
- If your current homepage is not what you want, you can change it by adding the desired page in your browser's settings. I strongly recommend against allowing external programs to make changes to your browser settings.
Next, review the license agreement, then select Agree.
The Installation Process
The ZoneAlarm installer will then appear. If additional options appear, I'd recommend downloading the full package.
Once the necessary files have downloaded, the product installation will begin.
- Windows Firewall may ask if TrueVector Service should have access. Say yes.
- The progress bar will indicate the status of the install.
- Some processes take longer than others. Don't worry if the progress bar appears to be stopped for some time.
Finishing the Install
Once the installation is complete, you'll see a “Setup finished!” dialogue box. If you wish to register your product, type in your email address and ensure the check box is selected.
Click “Finish.” Windows will restart shortly after.
When Windows restarts, ZoneAlarm is fully functional. Have a look at the Top 10 User Questions on the CheckPoint site if you're having problems.
Now, proceed to the instructions for configuring your newly installed ZoneAlarm product.
For the most part, ZoneAlarm does an excellent job of configuring itself and most users seldom have to make changes.
Trusted or Public Zone
When you first connect to a network, ZoneAlarm asks you to select a trust level for the connection.
- Most users should select the Public zone. It is meant for public access on open networks (i.e. free WiFi in a coffee shop) but will be the safest choice.
- Select Trusted ONLY if you need to share files or printers between computers on your trusted network (presumably one you control).
The Public zone is safer if you're unsure. You can always change it later.
The home screen from the Extreme Security 2016 version 14.1.011.000 is shown below:
Although ZoneAlarm does an excellent job of determining the setting for most programs and most users, each of the three windows has settings that can be adjusted by clicking on each specific pane:
- Anti-virus & Firewall includes Anti-virus & Anti-spyware, Advanced Firewall, Threat Emulation and Application Control settings.
- Web & Privacy includes Parental Controls, Privacy Toolbar, Anti-Keylogger and Anti-Spam (Outlook only).
- Mobility & Data includes Find My Laptop, Online Backup (US only), PC Tune-Up and Identity Protection.
There are additional settings options for the services available in your version of ZoneAlarm (Extreme Security has them all). Have a look at the Antivirus settings:
Access Denied by Default
ZoneAlarm is designed to deny access to the Internet by default, allowing access only to the programs you've given permission to have access. This is it's best feature, but can be a stumbling block if you forget this.
- Simply disabling ZoneAlarm creates problems.
- If you need to remove ZoneAlarm, uninstall it properly, make the changes necessary to restore your Internet connection, then reinstall it to regain the protection it provides.
Giving & Denying Access
“Changed Program” Warnings
ZoneAlarm doesn't just grant access because of a program's name or file location. It retains a "snapshot" of the characteristics of the approved programs.
ZoneAlarm "Suspicious Behavior" Warnings
ZoneAlarm Extreme and Internet Security Suite offer the advantage of fewer alerts but may give you suspicious behavior warnings for programs exhibiting unusual behaviour.
This warns you about programs that are changing files in manner similar to how malicious programs (virus or malware) would act. If you are intentionally installing a program or update you can probably allow the activity.
Read the description of the activity before allowing or denying the process. Note: if you deny a legitimate program, the install cannot complete properly and the program may not function correctly.
The Program Control Screen
You can fine-tune the ZoneAlarm settings (or correct problems with programs not in ZoneAlarm's database) using the Program Control screen. To get there, follow these instructions:
- Open the ZoneAlarm via the ZoneAlarm icon beside the clock.
- Click on the Antivirus & Firewall pane then look for the Application Control section then the programs secured listing to see the programs ZoneAlarm is monitoring on your computer.
- A new Application Control window will appear. Click on the View Programs entry on the left if it isn't already selected.
The list of programs may take a moment or two to load. You can view the settings by clicking on any particular program so that the details appear in the pane at the bottom.
You'll notice that most programs will have a set of green bars showing the trust level but there are also four settings:
- Outbound Trusted;
- Outbound Internet;
- Inbound Trusted; and
- Inbound Internet.
Giving or Denying Access to Specific Programs
Each program will have a series of the following indicators for each of these categories:
- indicates the program has permission.
- indicates that the program is denied access.
- indicates that the program will ask each time it needs access.
Note: once you've given or denied access to a program the setting will remain until you restart Windows.
You can change these values by left-clicking the symbol for the program. Be aware that making the wrong choices can deny critical programs access to the Internet.
- You should be most worried about the Internet column.
- Most programs don't need server access on home computers (usually only instant messenger programs need this sort of access).
- Unless you have set up a local network between the computers in your home or office the Trusted Zone refers to access on your own computer. With a network, you can configure ZoneAlarm to have certain computers designated as trusted.
- Note that I've blocked access to the printer's Spooler SubSystem App for all but Trusted Access. Unless you are printing across the Internet (or a domain) you don't need to offer more than this access to your printer.
Server Access Seldom Needed
Few programs need server rights. Instant messenger programs (MSN Messenger, Yahoo! Messenger and AIM/AOL Instant Messenger), online conferencing software, the Application Layer Gateway Service in Windows XP and file sharing software need such access.
For the majority of programs commonly in use ZoneAlarm will provide the correct settings (indicated by the green bars in the Trust Level column). Where a appears in that column, you may need to configure the program's choices.
You can generally deny server access to all other programs (and to these programs if you don't use them). If any of these programs don't work after denying access, you may need to experiment to see what settings are necessary.
If you want to stop using ZoneAlarm, be sure to uninstall it properly:
- Disabling the startup of ZoneAlarm will cause you problems because it continues to run invisibly (ensuring that ZoneAlarm can't be disabled by malware). Programs with automatic permission to run will continue to work, but those requiring your permission indicated with the question mark) will not.
- Never just delete the ZoneAlarm program icons and the folder. ZoneAlarm makes changes to your system that require it to be properly uninstalled, either from the uninstall program in the Zone Labs program group or through the Control Panel's Programs and Features utility.
- Some users have experienced difficulties when improperly uninstalling Zone Alarm. Be sure to remove any relevant registry entries. (Note: improper changes to the Windows registry can make your computer inoperable. Make these changes carefully or seek out professional assistance.)
- If ZoneAlarm was improperly uninstalled, you may need to reinstall it before uninstalling it again to complete the process successfully.
Uninstall ZoneAlarm Correctly
If you have problems updating or maintaining ZoneAlarm, you may need to uninstall it and reinstall. It is recommended that you not do an "upgrade" installation in this case.
Try the Windows Uninstaller First
First try uninstalling ZoneAlarm using the uninstaller built into Windows.
- The uninstaller is found in the Control Panel — select Programs and Features. You'll need to reboot Windows to complete the uninstall.
- You'll want to have a current copy of the correct version of ZoneAlarm for your license.
- You'll need to reboot again when the installation is complete.
If uninstalling and reinstalling ZoneAlarm didn't work, you'll need to use the ZoneAlarm Removal Tool. This program completely removes the settings and changes made by ZoneAlarm. You then reboot and reinstall ZoneAlarm. You'll need to have your license number handy since the clean install removes ALL settings.
If the ZoneAlarm uninstaller AND the ZoneAlarm Removal Tool both fail you'll need to remove the program manually. This is not a task for novices. The detailed information about the files and registry entries for ZoneAlarm products are contained in this post:
You can also browse or search for information specific to the problem you're having in the ZoneAlarm Forums.
Laptops May Run Conflicting Programs
Some computers, particularly laptops, may run programs that either cause ZoneAlarm to not load or have a conflict that results in a Blue Screen error (BSOD). Tracking these down can be difficult.
Run MSconfig to stop all startup programs except ZoneAlarm to verify the problem. Restore them one at a time until the program creating the conflict is determined. This is usually (but not always) a driver issue. Search the ZoneAlarm forum with the program name to see if there is a recommended solution listed.
Disabling the problematic program using Piriform's CCleaner may be easier than via the MSconfig interface because then a normal startup for Windows is possible.
- Open CCleaner, then click on the Tools icon and select Startup.
- Look for the problematic startup listing and disable the startup.
- Now restart Windows.
If your computer continues to function OK with the startup of the problem program disabled, then you've resolved the issue.
When installing ZoneAlarm on a Lenovo computer running Windows Vista 32, I ran into an issue where ZoneAlarm installed fine, but on the first reboot, a blue screen (BSOD) appeared. Going to Safe Mode and uninstalling ZoneAlarm resolved the issue, but not without sacrificing the protection ZoneAlarm offers.
A search showed that PMHandler.exe, the power management handler for Lenovo computers, can conflict with ZoneAlarm on Windows Vista machines. By going to Safe Mode and stopping PMHandler from loading allowed ZoneAlarm to complete the reboot and finalize the install. It is called PM Driver in the Programs and Features listing.
I used CCleaner's startup tool to disable PMHandler and the issue resolved itself.
Other Potential Issues
Users have noted other causes, including issues with Windows Firewall (which needs to be running when you install ZoneAlarm). If you can determine from the text that appears on the blue screen what program is creating the problem, you have a better chance of resolving the problem you're experiencing.
Internet Access Issues
The most common reason people cannot access the Internet is because they have stopped ZoneAlarm from loading or have tried to delete ZoneAlarm's files without uninstalling ZoneAlarm properly. It can also happen if ZoneAlarm doesn't load correctly with Windows.
By default, ZoneAlarm (like many security products) disables access to the Internet. If ZoneAlarm is not running, it is unable to request permission for new programs to access the Internet. Programs that have been given access without asking (you instructed ZoneAlarm to remember the program can have access or it is a program recognized as safe by ZoneAlarm — not available in the free version) may continue to have access.
Other Reasons You Can't Access the Internet
There are other potential causes for loss of Internet access including these:
- Windows Firewall can stop access. Be sure that TrueVector (a ZoneAlarm component) has permission to access the Internet in Windows Firewall.
- Conflicting security software may disable access. Your antivirus may disable access to your email program or to other programs if it is not active. Anti-malware can disable access for programs.
- Trojans and other malware (including programs that emulate antivirus software but are malware) usually disable your antivirus and access to security sites on the Web by making changes to the Proxy or Hosts file.
- Check to see if the Windows Proxy has been tampered with. Click on Control Panel and look for Internet Options. Click on Connections then Local Area Network (LAN) Settings. It should be set to “Automatically detect settings” (if a proxy server is set, check with whoever manages your network).
- Check your other browser(s) settings to see if the browser's Proxy has been tampered with. This usually is set to “Use system proxy settings” but this may have been changed. You may be able to restore access by changing this to “No proxy” temporarily while you resolve the issue.
- Check the Hosts file to see if it has been altered. There should only be comments (prefaced with the # symbol). Malicious programs change this to ensure you cannot find help on the Web.
You may need to search for these settings in some versions of Windows, including Windows 10.
Operating System Issues
Support For Newer Windows Versions
When new versions of Windows are released, support may not be available for your security software. Windows Vista was a particularly bad example, because Microsoft made significant changes to Windows Vista just before release and many utilities and security software products would not run. The long Windows release candidate programs now ensure ZoneAlarm availability for early Windows adopters (but not necessarily during the beta phase).
Windows 8 or 8.1, Windows 7 (SP1 recommended), Vista (SP2) or XP (SP2/SP3) Required
View ZoneAlarm's current system requirements.
- Version 14.1.011.000 is Windows 10, Windows 8/8.1, Windows 7, Vista and XP compatible.
- Support for Windows XP may cease at any time but requires Service Pack 3 to be installed. Microsoft support for XP ended April 8, 2014 and it is increasingly dangerous to use.
- Older (or unpatched) Windows systems are more vulnerable. Download and install the latest available service pack and security updates for Windows (and Office or Office viewers, if installed).
Updated: April 1, 2016