ZA defenition of suspicious action
line 1 detected behaviour
line 2 What this means
line 3 What to do (then repeat 1 to 3)
Monitoring certificates
A program is trying to stop one or more programs from running.
Unless you are performing a program update, you should deny this action.
Installing new applications
A program is attempting to install on your computer.
Unless you are installing a program, you should deny this action as it could be spyware trying to install itself on your computer.
Causing something to run at startup
A program is setting itself to run at each computer start up.
Unless you are installing a program, you should deny this action, as it could be spyware.
Modifying system services
A program is modifying system services.
Unless you are installing a program, you should deny this action, as it could be spyware.
Installing LSP (Layered Service Provider)
A program is setting itself up to monitor your Internet traffic.
Unless you are installing a program that needs access to your Internet traffic, such as e-mail, Instant Messaging, or Web traffic, you should deny this action.
Loading or installing drivers
A program is attempting to load a driver. Loading a driver allows a program to do anything it wants on your computer without limit.
Unless you are installing Anti-virus, Firewall, VPN, or other system tools, you should deny this action.
Installing browser plug-ins
A browser plug-in is attempting to add itself to your browser.
Unless you are currently adding functionality to your browser, such as a toolbar, you should deny this, as it could be spyware.
Installing IE extensions
A browser extension is attempting to add itself to Internet Explorer.
Unless you are currently adding functionality to your browser, such as a toolbar, you should deny this, as it could be spyware.
Changing browser search defaults
Your default browser search function is being modified.
Unless you are currently modifying your browser’s search function, you should deny this action.
Disabling user search assistant
Your Internet Explorer search assistant is being disabled.
Unless you are disabling the Internet Explorer search assistant, you should deny this action as it could be spyware.
Changing browser page defaults
Your default browser home page is being modified.
Unless you are changing your home page, you should deny this action.
Installing Active X controls
An Active X program is attempting to install itself on your computer.
Unless you are downloading or running a process from your browser, you should deny this action.
Changing Internet settings
Your Internet Options settings are being modified.
Unless you are modifying your Internet Options, you should deny this action.