ZoneAlarm bundled in Windows 2000 Pro

Archived from groups: comp.security.firewalls (More info?)

I just installed W2K pro (SP4) on a new computer. I also installed
sygate personal firewall on it. My surprise is that the firewall
reported activity from zonealarm.exe, which appears on the task
manager list.

My question is if zonealarm.exe (in the folder c:\WINNT\SYSTEM32) came
bundled with W2K and if it can be disabled (why having 2 firewalls?)

Thanks.
8 answers Last reply
More about zonealarm bundled windows 2000
  1. Archived from groups: comp.security.firewalls (More info?)

    On 15 Jul 2004 06:32:46 -0700, Pablo Rodriguez wrote:

    > I just installed W2K pro (SP4) on a new computer. I also installed
    > sygate personal firewall on it. My surprise is that the firewall
    > reported activity from zonealarm.exe, which appears on the task
    > manager list.
    >
    > My question is if zonealarm.exe (in the folder c:\WINNT\SYSTEM32) came
    > bundled with W2K and if it can be disabled (why having 2 firewalls?)
    >
    > Thanks.

    Zonealarm doesn't come bundled with and version of Windows? It's also not
    installed in the System32 folder. Is this 'zonealarm' running? Does it look
    like the real zonealarm? What are the properties of the .exe?

    Regards

    Bill
  2. Archived from groups: comp.security.firewalls (More info?)

    Pablo Rodriguez wrote:

    > I just installed W2K pro (SP4) on a new computer. I also installed
    > sygate personal firewall on it. My surprise is that the firewall
    > reported activity from zonealarm.exe, which appears on the task
    > manager list.
    >
    > My question is if zonealarm.exe (in the folder c:\WINNT\SYSTEM32) came
    > bundled with W2K and if it can be disabled (why having 2 firewalls?)
    >
    > Thanks.

    My guess is you have either a trojan or a virus which you caught by
    connecting your computer to the internet without a firewall. Zone alarm
    does not install itself in system32.

    Google search suggests you have W32.Spybot.Worm

    Disconnect from the internet and clean your machine.

    --

    ------------------------------------

    Real email to mike. The header email is a spam trap and you will be
    blacklisted.
  3. Archived from groups: comp.security.firewalls (More info?)

    Pablo Rodriguez said in
    news:d0d3055c.0407150532.1180291@posting.google.com:
    > I just installed W2K pro (SP4) on a new computer. I also installed
    > sygate personal firewall on it. My surprise is that the firewall
    > reported activity from zonealarm.exe, which appears on the task
    > manager list.
    >
    > My question is if zonealarm.exe (in the folder c:\WINNT\SYSTEM32) came
    > bundled with W2K and if it can be disabled (why having 2 firewalls?)
    >
    > Thanks.

    So how did you *install* Windows XP Pro? From a Microsoft CD? Or just by leaving whatever was on the hard drive when you "acquired" it (which might mean you have a pirated copy of Windows)?
  4. Archived from groups: comp.security.firewalls (More info?)

    On Thu, 15 Jul 2004 16:38:35 -0500, "*Vanguard*"
    <lh_vanguard@mailblocks.com> wrote:

    >Pablo Rodriguez said in
    >news:d0d3055c.0407150532.1180291@posting.google.com:
    >> I just installed W2K pro (SP4) on a new computer. I also installed
    >> sygate personal firewall on it. My surprise is that the firewall
    >> reported activity from zonealarm.exe, which appears on the task
    >> manager list.
    >>
    >> My question is if zonealarm.exe (in the folder c:\WINNT\SYSTEM32) came
    >> bundled with W2K and if it can be disabled (why having 2 firewalls?)
    >>
    >> Thanks.
    >
    >So how did you *install* Windows XP Pro? From a Microsoft CD? Or just by leaving whatever was on the hard drive when you "acquired" it (which might mean you have a pirated copy of Windows)?

    vanguard, if you had read the OP's posting carefully, you would have
    noticed that he says he installed Windows 2000 SP4, NOT Windows XP
    Pro. He really didnt need to qualify the Windows 2000 version with
    "Pro", since that is the only version of Windows 2000 existing.
    Donald L McDaniel
    Post all replies to the Newsgroup, so that all may be informed.
    Remove the obvious to reply by email.
    ===============================================================
  5. Archived from groups: comp.security.firewalls (More info?)

    "Donald McDaniel" <orthocrossAT@cablespeedDOTcom.invalid>
    wrote in news:bv5ef01n2juhjclnsbdecfll814bkfssh2@4ax.com:
    > On Thu, 15 Jul 2004 16:38:35 -0500, "*Vanguard*"
    > <lh_vanguard@mailblocks.com> wrote:
    >
    >>
    >> So how did you *install* Windows XP Pro? From a Microsoft CD? Or
    >> just by leaving whatever was on the hard drive when you "acquired"
    >> it (which might mean you have a pirated copy of Windows)?
    >
    > vanguard, if you had read the OP's posting carefully, you would have
    > noticed that he says he installed Windows 2000 SP4, NOT Windows XP
    > Pro. He really didnt need to qualify the Windows 2000 version with
    > "Pro", since that is the only version of Windows 2000 existing.

    So replace "Windows XP" with "Windows 2000", then repeat the question.
    I'm bouncing around lots of newsgroups and often end up with several
    posts open at a time while I research some of them.

    Since ZA isn't on the Windows CD (*any* flavor of Windows), I was
    probing to find out how ZA was "bundled" with Windows. It would not
    have gotten installed with the install of Windows. If it was another CD
    in a package that had both Windows and ZA then the OP had to install it
    and that's why it is on his hard drive (although I cannot verify the
    path to the file was correct for ZA but the path where it was found is
    suspicious although perhaps it is possible the user actually changed the
    default path and specified that one). If the OP downloaded it then,
    again, the OP did the install and would know how it got there.

    If it just automagically appeared without the OP ever installing
    themself, and since it is not on the Windows CD to get included in that
    install, and since the OP doesn't mentioning having a separate CD for it
    or downloaded it to install it, then it would appear to be an infection.
    The OP didn't mention doing a full scan using a recently updated
    anti-virus product, but then they might not have thought of doing that
    because the OP figured the zonealarm.exe was for the real ZoneAlarm.
  6. Archived from groups: comp.security.firewalls (More info?)

    After reading your posts, I think it's an infection, although AVG
    antivirus (most recent version downloaded on the weekend and updated
    yesterday) didn't find any.

    I killed the process in taskmanager, renamed the .exe file and removed
    every registry entry.

    Apparently everything is working fine and zonealarm is not loading
    anymore (according to taskmanager).

    Thanks to all.


    "*Vanguard*" <lh_vanguard@mailblocks.com> wrote in message news:<7N2dnV29loB-52rdRVn-hA@comcast.com>...
    > "Donald McDaniel" <orthocrossAT@cablespeedDOTcom.invalid>
    > wrote in news:bv5ef01n2juhjclnsbdecfll814bkfssh2@4ax.com:
    > > On Thu, 15 Jul 2004 16:38:35 -0500, "*Vanguard*"
    > > <lh_vanguard@mailblocks.com> wrote:
    > >
    > >>
    > >> So how did you *install* Windows XP Pro? From a Microsoft CD? Or
    > >> just by leaving whatever was on the hard drive when you "acquired"
    > >> it (which might mean you have a pirated copy of Windows)?
    > >
    > > vanguard, if you had read the OP's posting carefully, you would have
    > > noticed that he says he installed Windows 2000 SP4, NOT Windows XP
    > > Pro. He really didnt need to qualify the Windows 2000 version with
    > > "Pro", since that is the only version of Windows 2000 existing.
    >
    > So replace "Windows XP" with "Windows 2000", then repeat the question.
    > I'm bouncing around lots of newsgroups and often end up with several
    > posts open at a time while I research some of them.
    >
    > Since ZA isn't on the Windows CD (*any* flavor of Windows), I was
    > probing to find out how ZA was "bundled" with Windows. It would not
    > have gotten installed with the install of Windows. If it was another CD
    > in a package that had both Windows and ZA then the OP had to install it
    > and that's why it is on his hard drive (although I cannot verify the
    > path to the file was correct for ZA but the path where it was found is
    > suspicious although perhaps it is possible the user actually changed the
    > default path and specified that one). If the OP downloaded it then,
    > again, the OP did the install and would know how it got there.
    >
    > If it just automagically appeared without the OP ever installing
    > themself, and since it is not on the Windows CD to get included in that
    > install, and since the OP doesn't mentioning having a separate CD for it
    > or downloaded it to install it, then it would appear to be an infection.
    > The OP didn't mention doing a full scan using a recently updated
    > anti-virus product, but then they might not have thought of doing that
    > because the OP figured the zonealarm.exe was for the real ZoneAlarm.
  7. Archived from groups: comp.security.firewalls (More info?)

    On 16 Jul 2004 09:05:14 -0700, PTIVRIHOJPNR@spammotel.com (Pablo
    Rodriguez) wrote:

    >After reading your posts, I think it's an infection, although AVG
    >antivirus (most recent version downloaded on the weekend and updated
    >yesterday) didn't find any.
    >
    >I killed the process in taskmanager, renamed the .exe file and removed
    >every registry entry.
    >
    >Apparently everything is working fine and zonealarm is not loading
    >anymore (according to taskmanager).
    >
    >Thanks to all.
    >
    >
    >
    >"*Vanguard*" <lh_vanguard@mailblocks.com> wrote in message news:<7N2dnV29loB-52rdRVn-hA@comcast.com>...
    >> "Donald McDaniel" <orthocrossAT@cablespeedDOTcom.invalid>
    >> wrote in news:bv5ef01n2juhjclnsbdecfll814bkfssh2@4ax.com:
    >> > On Thu, 15 Jul 2004 16:38:35 -0500, "*Vanguard*"
    >> > <lh_vanguard@mailblocks.com> wrote:
    >> >
    >> >>
    >> >> So how did you *install* Windows XP Pro? From a Microsoft CD? Or
    >> >> just by leaving whatever was on the hard drive when you "acquired"
    >> >> it (which might mean you have a pirated copy of Windows)?
    >> >
    >> > vanguard, if you had read the OP's posting carefully, you would have
    >> > noticed that he says he installed Windows 2000 SP4, NOT Windows XP
    >> > Pro. He really didnt need to qualify the Windows 2000 version with
    >> > "Pro", since that is the only version of Windows 2000 existing.
    >>
    >> So replace "Windows XP" with "Windows 2000", then repeat the question.
    >> I'm bouncing around lots of newsgroups and often end up with several
    >> posts open at a time while I research some of them.
    >>
    >> Since ZA isn't on the Windows CD (*any* flavor of Windows), I was
    >> probing to find out how ZA was "bundled" with Windows. It would not
    >> have gotten installed with the install of Windows. If it was another CD
    >> in a package that had both Windows and ZA then the OP had to install it
    >> and that's why it is on his hard drive (although I cannot verify the
    >> path to the file was correct for ZA but the path where it was found is
    >> suspicious although perhaps it is possible the user actually changed the
    >> default path and specified that one). If the OP downloaded it then,
    >> again, the OP did the install and would know how it got there.
    >>
    >> If it just automagically appeared without the OP ever installing
    >> themself, and since it is not on the Windows CD to get included in that
    >> install, and since the OP doesn't mentioning having a separate CD for it
    >> or downloaded it to install it, then it would appear to be an infection.
    >> The OP didn't mention doing a full scan using a recently updated
    >> anti-virus product, but then they might not have thought of doing that
    >> because the OP figured the zonealarm.exe was for the real ZoneAlarm.

    ZoneAlarm is never bundled with either Windows 2000 or Windows XP
    (unless his Windows was an OEM version which installed a version of
    ZoneAlarm when the OS was installed.)

    If a file named "ZoneAlarm" was running on his system, he put it
    there. If he did not intentionally install an authentic copy of
    ZoneAlarm, it is obvious that it is most definitely a virus, trojan,
    or some other form of malware.

    Donald L McDaniel
    Post all replies to the Newsgroup, so that all may be informed.
    Remove the obvious to reply by email.
    ===============================================================
  8. Archived from groups: comp.security.firewalls (More info?)

    Donald McDaniel wrote:
    > [snip]
    >
    > vanguard, if you had read the OP's posting carefully, you would have
    > noticed that he says he installed Windows 2000 SP4, NOT Windows XP
    > Pro. He really didnt need to qualify the Windows 2000 version with
    > "Pro", since that is the only version of Windows 2000 existing.

    *cough*2000 Server*cough*

    --
    _ __/| William Anderson | Brodie: The Force is strong with this one
    \`O_o' neuro at well dot com | Jay: Dude, don't encourage him
    =(_ _)= http://neuro.me.uk/ | -- Mallrats, (1995)
    U - Thhbt! GPG 0xFA5F1100 |
Ask a new question

Read More

Firewalls Windows 2000 Security Networking