I found this post about Zone Alarm yesterday on Steve Gibsons site but I was very reluctant to mention it here for a couple reasons. First I would like to say that I am only posting this so that the members of this forum can read it and express there opinion on the subject if they choose to do so.
PLEASE NOTE- I am not at all saying that this is true or false and have not even expressed my opinion (yet). I am not supporting or opposing this view, just bringing it to your attention.


http://grc.com/x/chat.exe?cmd=article&group=shieldsup&item=15359&utag=

Dave

make's a very interesting read i wonder how far or deeper it goes????????????????

I just fired off an email to ZoneLabs, including an html copy of the page in question. Let us see what their response is.

BTW - I hinted at the possibility some time ago when I said "...maybe each copy has Back Orifice integrated into it." (http://www.sysopt.com/forum/Forum1/HTML/003878.html)



[This message has been edited by CMonster (edited 03-12-2000).]

Interesting read......

Cmonster, please be sure to post the response from ZoneLabs!

Thanks for posting, Dave!

Yep, you sure did CMonster! Is this why it's "free"?? Hmmm...??

Maybe it's related to this...

http://www.sysopt.com/forum/Forum1/HTML/004815.html

[This message has been edited by socalgal (edited 03-12-2000).]

So it seems nothing is free! I am interested in hearing more on this subject.

J http://www.sysopt.com/forum/smile.gif

Hey fater readinh on sysopt about aurte i went and found zonealarm. My word i didn't realise my computer was so popular after 15mins of using it ZA caught over 30 ip trying to acces me or my comp accessing them. I thought my computer was finally safe but no.

CMonster --- keep us posted on that will U.

Ever herd the old saying "There is no such thing as a free lunch?"

Just for the heck of it I have fired up my test computer and installed ZA on it. I have a fresh install of Windows on it, so I have none of the Aureate or Advert.dll stuff
I suppose that just like the Aureate thing, only time will tell where the truth lies.

Dave

What is even scarer for me was I had BOUGHT and used CuteFTP for almost a year (up until it was first mentioned about Aureate) I had UNinstalled a BOUGHT program and it still left that advert.dll file on my system. When it was first brought out about that file mine had grown to OVER 800KB! http://www.sysopt.com/forum/frown.gif needless to say that was deleted within seconds of me finding out about that!

That and other reasons I dont run much freeware or shareware on my main systems and they are tested out on a test system for quite some time.

BTW I still get stealthmode at Sheildsup without running any "firewall" software...Just good old fashion networking configurating.

Mntsnow

I have an Advert.dll file in my Windows/System file folder, and one in my CuteFTP demo folder.. What do I do?! Both of the dll's in properties have something to do with CompuServe GIF stuff and they from this Aureate (what is aureate)?!?! Help!!

I've had zone alarm for a while now, but am getting rid of it.. My system acts VERY weird ever since I got it...



[This message has been edited by brandon184 (edited 03-12-2000).]

Delete it!

I'm in the same boat as you, Mntsnow, with GetRight.. bought and paid for, and now can't even update it because of that Aureate mess!

ZA is gone (I hope all of it!) Other things suspicious stuff is gone or renamed.

I found another file that I'm not sure of. C:\Windows\Internet Logs: MyComputerName.ldb

Does anyone else have YourComputerName.ldb?

WTH is that?? http://www.tecgraf.puc-rio.br/~tomas/ldb/ (?)

I'm trying to find something to read the .ldb format...

Also to mention: I am getting spam now... I NEVER got spam before. And when I fill out forms - it goes to a Hotmail account, not my main account!!

Can't wait to see your test results Dave, and your response letter, CMonster.



[This message has been edited by socalgal (edited 03-12-2000).]

I will be sure to post in this forum any reply from ZoneLabs.

I had the demo of CuteFTP but I deleted it - $40 for something I can do in 3 commands from a DOS window or a Linux terminal?

...and yes it did sneak the advert.dll in on me too.

Funny you should mention that file socalgal.
Because it sits right next to the one I was trying to get into, the "iamdb.rdb".
I got the file "Dave.idb" in the same folder, the folder wasn't there until putting in ZA. I can open them with a hex editor, but still trying different things.
Dave

That's where mine was Dave... right next to it. Rather, used to be. Iamdb.rdb has been whacked.

But I will know what's on MyCompName.ldb if it takes me days or longer to figure out! <grrr>

didnt hav that .ldb but my advert.dll is 574kb. i can rename the one in windows/system and gozilla will still run

zone alarm stops loads of ips so i would like to keep somethin like that but don't know what. sasme goes for gozilla

any one got any sugestions for replacements

I too am working on that D*mn
"mycomputername.ldb file too Socalgal. If I find out something I will post it just as I'm sure you will...btw my "ldb" file is 40K in size

Mntsnow

Interesting.. I seemed to get a TON of blue screen errors (3 - 4 per day).. Since removing ZA... None. :-)

I can honestly see that ZoneAlarm is completely something else than a firewall.. We are fooled so easily.

Check out this link.
http://grc.com/x/chat.exe?cmd=article&group=shieldsup&item=15359&utag=




[This message has been edited by Magnum (edited 03-12-2000).]

Back to BID I go, I go....back to BID I go.

Hmm, to think I started useing ZA on steve gibson's sujestion.


It was interesting to note that there was no mention of these covert files during the custom uninstall. And "iamdb.rdb" is still present. It's at 58k. I'm going to leave it there for a bit to see if it grows any. I'll let ya know. Can't find mycomputername.ldb after uninstall.

Will someone tell me what ya'll are going about. I've had no problem with Zone Alarm and know I don't have Back Orifice . Also the Zone Alarm guy was on Leo La Porte's " Call for Help" recently and Leo was impressed and satisfied it wasn't a rip off program. Gotta have faith in something. If Leo and ZDTV say it's cool, I'm sticking with it. I'll be the Sysopt's guenia pig and if it eats my computer I have no one to blame but myself.
( I took the road less traveled by and that has made all the difference)There ain't nothing on my computer no one would want anyway, except a glossy 5x7 of your's truly. Now that would be a prize, indeed!!!!
I say , screw um all. If they wana come to the house, which they wouldn't have the _alls to do, I'd be right neighborly fur shure.Otherwise let them play their games, it'll eventually catch up to these smartass
m2462383479ers down the road.

the pickel

Believe in yourself, and stand up for what you believe!!!!!!!!

hmmm... I wonder if this latest scare is revenge for the Aureate (hoax?) story..??

Ohhh I dont think it a *trojan horse* (as in BackOrifice and netbus are) But I'm coming to think it's just not "FREE" like everyone thinks it is....If it is truely gathering information about you then you have "Sold yourself" to be able to use the software! The fun thing about all of this is depending on how you setup of networking and internet connections you can get "Stealth mode" at the test sites anyways without running a "firewall software". It just takes some time, knowledge and frequent checking to make sure that when you add, delete programs or adjust system settings that your net settings didnt get hosed in some way and open up a port.

ps. I'm against being tracked without my knowledge. If I choose to have someone monitor me so they can "deliver PERSONALIZED content" (ie: email and snail mail) then thats fine but if I dont authorize it then it's an invasion of my privacy!

Mntsnow

[This message has been edited by Mntsnow (edited 03-12-2000).]

I would like to believe that Steve Gibson is one of the good guys, and a smart one at that. Ever since I've looked into security and firewalls I've become more paranoid, but have come to realize I have to trust some people if I want to be on the net at all. The internet is a public domain and can be nasty as well but if we become so scared of everything on here, then we shouldn't be on at all. I think I remember seeing on the grc newsgroup that some high level gov't agency is using ZA. I want to think it's safe and it gives me some peace of mind for now.
PW

This does not sound very good at all.

well my take on it is this:

Steve Gibson provides free stuff
ZoneAlarm provides free stuff

People who sell the same stuff don't like it.

U-96

www.zonelabs.com (http://www.zonelabs.com) doesn't even have banner adds....How do you think they pay there bills U-96? http://www.sysopt.com/forum/smile.gif

As for Steve Gibson...he has a good and wide spread rep. I don't think he'd be careless with it by being involed with any under table doings....I hope not. Doesn't he plan on releasing his own "free" firewall?

Well, even though it's kinda difficult to shift through all the ****, I've been trying to keep up at Steve's discussion forum (http://grc.com/x/chat.exe?utag=&group=shieldsup&xrelated=&cmd_latest=View+Latest+Items) on this subject. And it seems to me that it only takes a couple of trouble-makers to ignite the fears of a lot of paranoid people, and then "whaalaa" (ala Mtnsnow http://www.sysopt.com/forum/wink.gif) we have a thread like this one.

Personally, I'm still using ZA and am still very happy with it.

well I found Gibson's analysis reasonably well argued (and he strikes me as being more paranoid than most) - that the TrueVector tech is licensed to the companies that monitor audience figures for internet sites. It is the same port monitoring that allows the firewall mechanism to work. This monitoring is supposedly done (like for TV) with volunteers, and probably with a set-top box type arrangement.

It really isn't beyond the realms of belief to suggest that competitors in the firewall industry would be p*ssed of at someone who gave out a workable product for free. Far more likely IMHO than some global conspiracy to record your computer's innards and online activity. (Echelon could learn a thing or two here!)

The jury is out on the Aureate scandal, but how come everyone forgot or believed M$/Intel about the P3 ID numbers?

The main problem is that now the idea is in the wild, it won't be long now before someone REALLY does do it (maybe they are already!), and it won't be for a bit of targeted advertising...

U-96

I use ZA beta 2.1.1, and I'm keeping it. ZoneLab makes it money from liscencing the true vector technology, not implementing it themselves. If your scared it's a port trojan, just drop to a command line prompt and try "netstat -an". If you don't actually have any trojans, find a port that shouldn't be there. All appears fine under netstat with ZA, and I do not have any suspicious netowrk ports open for receiving or sending network trafic. I'm with U-96 on this one, someone has taken the conetxt of a few words on ZL's website completely out of context. ZL has more fore-thought than to distribute an application that has no disclosure on information gathering. It would be a legal nightmare, and I don't think that is the attention that their trying to get. I've never noticed any unusual port activity, nor any wierd network trafic from ZA, so I'm most certain that no one is spying on my Internet activities (expect maybe for that white van that parks across the street everyday!! http://www.sysopt.com/forum/wink.gif )..


ZA Beta 2.1.1 download for those who missed it:
http://www.zonelabs.com/beta_download.htm

[This message has been edited by RobRich (edited 03-13-2000).]

OuTpaTienT...saw your post over there....advert.dll, and amcis.dll are aureate related, not ZA. I couldn't find adstream.dll myself. That guy is reaching hard for conspiracy. http://www.sysopt.com/forum/smile.gif

Personaly I own BID so I have no need to sit through this storm. I'll just wait 'till it blows over and then go back to the better firewall in ZA.

I tried something to try to confirm this: http://grc.com/x/chat.exe?cmd=article&group=shieldsup&item=15761&utag= atleast a little bit.

I uninstalled ZA...but left iamdb.ldb(58k). I was surprised the un-install proccess didn't sweep it but anyway. Now when I installed ZA again....it left the file at 58k, and now when I use the internet accessing programs that I used before the uninstall, ZA doesn't say anything about it as it usually does when I program does this. Though I went on to napster and now the file is 59k.


Ok, my fist attempt sucked, I didn't delete ZA registery entries. So this time I completely got rid of everything and started from scratch and monitored the iamdb.ldb file size. Here's what I observed:

installed ZA..........................0k
allowed IE to access internet.........29k
restart...............................30k
restart...............................31k
restart...............................32k
restart...............................32k
restart...............................33k
restart...............................33k
restart...............................34k
restart...............................34k
restart...............................35k
restart...............................35k
allow USAF auto-patcher to access.....37k
restart...............................37k
restart...............................38k
restart...............................38k
restart...............................39k
restart...............................39k
allow Icq to access internet
and to act as server..................42k
restart...............................42k
restart...............................43k
restart...............................43k
allow napster to access intenet
and to act as server..................46k
restart...............................46k
restart...............................47k
restart...............................47k

as much fun as that was, I quit there. http://www.sysopt.com/forum/smile.gif


[This message has been edited by seti (edited 03-13-2000).]

Hmm. This gets more interesting! I really liked ZA actually - it's outgoing monitoring feature and lock/pass lock feature among them. Since I already have BID installed and running, I'll keep ZA off until more information is forthcoming.

Interesting arguments above and at Steve's discussion site.

With all the Aureate/DoubleClick/web bugs/other secret monitoring being discovered, who wouldn't be suspicious? Seems like everything now must be scrutinized closely to determine whether or not our privacy is being breached.

Going to try to get that .ldb content today and it's size is 44K.

[This message has been edited by socalgal (edited 03-13-2000).]

Took a looksee at iamdb with a hex editor. Looks like this is where ZA keeps your settings. Such as which programs you have set up in the "Programs" tab, etc.

FWIW

Re: .ldb

http://www.microsoft.com/ACCESSDEV/Articles/jetlund.htm

Bah I will not use Zonealarm. I passed the tests at grc.com without firewall software on my machine just by following his simple tutorial about disabling netbios over tcp/ip . However, I am sure that there are other ways to get into my computer for someone who is experienced in the matter. I hope the Linksys router on the way provides more adequate protection than a software package. For those of you who do not mind paying 30 bucks for firewall software that does not leave suspicious files on your machine, try jammer at download.com . Nifty program I used until 30 days was up.

Have a win2k question. Anyone seen a tutorial for making a win2k machine safe from the internet? I think I have it but seeing someone else's opinions would help verify.

Hello everyone,

I am still awaiting a reply from ZoneLabs;

In the meantime, here is a copy of an email I wrote to another sysopt member:

"Personally I do not think that ZoneAlarm is a threat at all. I was only joking about the Back Orifice thing but in that humor I was pointing to the fact that there may be aspects to the program that do not appear on the surface. For one thing the fact the the program can register itself without telling you - you will notice that there is not button saying "Submit Registration." But if you make a change in registration while online and then check for an "Update," the registration will automatically be sent - what else is being sent? It seems that the program is exempt from its own controls.

They may be collecting information for advertising, that might be true; there is big money in selling databases these days. Even just names and email addresses. It is a voluntary registration, as you know, and I can't remember reading anything saying that they would not sell our information..

Here is my thought on the matter, if they are advertizing a product to enhance computer security and then get caught at using that very program to spy on their customers their reputation would be shot down the toilet - I do not think there would be much of a chance of ever marketing any program (or any other product) after that. There is simply too much possibility of exposure from such a maneuver and I don't believe that the company or individuals involved would risk it.

I am anxiously awaiting a response from ZoneLabs.'

I was able to open up the .ldb file, but can't make out to much of the information because the "user name" entries are not in plain text, and since my installation is new, the colums showing "logged on" and "compleated transactions" all show no or n/a.

I used the utility provided by socalgal's post "ldbview". How I opened the file was that first I had to copy the .ldb onto my desktop then use the "all file types" selection. For some reason, I could not open the original one, just the copy.
Dave

The reason you could not open the original file is because it is being used by ZA. If you disable ZA you will be able to look at it. That is how I did it anyway.

I have also started to get tons of spam at my main e-mail account, the one I only use for friends and family.

I am really not worried about any of this. The program works fine and does what I want it to.

~ADDED~
They also tell you all the file that are created by ZA including REg entries. http://www.zonelabs.com/zonealarm/za_faq_uninstall.htm#4


Also here is an explanation of what these files do. http://www.zonelabs.com/zonealarm/za_faq_details.htm

[This message has been edited by jad1097 (edited 03-13-2000).]

Dave, I got the same gibberish as you, except for the 'LBDX' User entries. Also, out of 704 #'d entries, one Committed Transaction was listed, also encrypted/not plain text.

Like jad, earlier I went to the source - ZoneLabs - and found there some innocuous sounding details. It sounded all quite innocent and reasonable, but there were a couple of paragraphs that I wondered about.
Something about information - I can't remember exactly and don't want to misquote, and the ZA site is unavailable at the time of this writing...

I'm thinking of reinstalling ZA to play with those files on my other system.

Seti, what did you use to read that iamdb.ldb file (I thought it was an .rdb file?) - was it LDB Viewer from the link I posted above?

Isn't this fun? http://www.sysopt.com/forum/wink.gif

after seeing how many connections my computer tries to make or recieves i'm not getting rid of ZA untill i've got something better. I think the file is what they say just a list of the programmes that you have told it to allow to connect.

i you want fun get one of the traceroute programmes that gives a graphical disply of the location of ip's. thatgreat fun you can see where each one is from. whooppee.

Well I havn't really looked at the file yet...Haha, I actully used wordpad just to see the file paths to programs I've allowed....those are in plain text. But it is obvious that this file holds more info than the just what programs we allow. Mine is at 57k now and I havn't allowed any other programs. (it was 47k the last time I checked) mycompname.ldb is pretty much all encrypted, and havn't tried to get in there.

As CMonster said...Zone Labs rep(and future)would be in jepordy if there indeed was a conspiracy, thus it would be in there best intrest to not be involved. However, if this is true, I'm surprised by the lack of PR and damage control on this issue. It seams to me if they were worried about there rep, a fast response to questions of privacy would be prudent.


I'm fine with BID, but as a firewall I've grown to like ZA more. I hope Zone Labs responds soon so I can resume use of there product.

Have y'all checked out Steve's board lately? There's a ZoneLabs rep posting there - Conrad Herrmann.

http://grc.com/x/chat.exe?utag=&group=shieldsup&xrelated=&cmd_latest=View+Latest+Items

[This message has been edited by socalgal (edited 03-13-2000).]

did some looking at the ZA lic agreement below.... makes no mention of any type of allowed reporting of information.... here is the cut and paste

This is the license for the free downloadable version of ZoneAlarm
("Software"). This license grants individuals and non-profit
organizations an unlimited-time license; commercial and governmental
organizations receive a 60-day trial license.

Carefully read the following terms and conditions before installing
and using this software. Unless you have a different license from Zone
Labs, Inc., your use of this software indicates your acceptance of this
license agreement and warranty.

1. GRANT OF LICENSE

Subject to the terms below, ZONE LABS hereby grants you a non-exclusive
, non-transferable license to install and to use the Software. If you
install and use this software in a commercial or governmental
organization, you may use the software for the purposes of evaluation,
without charge, for a period of 60 days. After 60 days, you must
either (a) obtain another license, or (b) uninstall and destroy any
copies of the software. If you install and use the software for
personal use or in a non-profit and non-governmental organization, you
may use the software without time limitation.

You may: (i) install and use the Software on your own computer(s); and
(ii) copy the software for back-up or archival purposes.

You may not: (i) reverse engineer, decompile, or disassemble the
Software; (ii) modify, or create derivative works based upon, the
Software in whole or in part; (iii) distribute copies of the Software;
(iv) remove any proprietary notices or labels on the Software; or (v)
resell, lease, rent, transfer, sublicense, or otherwise transfer rights
to the Software.

2. TITLE

You acknowledge that no title to the intellectual property in the
software is transferred to you. Title, ownership, rights, and
intellectual property rights in and to the Software shall remain in
ZONE LABS. The Software is protected by copyright and patent laws of
the United States and international treaties.

3. DISCLAIMER OF WARRANTY

The Software is provided to you at no charge. YOU AGREE THAT ZONE
LABS HAS MADE NO EXPRESS WARRANTIES, ORAL OR WRITTEN, TO CUSTOMER
REGARDING THE PRODUCTS AND THAT THE PRODUCTS ARE BEING TO THE CUSTOMER
"AS IS" WITHOUT WARRANTY OF ANY KIND. ZONE LABS DISCLAIMS ANY AND ALL
OTHER WARRANTIES, WHETHER EXPRESSED, IMPLIED, OR STATUTORY, INCLUDING,
BUT WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF NONINFRINGEMENT OF
THIRD PARTY RIGHTS, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR
PURPOSE. ZONE LABS SHALL NOT BE LIABLE FOR INDIRECT, INCIDENTAL,
SPECIAL, COVER, RELIANCE, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, LOSS OF ANTICIPATED PROFIT) ARISING FROM ANY CAUSE UNDER OR
RELATED TO THIS AGREEMENT.

4. LIMITATION OF LIABILITY

You must assume the entire risk of using the program. IN NO EVENT
SHALL ZONE LABS BE LIABLE TO YOU FOR ANY DAMAGES, INCLUDING ANY LOST
PROFITS, LOST SAVINGS, OR OTHER INCIDENTAL, INDIRECT OR CONSEQUENTIAL
DAMAGES OF ANY KIND ARISING OUT OF THE USE OF THE ZONE LABS SOFTWARE,
EVEN IF ZONE LABS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IN NO EVENT WILL ZONE LABS' LIABILITY FOR ANY CLAIM, WHETHER IN
CONTRACT, TORT, OR ANY OTHER THEORY OF LIABILITY, EXCEED THE LICENSE
FEE PAID BY YOU, PROVIDED, HOWEVER, IF THE RELEVANT PRODUCT WAS
PROVIDED TO YOU AT NO CHARGE YOU AGREE ZONE LABS SHALL NOT BE LIABLE
TO YOU FOR ANY DAMAGES. THIS LIMITATION SHALL APPLY TO CLAIMS OF
PERSONAL INJURY TO THE EXTENT PERMITTED BY LAW.

5. TERMINATION

This Agreement shall terminate automatically if you fail to comply with
the limitations described in this license. No notice shall be required
from ZONE LABS to effectuate such termination.

Upon termination, you must uninstall and destroy all copies of the
Software.

6. MISCELLANEOUS

Severability. In the event of invalidity of any provision of this
Agreement, the parties agree that such invalidity shall not affect the
validity of the remaining portions of this Agreement.

Export. You agree that you will not export or re-export the Software
outside of the jurisdiction in which you obtained it without the
appropriate United States or foreign government licenses.

Governing Law. This Agreement will be governed by the laws of the State
of California as they are applied to agreements between California
residents entered into and to be performed entirely within California.
The United Nations Convention on Contracts for the International Sale
of Goods is specifically disclaimed.

Entire Agreement. You agree that this is the entire agreement between
you and Zone Labs, which supersedes any prior agreement, whether
written or oral, and all other communications between Zone Labs and you
relating to the subject matter of this Agreement.

Reservation of rights. All rights not expressly granted in this
Agreement are reserved by Zone Labs.

Copyright (C) 1999 Zone Labs, Inc. 530 Howard Street, San Francisco,
CA, 94105. All rights reserved. Zone Labs, ZoneAlarm and TrueVector
are registered trademarks of Zone Labs, Inc.

Here is the one I like:

We like to say that ZoneAlarm uses about 5% of the capabilities of
TrueVector; anyone who has read our web site knows that TrueVector could
potentially be used to do all the nasty things people fear most. But
ZoneAlarm is specifically designed not to enable those features, precisely
because *it's a personal security product*.

-- Conrad Herrmann
Zone Labs, Inc.

Got that one Here (http://grc.com/x/chat.exe?cmd=article&group=shieldsup&item=15996&utag=)

Or asked why the log files "Grow"
It's a bug (http://grc.com/x/chat.exe?cmd=article&group=shieldsup&item=16005&utag=)

Hmmmmmm
Dave

Conrad Herrmann on iamdb growth:


It's a bug. Every time TrueVector starts up, it re-builds the list of adapters on your computer and then re-writes the zone definitions. You will undoubtedly find that the RDB file grows by 512 bytes each time you start and shut down VSMON most of the time. Thanks for the heads-up... This'll get fixed this beta.

Conrad Herrmann
Zone Labs, Inc.

I guess I should wait until the beta ver get's the kinks out and then I'll download the updated ver.

Jeez, I've never seen so much controversy on such a product, esp. one offered "free" over the net as a download. I don't want to have 2 keep monitoring my registry for "growths", and abnormalities, If the program has so many holes, I'll find some network software lying around at work and install that!

Just bringing this back to the top 'o the pile. Any new thoughts on ZA? Good or bad?

This is an interesting post indeed, so CMONSTER, did you ever get a reply from ZoneLabs?
Has everyone removed then re-installed ZoneAlarm?
So where has this whole thing gone, I'd sure be interested in hearing the latest. I checked out Steve's discussion forum and didn't see too much substance to back up the paranoia. I'm keeping ZoneAlarm on my comp, how about anyone else? Any additional problems using ZA?
c:::CHNsaw

I'm interested to know myself....

moreover, I'm interested to know if it's me or if there's a problam at grc.com - I can't accesss any of the grc.com links in this thread - constant 404 errors...and this thread is only days old, so i'm confused.

I also can't find the discussion forums on Steve Gibson's site...have they been removed? Anyone care to point me right?

Hi Morpheus1964,
I couldn't connect to any of these links either, it's not just you.
Maybe I'm not sure of what the discussion forum is, I did a "Search" there and found posts about "ZoneAlarm. I'll keep you posted if I find out anything else too.
c:::CHNsaw

I had it on my 98se and my 2K installs. Now it is gone. Awaiting news. I did a custom uninstall from 98se and removed ALL choices. It still left the suspicious files on my drive, which I deleted. Had to reinstall dial-up networking but PC seems fine otherwise.
To my knowledge, my pc is pretty safe without it as all ports are either closed or stealth.