Results 1 to 3 of 3

Thread: ALERT!!!! SPYWARE FOUND IN ZONEALARM VERSION 7.0.302.000

  1. #1
    paulsimons Guest

    Default ALERT!!!! SPYWARE FOUND IN ZONEALARM VERSION 7.0.302.000

    running Zonealarm Pro 7.0.302.000 on Windows XP SP2.

    The computer is connected to the internet via a dial-up connection. (No hardware firewall/router etc.)

    All applications are shut down except Zone Alarm and Avast, (ie. the computer at rest).

    The zone alarm traffic meter is NOT showing (ie. the two little red and green columns).

    Only the black z (grey outline) is showing in the system tray.

    The problem is this: (AND I KNOW WHAT THIS IS BEFORE YOU REPLY TO TELL ME WHAT THE ICON BELOW IS)

    The system tray alert icon is flashing constantly for no reason whilst the PC is at rest. (this icon here ---> http://forum.zonelabs.org/zonelabs/b...ssage.id=39240)

    The log viewer is not registering any abnormal amount of blocked packets (ie. I've checked whilst the aforementioned icon is flashing and there aren't any packets being blocked and causing the above.

    I KNOW WHAT THIS ICON REPRESENTS BUT THE FACT IT IS FLASHING CONSTANTLY INDICATES SPYWARE IS ACTIVE.

    Or does anyone else with more experience than I (ie. I'm not a 'Guru') have a specific and concise explanation?

    Thanks in advance,

    Paul.

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: ALERT!!!! SPYWARE FOUND IN ZONEALARM VERSION 7.0.302.000

    Hi PaulSimons

    Click Start and open the Run and type in command and click OK.

    In the command proompt, type in netsat -ano and hit the enter key.

    The PID are listed. Open the Task Manager (hit Ctrl+ Alt + Del at the same time). Open the Processes tab. Select View in the Toolbar and click the Select Columns and then select the PID (Process Identifier) and OK. Now match the PID listed in the command with the PID of the Task Manager. This should give a clear and precise view of what is actually happening in regards to processes and the connections.

    Note 127.0.0.1 is the internal address of the PC, while 0.0.0.0 a is non routeable address and probably goes no where or have any internet relationships.

    Oldsod
    Best regards.
    oldsod

  3. #3
    marcz Guest

    Default Re: ALERT!!!! SPYWARE FOUND IN ZONEALARM VERSION 7.0.302.000

    Paul,

    Are you sure it's not just ZA alerting you to the fact that any one of it's components is monitoring something, like Anti-Spyware, or Programs, or Firewall, or OS Firewall or Spysite Blocking?

    Have you compared each of the Log Viewers to each of the logs to see what kind of reporting (or logging) ZA is doing?
    It is the System Tray Icon Alert: When enabled, blinks in front of the system tray alert WHENEVER a Security Event is taking place.

    Keep in mind, the strength of ZA does not only mean that a Security Event is connecting to the internet. It very well could be a virus attacking a system file. It could be Avast scanning a Zone Alarm file.


    Why would you SCREAM that Spyware was found?

    Please take a look at ALL of your Logs in ZA interface, not just the Firewall log? Do you need help locating it?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •