OT: Zonealarm spying on computers it is installed on?

  • Thread starter Thread starter capitan
  • Start date Start date
|
| | : http://www.a1-electronics.net/General_Interest/2005/Security_Nov.shtml
| :
| : Has anyone heard of this or had any experience with this? Is it true?
| :
| : --
| : capitan
|
| Don't know capitan, I read the article, interesting read, if it's true, they
| still should not have offered one alternative especially a Symantec one.
| There's too much irony in that one.
|
| - Winux P
|
|

I just installed eTrust EZ firewall within the past 10 days and my iamdb.rdb
file is up to 1.1 MB already, and last modified just minutes ago. I tried to
op[en the file in Wordpad, but it wouldn't open because the file was in use. I
guess I'll have to go inot Safe Mode to attempt to open it.

I guess we'll have to alert Homeland Security that we're being spied upon by our
firewall programs. It would make sense, it would explain a lot of suspicious
crashes I have at very suspicious junctures of my computing day. Somebody sends
a killbit to my computer before I even get to where they don't want me to go!
 
it's a hoax that's been floating around a few years.
Probably started by one of their major competitors and as you know how
these things go, it sticks and mushrooms.


You'll note that the article clearly advertises the sygate firewall.
Obviously written by a sygate fan or employee.

Protect yourself better by obtaining other software that lets you know
what programs are running behind your back.
Don't like the idea someone may be sending out information about your
habits to who knows where?
Click. Goddbye.

Somebody said it, "The best defense is the best offense".
 
What a bunch of turkeys. If they did not like ZoneAlarm, why didn't they
delete VSMONAPI.DLL and VSUTIL.DLL after they uninstalled ZoneAlarm if those
files were spying on them?

They offered proof of nothing on that page. The deserve to have a Symantec
product installed.

I wonder who even wrote the article?

Sez webbedouin here
http://community.freespeech.org/forum/viewtopic.php?forum=9&showtopic=1280&fromblock=yes

No author listed here...
http://www.a1-electronics.net/General_Interest/2005/Security_Nov.shtml

I use ZoneAlarm free.

I delete the contents of BACKUP.RDB, IAMDB.RDB, MYPENTIUM450.ldb and
tvDebug.log periodically.

BACKUP.RDB, IAMDB.RDB and MYPENTIUM450.ldb store your customized ZA
settings. You lose those settings by deleting the contents of those files,
but I like to clean 'em out once in a while.

BACKUP.RDB BACKUP.RDB 855 KB
IAMDB.RDB 862 KB
MYPENTIUM450.ldb (MYPENTIUM450 is my computer name) 624 KB
tvDebug.log 48.9 KB

All of those files grow. All except tvDebug.log grow because every time a
program tries to access the internet, ZA adds the program to Program Control
whether you want it listed or not.

vsmonapi.dll is in C:\WINDOWS\system32 Not C:\WINDOWS\SYSTEM
vsmonapi.dll is TrueVector Client Interface

VSUTIL.DLL is in C:\WINDOWS\system32 and C:\Program Files\Zone
Labs\ZoneAlarm\repair Not C:\WINDOWS\SYSTEM
VSUTIL.DLL is part of the TrueVector Service

What system were those guys in the article using, Windows 95?

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
 
Hi Capitan,

Yes,why n't and it is free,where they will get thier Big Bucks from,take
your Info and sell for Advertisers and target you with thier product and
redirect you to what ever they want you to go,I have a software for building
a website and I have a lot of Hits and Ads saying would you like to host your
web here and there,how the hell they know I will or want to host my website
and have such a thing,well little Genie told them that?,even while I'm here I
have the Tracker which is http://statse.webtrendsleeve.com,and I have Hits
from Particular Server,when I track it take me to the south america to
California to Hong kong to Amestrdam,Latvia,never end (it's called Spoofing
IPs).
anyway,got yourself a good program/software,pay money for it don't have it
free.
Free meaning they are free to wander in your PC and got what they want as
they are in supermarket,picking up goodies.
Good luck.
nass
 
Hi Cap'n
Looks like you better go paddle yer canoe is some other river!
Yet it would be interesting to see if anyone from ZA would like to comment
in this newsgroup, unless of course they feel their product is beyond
reproach?
I use the free version - no complaints - yet - so will keep using it.
Antioch
 
Wesley said:
What a bunch of turkeys. If they did not like ZoneAlarm, why didn't they
delete VSMONAPI.DLL and VSUTIL.DLL after they uninstalled ZoneAlarm if those
files were spying on them?

They offered proof of nothing on that page. The deserve to have a Symantec
product installed.

I wonder who even wrote the article?

Sez webbedouin here
http://community.freespeech.org/forum/viewtopic.php?forum=9&showtopic=1280&fromblock=yes

No author listed here...
http://www.a1-electronics.net/General_Interest/2005/Security_Nov.shtml

I use ZoneAlarm free.

I delete the contents of BACKUP.RDB, IAMDB.RDB, MYPENTIUM450.ldb and
tvDebug.log periodically.

BACKUP.RDB, IAMDB.RDB and MYPENTIUM450.ldb store your customized ZA
settings. You lose those settings by deleting the contents of those files,
but I like to clean 'em out once in a while.

BACKUP.RDB BACKUP.RDB 855 KB
IAMDB.RDB 862 KB
MYPENTIUM450.ldb (MYPENTIUM450 is my computer name) 624 KB
tvDebug.log 48.9 KB

All of those files grow. All except tvDebug.log grow because every time a
program tries to access the internet, ZA adds the program to Program Control
whether you want it listed or not.

vsmonapi.dll is in C:\WINDOWS\system32 Not C:\WINDOWS\SYSTEM
vsmonapi.dll is TrueVector Client Interface

VSUTIL.DLL is in C:\WINDOWS\system32 and C:\Program Files\Zone
Labs\ZoneAlarm\repair Not C:\WINDOWS\SYSTEM
VSUTIL.DLL is part of the TrueVector Service

What system were those guys in the article using, Windows 95?
Click to expand...


Well, I use it too and I have recommended it and even installed and
configured it for family and friends. Does anyone have a recommendation
for a replacement free firewall software? I used to use Sygate until
Symantech bought them. Are there any other good ones out there? Thanks.
 
Why do you want to replace ZoneAlarm?

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
 
Wesley said:
Why do you want to replace ZoneAlarm?
Click to expand...
Well, after I do some more research to find out if these allegations are
true, I may want to switch firewalls.
 
Do post back when you've completed your research, I say that will all
seriousness as well. Also you might want to look into what Symantec products
(especially) AntiVirus, leave behind when removing them. It ain't funny. I
am interested in what you find as I'm looking for an alternative firewall to
use to the Windows one and ZoneAlarm for reasons far from the article
(weblink) orginally posted.

- Winux P

: Wesley Vogel wrote:
: > Why do you want to replace ZoneAlarm?
: >
: Well, after I do some more research to find out if these allegations are
: true, I may want to switch firewalls.
:
: --
: capitan
 
Also you might want to look into what Symantec products
(especially) AntiVirus, leave behind when removing them. It ain't funny.
Click to expand...

Do you know of any articles on removing Symantec A/V completely from a
system? A buddy of mine bought a Dell with that cancer pre-installed,
he wants to remove it and move on... I know he's screwed, I just don't
know the specifics.

Thanks,
 
Don't know any articles Bob on the specifics, just went through the registry
with a microscope and a laser scaple. After removing from add remove all the
Symantec (sh!tmantec we started calling it) components, making sure no
Symantec compents were being loaded with Windows on startup. Deleting all
folders it created under Documents and Settings and Program Files, can't
remember if we had to take out any environment variables, doing alot of this
in safe mode and there was still one registry key it would not let me
delete. No problem though.

We too prchased this server with Windows pre-installed after requesting not
to have it pre-installed, not too problematic BUT Symantec was also
pre-installed or should say intrench in the system. Ended up installing
NOD32 anti-virus and everything worked much better without the Sh!tmantic
crapware.

We've also had a similar experiences removing McAffe Antivirus, which after
that experience should be called McAffee ProMalware cause that's what it is.

- Winux P

: On Thu, 2 Feb 2006 13:51:46 +1100, "Winux P" <[email protected]>
: wrote:
:
: >Also you might want to look into what Symantec products
: >(especially) AntiVirus, leave behind when removing them. It ain't funny.
:
: Do you know of any articles on removing Symantec A/V completely from a
: system? A buddy of mine bought a Dell with that cancer pre-installed,
: he wants to remove it and move on... I know he's screwed, I just don't
: know the specifics.
:
: Thanks,
:
 
We too prchased this server with Windows pre-installed after requesting not
to have it pre-installed, not too problematic BUT Symantec was also
pre-installed or should say intrench in the system. Ended up installing
NOD32 anti-virus and everything worked much better without the Sh!tmantic
crapware.

We've also had a similar experiences removing McAffe Antivirus, which after
that experience should be called McAffee ProMalware cause that's what it is.
Click to expand...

Thanks. My experience too. I don't mind hacking, but my friend is not
a techie so he needs something better than registry searching. I will
have to look around for some specifics.

Sh!tmantec is apt or maybe "Sprawl-mantec" is more accurate. What a
hog. Sh!tmantec also has a nasty habit of buying up young companies
with better products and turning them into sprawl-ware. Then I have to
go hunt for new companies. McAffee used to be better - it isn't
anymore.

The problem I run into is that if you want even a few of the OEM mods
(like battery control on laptops, video control sware, etc) then you
need the manufacturers load of software. Then it's a long day hacking
back out all the nonsense you don't want. I couldn't even get Toshiba
to tell me what apps the provided on the system or what they did - let
alone provide any documentation, even at the user level. But, I
digress! :-)

I like AVG A/V. Nice integration w/XP, no system takeover. Free for
home.
 
Do you know of any articles on removing Symantec A/V completely from a
system? A buddy of mine bought a Dell with that cancer pre-installed,
he wants to remove it and move on... I know he's screwed, I just don't
know the specifics.

Thanks,
Click to expand...

Sure install Linux and have it wipe your hard drive during installation.


--
_ _ _ ___ _____ ___
| | | | | / __> |_ _| / - \
| | | | | \__ \ | | | |
|
\ / iruses |_|ntruders <___/pyware |_|rojans |_|_|dware
Another toy "operating system" from MickeyMouse
 
Website doesn't substantiate, only makes suppositions. A few other
"mysterious" ZA files reside in the same subfolder.
My guess its sharing the configuration and hits with the ZA server, as opted
for during installation. But, I'll say it outloud as I can't substantiate
it, I DON'T KNOW.
 
Bob said:
Thanks. My experience too. I don't mind hacking, but my friend is not
a techie so he needs something better than registry searching. I will
have to look around for some specifics.

Sh!tmantec is apt or maybe "Sprawl-mantec" is more accurate. What a
hog. Sh!tmantec also has a nasty habit of buying up young companies
with better products and turning them into sprawl-ware. Then I have to
go hunt for new companies. McAffee used to be better - it isn't
anymore.

The problem I run into is that if you want even a few of the OEM mods
(like battery control on laptops, video control sware, etc) then you
need the manufacturers load of software. Then it's a long day hacking
back out all the nonsense you don't want. I couldn't even get Toshiba
to tell me what apps the provided on the system or what they did - let
alone provide any documentation, even at the user level. But, I
digress! :-)

I like AVG A/V. Nice integration w/XP, no system takeover. Free for
home.
Click to expand...

Having removed (I think ... ) most of Symantec stuff on my machines,
I ran into an issue a while back -- posted on Jan 6, included below
that may be of interest when removing Symantec stuff ...

[begin copy of post]
Just as a FYI to others out there, ran into an interesting "feature"
yesterday. XP Pro on all machines, trying to share a folder with
my virus definitions in it to another machine so it can get updates
without having to go to the internet (it is blocked). When
I would try to map or use UNC to access a shared folder (and
the permissions were correct), I would get this strange error
"Not enough server storage is available to process this command"

Turns out this was probably a Norton AV thing (but not sure),
however, what happens is the IRPStackSize is either missing
from the registry or set too small. The event logs will show
an event ID 2011 also. According to the information I found,
"Antivirus Software may cause event ID 2011" See the
Microsoft KB article at
http://support.microsoft.com/kb/177078 or the link at
http://winhlp.com/WxNotEnoughServerStorage.htm for
additional information. The MS link also references a
number of Symantec links (surprise !!) for more information.
My machine (the one sharing the folder) used to have Norton
on it, but it was removed (well, all the pieces I could find :-) )

Hope this helps someone else when they run into this.
 
Here's more:

"A Perfect Spy? It seems that ZoneAlarm Security Suite has been phoning
home, even when told not to. Last fall, InfoWorld Senior Contributing
Editor James Borck discovered ZA 6.0 was surreptitiously sending
encrypted data back to four different servers, despite disabling all of
the suite's communications options. Zone Labs denied the flaw for
nearly two months, then eventually chalked it up to a "bug" in the
software -- even though instructions to contact the servers were set
out in the program's XML code. A company spokesmodel says a fix for
the flaw will be coming soon and worried users can get around the bug
by modifying their Host file settings. However, there's no truth to
the rumor that the NSA used ZoneAlarm to spy on U.S. citizens." By
Robert X. Cringely®, January 13, 2006
http://www.infoworld.com/article/06/01/13/73792_03OPcringley_1.html

Yeah, right. NSA would never spy on U.S. citizens! And of course,
neither would Mossad!
http://www.theinquirer.net/?article=29157

ZoneAlarm says of itself: "Check Point's ZoneAlarm product line is one
of the most trusted brands in Internet security, creating award-winning
endpoint security solutions that protect millions of PCs from hackers,
spyware and data theft."
http://www.checkpoint.com/products/consumer/index.html

It looks like "millions" of PCs have been compromised, including mine!
One could answer, "You get what you pay for," but even the paid version
spies on you!
 
Back
Top