Advice Request Is "zlunwise.exe" a Windows process ?

Please provide comments and solutions that are helpful to the author of this topic.

Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
JB007 said:
Thanks @Andy Ful for your interest.
The file is not located in any folder; only in C:\zlunwise.exe ; no I did not find "zatutor.exe, zonestub.exe, and zclient.exe".
Is the presence on tyhe NSRL list mening that this file should be malicious ?
Click to expand...
The file itself is not malicious, but non-malicious legal files can be abused to execute malware. I doubt if this file in C: root location could be leftover after some legal installation. Thre are two very probable possibilities:
  1. You intentionally/accidentally downloaded this file to this location for some reason.
  2. The file was dropped there by a suspicious (or malicious ) process.
If there are no other signs of a possible infection then there is no need to worry. You can look if there are some other PE files (DLLs, etc.) in the root C: location (the files can be hidden when using default Explorer settings).
 
  • Thanks
  • Like
Reactions: JB007 and marcopaone
JB007

JB007

Level 26
Thread author
Verified
Top Poster
Well-known
May 19, 2016
1,580
Andy Ful said:
The file itself is not malicious, but non-malicious legal files can be abused to execute malware. I doubt if this file in C: root location could be leftover after some legal installation. Thre are two very probable possibilities:
  1. You intentionally/accidentally downloaded this file to this location for some reason.
  2. The file was dropped there by a suspicious (or malicious ) process.
If there are no other signs of a possible infection then there is no need to worry. You can look if there are some other PE files (DLLs, etc.) in the root C: location (the files can be hidden when using default Explorer settings).
Click to expand...
Thanks @Andy Ful for the explanations.
I found 3 "dll" related to "Check Point Software Technologies Ltd." I think that these are ZoneAlarm' leftovers :unsure:

1.PNG
2.PNG
 
  • Like
Reactions: roger_m, harlan4096 and Andy Ful
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
JB007 said:
Thanks @Andy Ful for the explanations.
I found 3 "dll" related to "Check Point Software Technologies Ltd." I think that these are ZoneAlarm' leftovers :unsure:

View attachment 265671
View attachment 265672
Click to expand...
You can check the DLLs on VT. If all PE files (DLLs, etc.) are clean and there are no other signs of a possible infection then it is probably OK. I have no idea how these files could be dropped at the root C: location. This is not a location that could be chosen by the ZoneAlarm installer. It would be also untypical for the malware. :)(y)
 
  • Like
  • Thanks
Reactions: JB007 and harlan4096
JB007

JB007

Level 26
Thread author
Verified
Top Poster
Well-known
May 19, 2016
1,580
Andy Ful said:
You can check the DLLs on VT. If all PE files (DLLs, etc.) are clean and there are no other signs of a possible infection then it is probably OK. I have no idea how these files could be dropped at the root C: location. This is not a location that could be chosen by the ZoneAlarm installer. It would be also untypical for the malware. :)(y)
Click to expand...
Thanks @Andy Ful
I'll check with VT ASAP (this desktop is not at my home).
 
  • Like
Reactions: Andy Ful

Similar threads

simmerskool
AI Assist process explorer VT "access is denied"
Replies
3
Views
447
AI-Powered Dedicated Forum
Bot
Bot
JB007
    • Like
Advice Request 1Blocker for Safari
Replies
3
Views
247
Web Extensions
enaph
enaph
Gandalf_The_Grey
    • Like
    • +Reputation
New Update Windows 10 KB5045594 update fixes multi-function printer bugs
Replies
0
Views
231
Windows 10
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top