Results 1 to 2 of 2

Thread: FOA: Nick Skrepetos - SUPERAntiSpyware question

Hybrid View

  1. 10-19-2006, 10:13 PM #1
    Andy Walker Guest

    FOA: Nick Skrepetos - SUPERAntiSpyware question


    This is a snippet from my ZA firewall logs after I started a
    SUPERAntiSpyware scan (using the free version). I was performing a
    "complete" scan using your latest defs. [Core: 3109, Trace: 1135,
    Program Version: 3.2.1028]

    Description SUPERAntiSpyware was prevented from changing the
    behavior of ZoneAlarm Anti-virus by modifying the file:
    WINDIR\Internet Logs\IAMDB.RDB
    Rating High
    Type File
    Subtype File Write
    Data WINDIR\Internet Logs\IAMDB.RDB
    Program C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
    Action Taken Blocked (once)
    Count 1

    The firewall AV blocked the action automatically and didn't offer an
    option to allow the file to be written to - I had the automatic
    treatment of threats turned on for AV.


    To the best of my knowledge the IAMDB.RDB file is where user settings
    for ZA are stored.


    Can you please tell me why SUPERAntiSpyware would need write access to
    IAMDB.RDB?


    Thank you,

    Andy
    Reply With Quote Reply With Quote
  2. 10-19-2006, 11:58 PM #2
    Nick Skrepetos Guest

    Re: FOA: Nick Skrepetos - SUPERAntiSpyware question


    Andy Walker wrote:
    > This is a snippet from my ZA firewall logs after I started a
    > SUPERAntiSpyware scan (using the free version). I was performing a
    > "complete" scan using your latest defs. [Core: 3109, Trace: 1135,
    > Program Version: 3.2.1028]
    >
    > Description SUPERAntiSpyware was prevented from changing the
    > behavior of ZoneAlarm Anti-virus by modifying the file:
    > WINDIR\Internet Logs\IAMDB.RDB
    > Rating High
    > Type File
    > Subtype File Write
    > Data WINDIR\Internet Logs\IAMDB.RDB
    > Program C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
    > Action Taken Blocked (once)
    > Count 1
    >
    > The firewall AV blocked the action automatically and didn't offer an
    > option to allow the file to be written to - I had the automatic
    > treatment of threats turned on for AV.
    >
    >
    > To the best of my knowledge the IAMDB.RDB file is where user settings
    > for ZA are stored.
    >
    >
    > Can you please tell me why SUPERAntiSpyware would need write access to
    > IAMDB.RDB?
    >
    >
    > Thank you,
    >
    > Andy

    Andy,

    SUPERAntiSpyware wouldn't write to the log files (or any files), we
    only open files for reading while scanning. ZoneAlarm AV appears to be
    false detecting a write to the file.

    I will install the Zone Alarm AV here and see if I get the same
    results.

    Nick Skrepetos
    SUPERAntiSpyware.com
    http://www.superantispyware.com

    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules