Results 1 to 5 of 5

Thread: True Vector Service VSMON Stealing information???

  1. #1
    silverswill Guest

    Default True Vector Service VSMON Stealing information???

    A privacy shield detected that the component of zonelabs named vsmon(6.1.737.000)
    blocked illegal screen access, this happened during the auto update process for virus/spyware defintionts.
    Was Zone lab trying to steal information from the active screen??? or is this a false alarm for the update service??
    Very concerened.


    Silverswill

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite
    Software Version:6.0

  2. #2
    spm Guest

    Default Re: True Vector Service VSMON Stealing information???

    Hi, Silverswill ... I am a little unsure about your post ... was it your privacy shield that was blocking vsmon or was your privacy shield reporting that vsmon had blocked something that was attempting illegal access ... at first glance, it looked like vsmon had blocked something that was attempting an illegal access ... your privacy shield, in whatever program it is you are running, would only know to look for the transmission of the data you have told it to protect out of your machine ... is this the ID Lock feature within Zone Alarm?Please tell us a little more about which privacy shield you are using and whether it was telling you IT blocked the data from vsmon or if it was reporting that vsmon had blocked something else ... sorry, I am not sure ... spm

  3. #3
    silverswill Guest

    Default Re: True Vector Service VSMON Stealing information???

    Snoop Free Privacy shield said that vsmon was trying to read the screen ie (capture information from the screen,, I would imagine the same function as hitting the print screen button) again this was during loging into a website and also the updating process either was beginggin or terminating?
    Does this imply a code inthe vsmon service that is attempting to steal user info on the screen or a false alarm?

  4. #4
    spm Guest

    Default Re: True Vector Service VSMON Stealing information???

    I am going to have to agree with you now, Silverswill, that something appears to be wrong with vsmon. I have never had vsmon suddenly quit but it happened yesterday. I started up a program I have that I don't run normally and it showed me all processes running and all connects in and out and it showed vsmon attempting to send NetBIOS Name on port 137 to IP 84.53.144.15 and 84.53.144.17. My router says this is a.r.tv.com but SmartDefense says these IPs are reserved by IANA and now these IPs are being reported as belonging to download.windowsupdate.com. I am worried about the integrity of my vsmon file.I also had my security events file fill up completely in a matter of hours yesterday with some very strange repeated entries ... thousands of them ... regarding authentication protocols, Kerberos (which I do NOT use), and about 7 other auth ident protocols and something reporting all password changes to somewhere. I could not save the security events log to clear it and tried several times to End Task in Task Manager ... sent about six Error Reports ... finally had to hit the button.Even if vsmon has not been commandeered and altered by something, it is not acting like it used to ... don't know enough to understand what all this means or if anything is related. I hope an expert will be able to help us, Silverswill ... spm

  5. #5
    oneder Guest

    Default Re: True Vector Service VSMON Stealing information???

    Snoopfree detected vsmon trying to read screen and hook keyboard here as well.This also happended with Winpatrol.Probably need to read read the screen and have other pc access for detecting any sus activities of other apps.But as the old saying goes "who's watching the watchers" LOL.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •