Results 1 to 4 of 4

Thread: suspicious entries in program control list, zonealram may have been compromised

  1. #1
    archive Guest

    Default suspicious entries in program control list, zonealram may have been compromised

    I have seen suspicious entries in program control list. They are all granted full internet access, and yet when I click on them, they don't show any information in the "entry detail" at the bottom of the window.The "program" column of the entries are :Corporation
    rr...

    The rest of the columns for them are Custom, Trusted, 4 green check marks, 1 red cross on email.
    The Entry Detail would show:File name : rLast policy update: Not applicableVerion:Last modified date:File size: 0KB

    That's it.
    Any
    body know if zonealarm ever being hijacked
    by spyware, by white-listing spywares themselves?If there is, then it's really bad.


    Operating System:Windows XP Pro
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2

    Default Re: suspicious entries in program control list, zonealram may have been compromised

    Whenever a newexecutable program is run, the program control list in ZoneAlarm will be updated to reflect that.It now boils down to whether those suspicious entries have been granted full internet/server access by default. Did you grant them access? Or do you have any user on your computer who might have granted them access?ZoneAlarm, as with every reputable security product, has its own mechanism to prevent it from getting hijacked (or turned off) by malware. I believe that possibility is very minute.

  3. #3
    archive Guest

    Default Re: suspicious entries in program control list, zonealram may have been compromised

    What really is strange is the unexpected entries are without any detail information.
    In any case, when zonealarm decides to add a new entry, it should check if it looks like a good one.
    For example, all detail info like file path, file size are all real and make sense.
    After these being verified and added, the integrity of the entry should be ensured.

    Obviously, zonealarm failed to do so, because I have seen such **bleep**py entries. Even if it's not a malware, it's at least a bug.
    No matter how bad is happening in its environment, whether it's from user or from malware or from a crashing OS, zonealarm just shouldn't let its critical data being tampered with. Otherwise, the rest of the protection mechanism wouldn't make sense any more.

  4. #4

    Default Re: suspicious entries in program control list, zonealram may have been compromised


    <BLOCKQUOTE><HR>archive wrote:
    What really is strange is the unexpected entries are without any detail information.
    In any case, when zonealarm decides to add a new entry, it should check if it looks like a good one.
    For example, all detail info like file path, file size are all real and make sense.
    After these being verified and added, the integrity of the entry should be ensured.

    Obviously, zonealarm failed to do so, because I have seen such **bleep**py entries. Even if it's not a malware, it's at least a bug.
    No matter how bad is happening in its environment, whether it's from user or from malware or from a crashing OS, zonealarm just shouldn't let its critical data being tampered with. Otherwise, the rest of the protection mechanism wouldn't make sense any more.
    <HR></BLOCKQUOTE>
    I am not a ZoneLabs employee, and as such I don't have the access to developers and the program code itself. I don't know how Program Control works deep within, can't really comment.If you needtechnical support, visit:http://www.zonealarm.com/store/conte...ch_support.jspYou can report suspected programbugs there as well.Do let me know what they say.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •