Infection messages?
in [Help and Support]
|
Prev: Cannot Install / Find Driver for Microsoft 2.4GHz Transceiver USB?
Next: Persistent Problem with USPS Shipping Assistant .Net Framework
From: "FromTheRafters" erratic on 1 Jan 2010 07:28 "Kevin Zoll" <spd(a)malwareteks.com> wrote in message news:MPG.25a73f73d4a5af21989681(a)msnews.microsoft.com... [...] > The problem is that another security application deletes the non- > malicious history file at system start. Which in turn triggers A- > squared. A-Squared wrongly sees this as malicious activity. I know > what index.dat is and I know who Butts is, and his unethical > practices. Thanks for responding. I wouldn't fault A� for alerting to "suspicious" activity as well as malicious activity, but those messages do seem to indicate that an attempted deleting of an already deleted file is the problem. > The alteration, deletion, creation and replacement of files at system > start is very common with malware. Security applications should > monitor > this kind of system activity. Why A-squared is even trying to delete > index.dat is beyond me, and is something I will be discussing with the > developers. Please do share with us whatever information you can. > However, the point here is that one security application is doing one > thing while the other security application is doing another. > Conflicting > with each other. Yes, and the discussion the OP had with support outside of usenet did indicate this as well (others may have missed that part). I, too, see this as a case of too many antispyware (privacy) programs causing conflict by trying to affect the same resources (as well as "overkill"). It just seemed to me that checking for the existence (if...then) of the file prior to attempting to delete it would resolve this conflict. > A-squared Anti-Malware has both an AV engine and an AS engine. People > shouldn't be running 2 resident AVs. Kaspersky and A2AM are known to > interfere with each other. Something I would like to know is if beta > udpates was enabled. There a serval changes forth coming in A2AM and > if > the user has beta updates enabled or disabled would be nice to know. Hopefully the OP will read your post and respond on that point. > I normally don't post in news groups. Since David pointed this out > too > me the other night, I took the time to read this thread and the one at > the EMSI Support forums. > I will be bringing this to Christian's and/or Fabian's attention, as > soon as I can catch either or both on IM. Thanks for participating, it is nice to have knowledgeable posters join in.
From: Robin Bignall on 1 Jan 2010 16:49 On Thu, 31 Dec 2009 23:09:08 -0500, Kevin Zoll <spd(a)malwareteks.com> wrote: >In article <elNSxFhiKHA.1652(a)TK2MSFTNGP05.phx.gbl>, erratic >@nomail.afraid.org says... >> >> "Kevin Zoll" <spd(a)malwareteks.com> wrote in message >> news:MPG.25a5e6cd41422236989680(a)msnews.microsoft.com... >> > In article <hhgo1f$obm$1(a)leythos.motzarella.org>, trt(a)void.com says... >> >> >> >> I've read your posts there and the replies. No matter how many times >> >> you >> >> tell them they will not see past an infection. You are right to just >> >> uninstall it but I would send an email to Christian Mairoll the >> >> company CEO >> >> since this is not a malware issue but a software programming issue. >> >> Don't >> >> waste your time again starting from scratch. >> > >> > A security application is set to delete index.dat on system boot. A- >> > squared Anti-Malware is seeing this and alerting to the suspicious >> > activity. >> >> Then why would the message say: >> >> "...could not be removed. file is no longer existent" >> >> if A-squared wasn't trying to remove the file itself? >> >> Why try to remove a non-existent file? Why not check for the existence >> of a file before trying to remove it and generating such an error >> message. >> >> Why would the programmatical deletion of a browsing history file be >> considered suspicious activity? >> >> I'm tempted to agree with the software thief on this one. > >The problem is that another security application deletes the non- >malicious history file at system start. Which in turn triggers A- >squared. A-Squared wrongly sees this as malicious activity. I know >what index.dat is and I know who Butts is, and his unethical practices. > If some security application has deleted index.dat on startup, what exactly is restoring it? For it's certainly there after booting. >The alteration, deletion, creation and replacement of files at system >start is very common with malware. Security applications should monitor >this kind of system activity. Why A-squared is even trying to delete >index.dat is beyond me, and is something I will be discussing with the >developers. > >However, the point here is that one security application is doing one >thing while the other security application is doing another. Conflicting >with each other. > >A-squared Anti-Malware has both an AV engine and an AS engine. People >shouldn't be running 2 resident AVs. Kaspersky and A2AM are known to >interfere with each other. Something I would like to know is if beta >udpates was enabled. There a serval changes forth coming in A2AM and if >the user has beta updates enabled or disabled would be nice to know. > No, beta updates were not enabled. This is the first time I've heard that A2 is also an anti-virus product. I am now not surprised that it clashes with Kaspersky. I do not intend to uninstall the latter in favour of A2, which I bought originally as an anti-malware product. >I normally don't post in news groups. Since David pointed this out too >me the other night, I took the time to read this thread and the one at >the EMSI Support forums. > >I will be bringing this to Christian's and/or Fabian's attention, as >soon as I can catch either or both on IM. I shall follow the forum with interest. -- Robin (BrE) Herts, England
From: "FromTheRafters" erratic on 1 Jan 2010 17:12
"Robin Bignall" <docrobin(a)ntlworld.com> wrote in message news:ssqsj51g8r206m71qsg9j531m27ofqpv7j(a)4ax.com... > If some security application has deleted index.dat on startup, what > exactly is restoring it? For it's certainly there after booting. That would be either IE or XP (not sure if one can be clearly distinguished from the other). |