hidden file ! vsconfig.xml ??????

Discussion in 'malware problems & news' started by cyberblob, Apr 15, 2003.

Thread Status:
Not open for further replies.
  1. cyberblob

    cyberblob Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6
    Location:
    Melbourne, Australia
    Hi All
    We have a xml file in my systems dir.
    ...c:\windows\system\vsconfig.xml
    ...now over the last few month i habe deleteing this file and it comes back again as is ! I cant find where or what program which run this file ?

    Just last few days this IP number has changed from 147.208.130.167 too 208.185.174.60 , But as you can see
    the only way i can control this ip number is via ZoneAlarm or BlackInc...

    I have traced both wth not much help to there whereabouts !


    The vsconfig.xml script

    <?xml version="1.0" ?>
    - <securitypolicy version="1">
    <lockupinfo server="208.185.174.60" enable="true" />
    - <ruleset name="startupruleset" start="onstartup" stop="afterstartup">
    <firewall />
    </ruleset>
    </securitypolicy>

    So any one can advise me please !

    Beers @ cheers Cyber
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,425
    Location:
    Netherlands
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,133
    Location:
    New England
    Yes, that file is a normal part of Zone Alarm. I have the exact same file (same contents) as you do, and I run Zone Alarm Plus. I believe that file gets updated after you make your first network connection following a restart. And, it is a file related to the site ZA uses when it has to initiate the lockout feature.

    http://lockup.zonelabs.com/8083.html

    It appears that they changed the IP address for the location of the server related to that page. I can only imagine ZA updates the file to stay current with that site (i.e. in case the site moves to a new address).

    It's not any type of malware, so you don't need to be concerned about that.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.