Hello all.

I have ZoneAlarm Security Suite, and after my last ZA scan, it detected a Trojan file, which I deleted as instructed. At that time, a Spybot Registry Change message came up wanting to add SrePostpone, which I allowed, assuming that was related to the deleting of the Trojan.
Since then, when I start-up my XPsp2 computer, I get a Spybot message saying that SrePostpone is being deleted.

The following is the info message I got from the Spybot S&D REGISTRY ENTRY CHANGE dialog that came up, saying the value was being deleted. So far, I have denied the change, as I wasn't sure what this file was. Should I be allowing it to be deleted?


Current Filename: (blank)

Database status: Unknown
Value:srePostpone
Filename: rundll32.exe [path] srescan.dll, DoSpecialAction

Description
Related to ZoneAlarm . What does it do and is it required?

Source: Paul Collins Startup list

Please help - should I deny or allow?

The point in Spybot warning you about the registry change is that the trojan has been deleted. Of course, you are preventing this deletiion of the trojan because you are denying the registry change.

The best bet would be to allow the change!

Have you set TeaTimer to "Remember your Decision"?

Oops, Thanks! I was worried about that....which is why I did NOT set it to remember my decision. Was just confused as this value was ADDED, when ZA deleted the Trojan. Do you happen to know what SrePostpone is?

Thanks for your prompt response, too! :)

I'm getting very vague and little information about "SrePostpone". In some posts it seems like a start-up entry, after ZoneAlarm cleans a malware/trojan/or virus.

It should not be something for your to worry about.
In addition, what is more vague is that there is no entry name given in the TeaTimer prompt.

Personally, I do not find Collin's start-up list very useful because it does not provide adequate information for the user to comprehend whether this is good or bad.

The "SrePostpone" entry in Collin's list says it is related to ZoneAlarm. Problem is that if there were an updated version of Collin's list, then it would display everything the user needs to know, such as the version, is it legitimate or malicious, and what it does.

Problem is that there are countless processes to keep track off, so it would somewhat impossible to keep track of every single one.
--
SaferNetworking Forums is a warm, friendly community. :welcome:

Feel free to ask questions.

Thanks so much for your help! Am off to reboot and allow it to be deleted now. Have a great night/day !

You too.

BTW, :welcome:. ; )