Solved

Zone Alarm Detecting Suspicious Behaivor

Posted on 2008-10-16
2
1,107 Views
Last Modified: 2013-11-16
Hey Experts,

Zone Alarm is detecting the following file as malicious software: WINDOWS-KB890830-V2.3-DELTA located in the following path:

C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\Install

the file is trying to gain access to file mrtstub.exe located under

C:\5855c9dbc29d14d68b

Does someone knows something about it?? any info about this file, thks!!

R
0
Comment
Question by:esquivelp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
shadow5599 earned 250 total points
ID: 22737239
It appears to be part of Microsoft Windows Malicious Software Removal Tool and according to the MS article that would be the latest version. It may be trying to contact MS for updates and your firewall is catching it.

There are also viruses using that file name but generally they show up in random places such at the root of C or even other partitions. Judging by the location of yours, within a update folder, it seems safe. The key word here is "seems" so a continued blocking of it until such time as you can deem it perfectly safe is in order.

Another option is to download the official MS file from the link given below:
http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 22747366
According to this:

http://virscan.org/report/371dcb52e35ef3cc5de44a4620c65307.html

39 seperate av scan software apps. reported WINDOWS-KB890830-V2.3-DELTA as being clean.
So why is ZoneAlarm flagging it?
For peace of mind, you might try an online av scan:

http://www.bitdefender.com/scan8/ie.html
http://www.kaspersky.com/virusscanner
http://housecall.trendmicro.com/uk/

Good luck!!
+

0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question