Solved

Zone Alarm Detecting Suspicious Behaivor

Posted on 2008-10-16
2
1,098 Views
Last Modified: 2013-11-16
Hey Experts,

Zone Alarm is detecting the following file as malicious software: WINDOWS-KB890830-V2.3-DELTA located in the following path:

C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\Install

the file is trying to gain access to file mrtstub.exe located under

C:\5855c9dbc29d14d68b

Does someone knows something about it?? any info about this file, thks!!

R
0
Comment
Question by:esquivelp
2 Comments
 
LVL 1

Accepted Solution

by:
shadow5599 earned 250 total points
ID: 22737239
It appears to be part of Microsoft Windows Malicious Software Removal Tool and according to the MS article that would be the latest version. It may be trying to contact MS for updates and your firewall is catching it.

There are also viruses using that file name but generally they show up in random places such at the root of C or even other partitions. Judging by the location of yours, within a update folder, it seems safe. The key word here is "seems" so a continued blocking of it until such time as you can deem it perfectly safe is in order.

Another option is to download the official MS file from the link given below:
http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 22747366
According to this:

http://virscan.org/report/371dcb52e35ef3cc5de44a4620c65307.html

39 seperate av scan software apps. reported WINDOWS-KB890830-V2.3-DELTA as being clean.
So why is ZoneAlarm flagging it?
For peace of mind, you might try an online av scan:

http://www.bitdefender.com/scan8/ie.html
http://www.kaspersky.com/virusscanner
http://housecall.trendmicro.com/uk/

Good luck!!
+

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
What does this mean to you?  Source side firewall 3 71
Looking for a web usage history tracking tool. (budget) 3 88
iOS vulnerability (9.3.5) 5 81
Ransomeware 11 80
I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now