Solved

Zone Alarm Detecting Suspicious Behaivor

Posted on 2008-10-16
2
1,097 Views
Last Modified: 2013-11-16
Hey Experts,

Zone Alarm is detecting the following file as malicious software: WINDOWS-KB890830-V2.3-DELTA located in the following path:

C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\Install

the file is trying to gain access to file mrtstub.exe located under

C:\5855c9dbc29d14d68b

Does someone knows something about it?? any info about this file, thks!!

R
0
Comment
Question by:esquivelp
2 Comments
 
LVL 1

Accepted Solution

by:
shadow5599 earned 250 total points
ID: 22737239
It appears to be part of Microsoft Windows Malicious Software Removal Tool and according to the MS article that would be the latest version. It may be trying to contact MS for updates and your firewall is catching it.

There are also viruses using that file name but generally they show up in random places such at the root of C or even other partitions. Judging by the location of yours, within a update folder, it seems safe. The key word here is "seems" so a continued blocking of it until such time as you can deem it perfectly safe is in order.

Another option is to download the official MS file from the link given below:
http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 22747366
According to this:

http://virscan.org/report/371dcb52e35ef3cc5de44a4620c65307.html

39 seperate av scan software apps. reported WINDOWS-KB890830-V2.3-DELTA as being clean.
So why is ZoneAlarm flagging it?
For peace of mind, you might try an online av scan:

http://www.bitdefender.com/scan8/ie.html
http://www.kaspersky.com/virusscanner
http://housecall.trendmicro.com/uk/

Good luck!!
+

0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now