Solved

Zone Alarm Detecting Suspicious Behaivor

Posted on 2008-10-16
2
1,106 Views
Last Modified: 2013-11-16
Hey Experts,

Zone Alarm is detecting the following file as malicious software: WINDOWS-KB890830-V2.3-DELTA located in the following path:

C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\Install

the file is trying to gain access to file mrtstub.exe located under

C:\5855c9dbc29d14d68b

Does someone knows something about it?? any info about this file, thks!!

R
0
Comment
Question by:esquivelp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
shadow5599 earned 250 total points
ID: 22737239
It appears to be part of Microsoft Windows Malicious Software Removal Tool and according to the MS article that would be the latest version. It may be trying to contact MS for updates and your firewall is catching it.

There are also viruses using that file name but generally they show up in random places such at the root of C or even other partitions. Judging by the location of yours, within a update folder, it seems safe. The key word here is "seems" so a continued blocking of it until such time as you can deem it perfectly safe is in order.

Another option is to download the official MS file from the link given below:
http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 22747366
According to this:

http://virscan.org/report/371dcb52e35ef3cc5de44a4620c65307.html

39 seperate av scan software apps. reported WINDOWS-KB890830-V2.3-DELTA as being clean.
So why is ZoneAlarm flagging it?
For peace of mind, you might try an online av scan:

http://www.bitdefender.com/scan8/ie.html
http://www.kaspersky.com/virusscanner
http://housecall.trendmicro.com/uk/

Good luck!!
+

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question