Solved

Zone Alarm Detecting Suspicious Behaivor

Posted on 2008-10-16
2
1,100 Views
Last Modified: 2013-11-16
Hey Experts,

Zone Alarm is detecting the following file as malicious software: WINDOWS-KB890830-V2.3-DELTA located in the following path:

C:\WINDOWS\SOFTWAREDISTRIBUTION\Download\Install

the file is trying to gain access to file mrtstub.exe located under

C:\5855c9dbc29d14d68b

Does someone knows something about it?? any info about this file, thks!!

R
0
Comment
Question by:esquivelp
2 Comments
 
LVL 1

Accepted Solution

by:
shadow5599 earned 250 total points
ID: 22737239
It appears to be part of Microsoft Windows Malicious Software Removal Tool and according to the MS article that would be the latest version. It may be trying to contact MS for updates and your firewall is catching it.

There are also viruses using that file name but generally they show up in random places such at the root of C or even other partitions. Judging by the location of yours, within a update folder, it seems safe. The key word here is "seems" so a continued blocking of it until such time as you can deem it perfectly safe is in order.

Another option is to download the official MS file from the link given below:
http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 22747366
According to this:

http://virscan.org/report/371dcb52e35ef3cc5de44a4620c65307.html

39 seperate av scan software apps. reported WINDOWS-KB890830-V2.3-DELTA as being clean.
So why is ZoneAlarm flagging it?
For peace of mind, you might try an online av scan:

http://www.bitdefender.com/scan8/ie.html
http://www.kaspersky.com/virusscanner
http://housecall.trendmicro.com/uk/

Good luck!!
+

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question