ZoneAlarm update recognized as threat

[davide445 0]

Receiving notification from the personal fw ZoneAlarm of a new update, when I try to download it NOD32 state it's a threat and ask me to stop the connection.

 

Want to know if there is some real recently recognized threat on ZA website (hacked? my installation hacked? other?) or I need to tell NOD32 there is no problem.

[Marcos 4,361]

Couldn't it be that it was a potentially unwanted or unsafe application which was detected?

[davide445 0]

ZA tried to download from official Checkpoint website.

Testing myself out of the app managed download, I did try to download the update manually from Checkpoint website and NOD32 again signal it as a threat.

So want to know if I need to check something to be sure my computer was not compromised in some way (i.e. a rootkit or something that on the fly does change what I try to download from my browser), or NOD32 is too suspicious.

[SweX 871]

@davide445

 

https://www.wilderssecurity.com/threads/zone-alarm-firewall-free.364060/

Maybe this thread will help a little and give you a few answers regarding the detection from ESET if the detection you get is the same as that thread is about.

 

I don't think it is a "threat" detection that you see.

If you can tell us the ESET detection name then we can rule out that it may be something serious ?

[davide445 0]

@SweX

No it's not the Conduit threat.

Attached two screenshot, the 1 with the authomatic download triggered from ZA, the 2 when I try to manually download the app.

 

[Veremo 6]

It seems that ESET is the only top vendor protecting his customers from very beginning:

https://virustotal.com/pl/file/bc24c76f1f5ed878104eb9e747715c4117f6dc9fcdab8b30cd5a5780f99dedad/analysis/1462200411/

 

Yes, the detection is correct and was confirmed by ESET viruslab

ZoneAlarm server was not hacked, PUA file is signed by Check Point Software Technologies Ltd