Results 1 to 2 of 2

Thread: Strange behavior, mantispm.exe modified

  1. #1
    cjmacey Guest

    Default Strange behavior, mantispm.exe modified

    Yesterday morning when I booted my machine, the ZoneAlarm tray icon appeared for about thirty seconds, then disappeared. I restarted ZoneAlarm manually and it came up apparently normally, but then I got two alerts that maintispm was trying to access the trusted zone and then the Internet. I hurriedly unplugged the Ethernet jack and looked at the file. It apparently had just been modified. I saved the copy of mantispm.exe, reinstalled the latest and greatest official update from April 1, and did a binary compare on the mantispm file old and new. They are identical and are the same revision.

    The issue is, what caused the change to the modification date on the file, and why did I get the program alerts?

    The only scenario that makes sense to me is that mantispm.exe was patched by another program before or during the boot, allowed to run once, and then unpatched to make detection more difficult. I can't believe this wasn't a hostile act.

    A deep scan shows no viruses.

    I posted this on the AntiVirus/AntiSpam forum yesterday, but thought it more properly belongs here.

    Operating System:Windows XP Home Edition
    Software Version:8.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Nov 2004

    Default Re: Strange behavior, mantispm.exe modified

    Hi! please do not open multiplethreads with the same subject continue here: the answers from other users do not help then contact directly ZA technical support at: Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 24x6 Pacific time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts