Author Topic: False positive on 'windowsupdate' - File unknown or too new?  (Read 1437 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
A while ago, a pop-up message notified me of an activity that not many have seen, or that was too new and should therefor be terminated. From what I understood, this concerned a background Windows update download. The originating server was 'windowsupdate.com' and upon checking the file string details, it seemed a legit activity. However, since there was a mentioning of that website delivering malware in the past or being hacked/abused and was no longer in use by Microsoft, I decided to be cautious and deny the activity. Today, that same message popped up and after checking the file details at the Microsoft support site, I decided to allow the activity.

My question: how would I know whether to allow or deny this kind of activity? If it is legit, why would that dialogue screen pop up in the first place? If it's not, how would I be able to verify whether this is a legitimate background process?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37598
  • Not a avast user
Re: False positive on 'windowsupdate' - File unknown or too new?
« Reply #1 on: June 27, 2016, 12:50:57 PM »
Quote
If it is legit, why would that dialogue screen pop up in the first place?
You have already answered that


"a pop-up message notified me of an activity that not many have seen,"
so a warning with new files not seen before and user decide what to do