Win32:NTFSCorrupt-I [Expl] from dl3.checkpoint.com

Avast reported an aborted connection from dl3.checkpoint.com due to detection of Win32:NTFSCorrupt-I [Expl].
That exploit doesn’t even come up in Google, so just wondering if anyone else has received this or if it might be a false positive.
Thanks for any advice.

I received the same message. I strongly suspect false positive and await avast’s response. I use avast free antivirus and zone alarm firewall (from checkpoint) An attempt at a manual update shows that zonealarm is up to date, so I wonder about the attempt anyway.

Thanks for the info. Nice to know I wasn’t the only one. Hopefully Avast will provide some guidance.

L.S.

When checking -http://crl4.digicert.com/ssca-sha2-g6.crl in the certificate chain ROOT1 is missing.
This is for IP → 23.6.153.55 = a23-6-153-55.deploy.static.akamaitechnologies.com
X509v3 Basic Constraints: CA:FALSE

In the case of -http://dl3.checkpoint.com/ → -http://downloads.checkpoint.com/dc/fileerror.htm
You should redirect your website visitors to the HTTPS version to avoid the “Not Secure” browser warning.
You’d even get such a warning from Mount Prospect for mixed content as well.

The Go Daddy Secure Certificate Authority - G2 does not have this error.

polonus (volunteer 3rd party cold recon website sescurity analyst and website error-hunter)

I second what bigbear9 said! I just got this today, and checked my Zonealarm as well. It said it was up to date.

So Avast, what’s the deal? I could not find a more efficient way to submit information although I spent a good bit of time looking for one.

I also found this message when I returned to my computer this evening. I was surprised to find it was “awake” as I had been away for 16 hours.

Also, the message is continually sent at intervals since it took me several clicks to clear the message from my screen. I also use ZoneAlarm firewall.

Update: Decided to uninstall then reinstall Zone Alarm. This seems to have taken care of the issue (or, Avast or Zone fixed it on their end). Prior to this I ran several Virus/Malware scans and found no issues. I re-ran the scans after as well. Found no Registry anomalies either.

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php