Avast WEBforum
Other => Viruses and worms => Topic started by: 1dodo on July 31, 2004, 10:56:53 PM
-
I suddenly received a request from Alwil to click on a floating message and read their information letter (iNews). That I did because I trust them. After that I received a request from Avast to reboot my computer. No reason given about updates, etc. That I did. I noticed that a dll file of Avast requires to be renamed.
After reboot I scanned the Avast directory in Program Files and found a virus - Win32:Bridge [Trj]. File name: C:\Program Files\Alwil Software\Avast4\DATA\start.exe.vir
I do not know if there is a logic to all of this but it seems strange to me. I do not run any other anti-vir software.
-
1) Alwil (Avast) never will request you somthing like this.
2) The inews is news info you can choose to see or not. It's in the options of Avast
3) Avast (Alwil) as well as any other legitimate company/application will never use a file name with double extension.
I suddenly received a request from Alwil to click on a floating message and read their information letter
How and when did you received this so called request?
It seems to me that this is not something from Alwil.
For your information, I will report this post to the moderaters (Alwil team) since this looks like some harmfull application that is abusing Alwil software.
-
1)
(iNews).
2) After that I received a request from Avast to reboot my computer.
3)
I noticed that a dll file of Avast requires to be renamed.
4)
After reboot I scanned the Avast directory in Program Files and found a virus - Win32:Bridge [Trj]. File name: C:\Program Files\Alwil Software\Avast4\DATA\start.exe.vir
Hi,
hold down your horses..
1) iNews, normal if you didn't disable this, and anyway harmless
2) Necessary after a program-update (kernel/shield-components?): Normal
3) see 2): possible due to program-update, anyway, how did you find out, What/who told you ?
4) wasn't it rather something like ...\Avast4\Data\moved\start.exe.vir ??
-> avast renamed and MOVED a virus/trojan to a special folder (most probably on your request!!)
-> normal, good for you, and anyway: .VIR files are harmless & inactivated!!
no need to inform anyone from alwil, and you're perfectly safe & protected by avast
P.S.: you might want to read the link "VirusRemoval" below on how to secure your system/browser better,
so that those "Bridge" stuff and similar items don't even get to your PC, so avast can sit idly without anything to do..
;)
-
Artras - it appeared on my monitor, red background and with typical Avast letter style. Not while surfing. I still think it is strange and agree it cannot be Alwil.
Thanks whocares but the manner in which it all happened is just not the Alwil style.
1) This is the first time that I see iNews pop-up with a red flag requesting to be read. I also now have two htm links in directory Data. I've never before received any whatsoever notification.
2) Avast usually also tells me why I should reboot, and that after a confirmed visable program-update, not just a pop-up in the middle of nowhere out of the blue.
3) The dll name change shown to me by WinPatrol when it detects changes to restart file. I did note make a note of which Avast dll will be changed.
-
Well, this "popip in the middle of nowhere" could be the avast! auto-repair feature - if it detects a modification of its file, it tries to replace it by the original version (and it may require a reboot). The particular timing can appear random. It may be helpful to know the name of the DLL file.
As for the virus - just as whocares said, according to the extension it's an infected file you instructed avast! to move/rename. So, the file is still where it was moved (usually in <avast4>\Data\Moved folder) with .vir extension - which is nothing you should worry about. I'd suggest to simply delete the file.
-
I have just had this happen within the last 15 minutes.
The normal avast info window (for iVAS or Program Update) poped up for iNews, it related to avast Pro 4.1.396.
I didn't click to download and the window slid out of view as usual (and there were no download screens/windows indicating a download in progress). This was followed shortly by the request to reboot, which I declined.
Could this be to do with the fact that the last news on my setup is for the April avastPro 4.1.396 and there is some form of time delayed check for iNews update???
Also because this is obviously out of date could it somehow suggest a reboot is necessary???
About to do a full scan to confirm clear.
-
igor - sorry about the missing DLL filename. I did not make a note of it and I cannot find any other reference to the name change.