« previous next »
Pages: [1]   Go Down

Author Topic: unknown exe file with Online Armor  (Read 2560 times)

0 Members and 1 Guest are viewing this topic.

Rob50

  • Guest
unknown exe file with Online Armor
« on: September 07, 2012, 11:49:14 AM »
Hi
can anyone help please, Online Armor keeps reporting, that an exe file wants to run at startup, and asks what to do, at the moment I have blocked them, ran a full scan with Avast and Malwarebytes, all clean, then ran CCleaner, another file popped up, and when I looked at its location in OA, there was an Avast folder there, so are the below files part of the Avast scans, I had set exclusions in OA for Avast, so not sure why it has started to pick up these files, if they are from Avast. I have not been able to get any info on these files from OA, so if you could point me in the right direction, It would be a great help

3d25f147-3f51-4f78-a7fa-09f39d0c91dc.exe, 0.0.0.0, (0.0.0.0)
C:\WINDOWS\Temp\3d25f147-3f51-4f78-a7fa-09f39d0c91dc.exe
Hash(MD5): C1B7BACC5F4A932870308FF2D2481F30


a0a37366-57e9-42b2-a034-22e27a3e5dde.exe, 0.0.0.0, (0.0.0.0)
C:\WINDOWS\Temp\a0a37366-57e9-42b2-a034-22e27a3e5dde.exe
Hash(MD5): C1B7BACC5F4A932870308FF2D2481F30


Thanks
Rob50
XP SP3
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37700
Re: unknown exe file with Online Armor
« Reply #1 on: September 07, 2012, 11:53:47 AM »
Hash(MD5): C1B7BACC5F4A932870308FF2D2481F30
https://www.virustotal.com/file/dc637b86043fb8756cda1e8b7a7cec989cbdb4f57064ae5f0b07667f71f93697/analysis/

Sigcheck
signers..................: AVAST Software; VeriSign Class 3 Code Signing 2010 CA; VeriSign Class 3 Public Primary Certification Authority - G5
signing date.............: 12:46 AM 8/20/2012

First seen by VirusTotal
2012-08-20 11:57:22 UTC ( 2 uker, 3 dager ago )


not sure if the sigcheck is correct as it is located in a temp folder   ???


you may rescan that file at VirusTotal and see if the result has changed ...




« Last Edit: September 07, 2012, 11:58:05 AM by Pondus »
Logged

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76012
    • >>> Avast Forum - Deutschsprachiger Bereich <<<
Re: unknown exe file with Online Armor
« Reply #2 on: September 07, 2012, 12:05:35 PM »
Guess this is an avast! emergency update.
Is AvastEmUpdate.exe allowed in OA..??
Logged
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Rob50

  • Guest
Re: unknown exe file with Online Armor
« Reply #3 on: September 10, 2012, 10:16:05 PM »
Asyn - Pondus,

Thank you both for your replies, it's good, that it looks like they are Avast files, I was worried that they may have been a virus etc. Alwil software and all sub folders is listed in the exclusions folder of OA, these files don't pop up all the time, so the next time OA flags one, as long as it traces back to an location with an Avast folder, I will allow it to run, to see if it stops them being blocked.

Thanks again for all your help
Rob50
Logged

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76012
    • >>> Avast Forum - Deutschsprachiger Bereich <<<
Re: unknown exe file with Online Armor
« Reply #4 on: September 23, 2012, 04:22:41 PM »
You're welcome.
Logged
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0
Pages: [1]   Go Up
« previous next »