Not Really Sure

[dokgu]

Hi,

I've recently opened a file (.exe) which I suspect to have viruses or malwares or spywares. Before opening it though, I scanned it with Avast and it turn out to be a safe file. After opening it I noticed that when I open a third-party application to view my Windows startup, I see 2 records for Avast. One is the normal one that I usually see:

"C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

Then the second one which I have just seen today is:

C:\Program Files\AVAST Software\Avast\setup\emupdate\ecb548a0-1048-4af1-adcf-ecd65c483280.exe /check

To me this is weird, but it is registered as one of Avast files. So I was wondering if this file is really a legitimate Avast file or has the file been injected maliciously? Thanks!

For now, I will disable this startup entry until I get an answer.

[Pondus]

I've recently opened a file (.exe) which I suspect to have viruses or malwares or spywares.  

Then why did you not check it first?    www.virustotal.com  /  www.jotti.org  /  www.metascan-online.com


Belongs to avast update...

[dokgu]

I've recently opened a file (.exe) which I suspect to have viruses or malwares or spywares.   

Then why did you not check it first?    www.virustotal.com  /  www.jotti.org  /  www.metascan-online.com


Belongs to avast update...

Like I said on my question:

Before opening it though, I scanned it with Avast and it turn out to be a safe file.

I didn't know I had to do more steps.
Funny because I have never seen it before. I always check my Windows startup regularly.

Ok, so this is a safe file that I can re-enable for my Windows startup?

[essexboy]

It appears to have been added via the latest VPS update

[dokgu]

Ok thanks! I can finally breathe now.

[Pondus]

No security programhave100% detection ....
So test downloaded files on VT before you run them.... then you test with 40+ malware scanners