This is probably nothing to worry about at all, but I thought I’d check.
While removing the remains of an infection I had trouble saving some repaired files in the Avast installation folder.
When I checked the attributes & permissions on the files I saw something I’d never seen before in the permissions for any file (& I’ve looked at quite a few).
The attached pic is a grab of the window.
Is this right?
No other files affected by the virus had this ‘problem’.
Is it a problem?
And why are you saving them to the avast folder/s ?
There is no 11001.htm (the one in your image) in the avast4\English folder, so it isn’t an avast file as far as I’m aware. Just try to modify an avast file and see the avast self-defence module have a whinge about that.
I wasn’t putting files in there. Why would I do that?
When I searched for any files containing an iframe block with a link to jl.chura.pl, these files were picked up.
They were already in the Avast folder, and they had been infected.
Here’s the contents of that file - Looks like an Avast file to me…
The Web site cannot be found
H1 { COLOR: #800000; font-style:normal; font-variant:normal; font-weight:normal; line-height:15pt; font-size:13pt; font-family:verdana }
DIV.sign { font-weight: bold; font-style:italic; }
TD { COLOR: #800000; vertical-align:center; text-align:left; font-style:normal; font-variant:normal; font-weight:normal; line-height:11pt; font-size:8pt; font-family:verdana }
HR { COLOR: #c0c0c0; }
BODY { background-color=#ffffff }
TD { width:400 }
TABLE {
The Web site cannot be found
The Web site you are looking for is unavailable due to its identification configuration settings.
Please try the following:
Click the Refresh button, or try again later.
If you typed the page address in the Address bar, make sure that it is spelled correctly.
Click the Back button to try another link.
11002 - Host not found
avast! Web Proxy
<P>Technical Information (for support personnel)</P>
<UL>
<LI>Background:
This error indicates that the gateway could not find an authoritative DNS server for the Web site you are trying to access.
Keep in mind that avast self-protects only its own files, not other files that might have somehow wound up in avast’s folders. That’s why it didn’t kick out a warning about that one - it’s not an avast file.
It may not be Avasts’ files that are being modified or added.
What was the infection you were dealing with, and what steps were taken to remove it?
I’ve read some posts online about the redirect site jl.chura.pl, and it’s not looking great. If you have been infected with Virut apparently the chances of recovery without a format and reinstall appear to be slim.
It may not be Avasts' files that are being modified or added.
definitely not.
They still have a virus on their PC and it’s creating random files. MBAM would be a good choice to help out, and a boot-time scan couldn’t hurt either.