Strange Avast behaviour? (possible infection?)

Dear Sir or Madam,

today I have come for the first time to this forum. In case I make any mistakes without knowing I would like ask for your indulgence…

The reason for my visit is that my firewall (Outpost Firewall Pro) reported that a file called “10E26484-C0E9-43AA-AE4B-9855DFE1AC8C.EXE” was asking for permission to access the internet (which I denied). This file was supposed to be located in the Avast installation folder (C:\PROGRAM FILES\AVA\SETUP), which wasn’t the case when I checked (which I did before denying this .exe access to the internet).

Feeling unsure I have checked the firewall log. And according to the log this .exe seems to be directly related to Avast’s “AvastEmUpdate.exe”. Below an excerpt from the firewall log:

2013/06/26 17:50:10 [taskeng.exe:4776] start process 00000D4C/616 "C:\PROGRAM FILES\AVA\AVASTEMUPDATE.EXE" 2013/06/26 17:50:10 process info 00000D4C/616 <- 00000D49/4776 [C:\PROGRAM FILES\AVA\AVASTEMUPDATE.EXE] ""C:\Program Files\Ava\AvastEmUpdate.exe" " 2013/06/26 17:51:36 [avastemupdate.exe:616] start process 00000F88/3848 "C:\PROGRAM FILES\AVA\SETUP\10E26484-C0E9-43AA-AE4B-9855DFE1AC8C.EXE" 2013/06/26 17:51:36 process info 00000F88/3848 <- 00000D4C/616 [C:\PROGRAM FILES\AVA\SETUP\10E26484-C0E9-43AA-AE4B-9855DFE1AC8C.EXE] ""C:\Program Files\Ava\Setup\10e26484-c0e9-43aa-ae4b-9855dfe1ac8c.exe"" 2013/06/26 17:51:50 [10e26484-c0e9-43aa-ae4b-9855dfe1ac8c.exe:3848] process terminated 00000F88/3848 2013/06/26 17:51:50 [avastemupdate.exe:616] process terminated 00000D4C/616

What do you make of that?

PS.: I use Windows 7 64-Bit.

You should not block this as you can read here: http://www.shouldiblockit.com/avastemupdate.exe-74c470d8fa1fb9c025ecbf7964fd1a59.aspx
Here the FP, a general heuristic virus detection for Gen:Variant.Zusy.22497, isbeing discussed: http://forums.iobit.com/showthread.php?t=14316
poster of thread = Buddahfan

polonus

I see. Thanks a lot for your reply! :slight_smile: