I went off to have a bite to eat, Came back to the computer and notied an avast notification that flashed up for 5 seconds then went.
I checked the quarntine, nothing present there. Looked at the Avast txt logs, can’t see a mention of the virus there…
Wondering what’s going on. running a full system scan right now.
Ok got a log
Feb 12 13:40:17 2015 - /popup/fs_virus
Thu Feb 12 13:40:44 2015 - [IDR_HTM_MAIN_FRAME] {button} settings:
however the chest isn’t saying theres anything present.
That was a website… I’m guessing something hijacked a file and is connecting to a site which Avast! is actively blocking. That, or you had a site open that avast! didn’t like.
Right click avast tray icon … Show last popup
Will not work if you have rebooted
Thanks for the information,
Ok the file in question was Lococycle’s launcher inside of the steamapps folder.
Infection: Win-32 evo-gen [Sus]
Process was rundll32.exe
I have also attached an image of the popup.
Thanks
Oliver
Ok the file has now been moved to my Virus Chest (after using explorer to view the file.)
The launcher is developed by a company called Twisted Pixel.
Just uploaded a sample to virus total.
second scan provided Avast’s scan as well.
and a malwr scan
https://malwr.com/analysis/MjNhZmU1YzA0ZTRiNGIyMjhjNjA2ZDdlMjNiN2ExNzY/
File has been submitted to Avast’s Anti-virus lab as a false postive.
Hi OliPicard
Probably a FP, as 96% of users kept that file: http://www.shouldiremoveit.com/LocoCycle-119694-program.aspx
This info was only available as cache info, here is the link: http://webcache.googleusercontent.com/search?q=cache:Vx_09EeRLpMJ:forums.cnet.com/7723-6132_102-267518/launcher-exe-legal-process-or-spyware/+&cd=1&hl=nl&ct=clnk&gl=nl
For the malwr scan also consider this info: http://www.thomaskoetzing.de/index.php?option=com_smf&Itemid=0&topic=1170.0;
Java issue - do you work Java, if so is your Java the latest available version?
polonus
Hi Polonus,
Glad to hear it’s nothing serious! Hopefully Avast will look into the file using there lab scans to see if theres anything hiding.
I’m not using Java or JRE at this moment in time due to the many security holes in the software.
Many Thanks
Oliver
Win32:Evo-Gen [Susp] = Suspicious
Launcher.exe First submission 2014-05-08 13:14:27 UTC ( 9 months, 1 week ago )
I bet it will be cured with a next Avast update. This has happened before for files like launcher.exe patched updates.
polonus