Malware gen, BIT4A86. help

silentanarchy · September 11, 2014

I can't figure out why my antivirus (avast). keeps saying that this is a malware gen the it says it's a trojan gen. it's located in C:\ProgramData\374311380\BIT4A86.tmp. so when i start my computer up it rings and say threat has been detected and it puts it in the virus chest, but when i go to the directory i can't find how it's being generated.

also could i just delete the 374311380 folder or is that a necassary windows 7 file.

Sharif · September 11, 2014

Do a complete scan will malwarebytes,once you're done you can uninstall it if you want

https://www.malwarebytes.org/

Opcode · September 12, 2014

I would scan with Malwarebytes, if nothing comes up. You can try manually finding the infection.

One way is downloading Process Explorer from there you can see if anything "fishy" is running under your main Explorer process.

You can also navigate to your %temp% and %appdata% folders and look for any "fishy" executable's in there.

Lastly you can run "regedit" from the run command. And navigate to both of the following.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunHKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

You can look again for any "fishy" programs being ran at startup under them keys.

silentanarchy · September 12, 2014

Do a complete scan will malwarebytes,once you're done you can uninstall it if you want

https://www.malwarebytes.org/

I would scan with Malwarebytes, if nothing comes up. You can try manually finding the infection.

One way is downloading Process Explorer from there you can see if anything "fishy" is running under your main Explorer process.

You can also navigate to your %temp% and %appdata% folders and look for any "fishy" executable's in there.

Lastly you can run "regedit" from the run command. And navigate to both of the following.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunHKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
You can look again for any "fishy" programs being ran at startup under them keys.

Thanks i have another question I installed google sketchup and i want to uninstall it but it says "shipped extensions is not valid as a short filename i have not altered anything from the install folder.

Sharif · September 12, 2014

Thanks i have another question I installed google sketchup and i want to uninstall it but it says "shipped extensions is not valid as a short filename i have not altered anything from the install folder.

this might sound odd but try this download the latest version and install it and then uninstall it again

(the previous build might have problems)

Ps i suggest following your own thread