Author Topic: Temp files/folders found as virus  (Read 4324 times)

0 Members and 1 Guest are viewing this topic.

Offline otcd

  • Newbie
  • *
  • Posts: 4
Temp files/folders found as virus
« on: March 02, 2014, 09:09:08 PM »
Hi
Each time my PC boot, Avast finds some temp folders at User/application/local/... as viruses
The folders/files related somehow to BOX sync SW (cloud files keeping)
The note shows one time and cleaning these folders doesn't help
What can be wrong? how do i stop these messages of Avast?
My PC is windows 8.1 64 bit
TX

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85761
  • No support PMs thanks
Re: Temp files/folders found as virus
« Reply #1 on: March 02, 2014, 11:04:16 PM »
We will need more detail on the exact location ?
We will also need the file name and malware name given in the avast detection ?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline otcd

  • Newbie
  • *
  • Posts: 4
Re: Temp files/folders found as virus
« Reply #2 on: March 03, 2014, 07:00:08 PM »
Is there a log file i may look for and send? where can i find the messages and track per your question?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37106
Re: Temp files/folders found as virus
« Reply #3 on: March 03, 2014, 07:08:01 PM »
Quote
Each time my PC boot, Avast finds some temp folders at User/application/local/... as viruses
take a screenshot of this and attach


follow instructions here and attach Malwarebytes and OTL log    http://forum.avast.com/index.php?topic=53253.0


Offline Ѕeeкɘя

  • Full Member
  • ***
  • Posts: 101
Re: Temp files/folders found as virus
« Reply #4 on: March 03, 2014, 08:34:43 PM »
Here, avast detected a Malware in this folder path on windows 7. C:\ProgramData\Microsoft\Crypto\RSA64\temp The file named was tmp4C7A. exe
Now, I am not sure how it got there despite the resident shield being on the ON state. Nevertheless, it detected the file as a virus few times but couldn't seem to have deleted it. So, I ran boot time scan. It deleted the file. However, now I do not know if it had deleted an important system file. So far there is no problem as such so I guess, it was not that important. There is another file of similar type named tmpE495. exe which is clean.

I just hope everything is fine. You could run a boot scan and see if it solves.
Intel® Core i3 2310M 2.1 GHz || 3GB || Windows® 7U SP1 32 bit || Avast Free 2015.10.2.2215 |||| MBAM Free || IE 11, Chrome 65, FF Beta 60

Offline Paul_D

  • Full Member
  • ***
  • Posts: 103
Re: Temp files/folders found as virus
« Reply #5 on: March 03, 2014, 10:15:28 PM »
If it's in a temp folder it is unlikely to be an important system file.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37106
Re: Temp files/folders found as virus
« Reply #6 on: March 03, 2014, 10:19:22 PM »
If it's in a temp folder it is unlikely to be an important system file.
yes.....but as he say, avast find it at evry boot.....so wher does it come from if avast remove it at evry boot?

Log will tell if he attach them

Offline otcd

  • Newbie
  • *
  • Posts: 4
Re: Temp files/folders found as virus
« Reply #7 on: March 04, 2014, 09:53:42 PM »
Here is the screenshot

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37106
Re: Temp files/folders found as virus
« Reply #8 on: March 04, 2014, 10:05:00 PM »
Win32:Evo-gen [susp] = suspicious

send file to avast lab, using one of these options
also add a link to this topic in case they reply here...


You can upload files and report issues to avast  here : http://www.avast.com/contact-form.php  (select subject according to Your case)

You can use mail
send to virus@avast.com in a password protected zip file
mail subject:  False Positive / undetected sample (select subject according to your case)
zip password:  infected

or you can send files from avast chest
how to use the chest.    http://www.avast.com/faq.php?article=AVKB21