Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Might have malware? strange RarSFX0 Temp file with program not listed

1 Week Ago   #1
Rokkor

Windows 7 Home Premium 64bit
 
 
Might have malware? strange RarSFX0 Temp file with program not listed

I might have a malware problem? I bought a reconditioned, used W7 Home Premium machine from a certified computer re-installer company. The machine had a fresh install of W7 and it's legit and Windows is authenticated by by MS. Some time after I bought it I was poking around Windows files and find the machine had Aida64 on it, but it wasn't listed in the start menu under programs, and it doesn't come up under Uninstall Programs, maybe because it's a executable?


Recently I added Simple Software Restriction Policy 2.2 which disallows running of programs from temp folders and cache...OK today I moved Aida64.exe to the programs folder and gave it a shortcut to my Documents. When I try to run it, I get a message that says Simple Software Restriction Policy 2.2 can't run it because it's Aida64 is in c:\Users\*my name*\AppData\Local\Temp\RarSFX0\aida64.exe When I go look for this RarSFX0 folder it's not there. This all sounds fishy to me, I'd like to make sure it's not malware as I believe Aida64 can download from the internet and make changes to my computer so it could have been installed by a hacker with a backdoor trojan.



My System SpecsSystem Spec
.
1 Week Ago   #2
wither 2

Windows 7 Pro SP1 64 bit
 
 

If you want to make sure it's not malware, download and run the free Malwarebytes. You should also run a complete system scan with your anti-virus.
My System SpecsSystem Spec
1 Week Ago   #3
samuria

win 8 32 bit
 
 

It sounds as if the file you have is either zip file which expands to temp which you settings have blocked or its a portable file upload it to virus tool it will tell you if it's legite
My System SpecsSystem Spec
.

1 Week Ago   #4
badcrc

Windows 7 Pro x64 sp1
 
 

SFX means self-extracting. When you download a zip or Rar file, you normally need the associated program installed on your pc eg somefile.zip needs WinZip to unpack it. Some files are distributed as SFX, which means the file will unpack without the need for you to have the Zip or Rar program installed. SFX files are exe executable files, so would be something like myfile.exe.

It sounds like you have a SFX Aida64 - which would need unpacking, and then you run the install file to install as per usual. As has been mentioned - be very wary of unknown exe files, it could be malware named to look like a regular file.

I use Aida64 - here's the desktop gadget on my i7

Might have malware? strange RarSFX0 Temp file with program not listed-aida.png


My System SpecsSystem Spec
1 Week Ago   #5
Rokkor

Windows 7 Home Premium 64bit
 
 

Thanks for all the replies!...I ran a scan with both MSE and Malwarebytes and they came up clean. I uploaded the exe file for a virus check and it was clean. So it sounds like it was a self extracting file and not a problem.


If I want to remove aida64 from my system can I just delete the aida.exe file and the associated registry key?
HKEY_USERS\****************************\Software\FinalWire\AIDA64
My System SpecsSystem Spec
1 Week Ago   #6
samuria

win 8 32 bit
 
 

Before deleting anything from the reg first export it to a .reg file that way you can trade if needed then you can delete it
My System SpecsSystem Spec
Reply

 Might have malware? strange RarSFX0 Temp file with program not listed




Thread Tools




Similar help and support threads
Thread Forum
Default Programs - Remove a Listed Program
How to Remove a Listed Program in Default Programs for Windows 7 and Vista By default, you would normally uninstall a program to remove it from the list of programs in Set Default Programs. This will show you how to remove your choice of any program listed in the Windows 7 and Vista Set Default...
Tutorials
Any opinion on listed program?
hey guys, just want to know if you guys have any opinion on a few software that i use.. whether it's good for window or not.. thanks. :) 1-RegCure Pro 2-Riva Tuner 3-Revo uninstaller
Software
Uninstalled program still listed in Installed Programs
Hi, I recently installed and uninstalled a program. However, the entry for the program still remains in the Installed Programs list in the Control Panel. I have examined the Registry keys under uninstall and I cannot find this program listed there to be manually deleted. How do I remove this...
Software
Is PBRem.exe in the temp folder malware?
when i signed onto windows 7 a notice came up asking for permission for pbrem.exe to make changes to my computer. it was located in appdata\local\temp, i disallowed it, is it malware?
System Security
removing program not listed in "uninstall program"
I have Meta Trader4 forex trading platform program installed in my pc but is not listed in the "uninstall a program"in the control panel. I tried the Revo uninstaller pro and uninstall tool 2.9.7 but both of these program won't list the MetaTrader4 program. Does any body know how to uninstall a...
Software


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:16.
Twitter Facebook