I have been informed by MVP’s at the Aumha Windows Support Center site (i.e. http://www.aumha.org/) that the BIT392.tmp Avast keeps identifying as a virus is in fact not a virus. Below is the quote which I said I would share. Please let me know of your thoughts or suggestions. Below they actually identify the actual BIT threat.

"[i]BIT392.TMP IS NOT A VIRUS. AVAST! is completely wrong about this file. Please email AVAST! about this false positive. This is dangerous and reckless behavior on the part of AVAST! to flag this file. It should flag BITFFFxxx.TMP. AVAST! needs to be fixed by its maker or it should be replaced by you with a better antivirus.

" It is not malware.
One component of Windows Update is its BITS service. This is the Background Intelligent Transfer Service, and is a necessary and core component of Windows Update.

While it is working it uses one or more temporary files for every download that has to be made. These temporary files indicate the working status of the update. When an update has been concluded, and installed without error, BITS will remove these temporary files automatically.

"If AVAST! attempts to block them or delete them, you leave BITS believing that the download either never occured, or encountered a fatal error. In any case, the file is completely harmless, and completely necessary for the Background Intelligent Transfer Service to work properly.

“It is dangerous and reckless for AVAST! to interfere with the BITS process. It has no right to do so. If AVAST! will not fix this false positive, then you should change antivirus programs. The temporary files it thinks it is blocking have a filename that is BITFF followed by a random set of three numbers. It is dangerously confused, this is a false positive, and if not corrected would lead me to replace AVAST! as my antivirus. [/i]”

A bit of a rant there, but Avast has never and I mean never flagged the windows file on my system.

I agree, that was quite a rant by this individual. However, is it true? I don’t have any malware on my computer and this Avast detection only came up when I updated Avast. I’ve been through all the malware procedures and this is not considered a malware virus.

You didn’t supply one important information - what malware (name) is detected in that file.

It is possible that this is a false positive. To fix it, please pack the file into a password-protected ZIP or RAR and send it (together with the password) to virus@avast.com for analysis (preferably with something like “False alarm” as subject).
Thanks.

1200 + AVast users on this site, not once has it reported said file as infected.

What a totally overboard reaction. If it were me I’d have said, “Ah yeah, it might be detecting it as a false positive. Stick it on your exclude list and inform Avast!”.
Instead they’ve gone on a witch-hunt. Next thing you know they’ll be burning Avast! efigies in the streets.

Don’t misunderstand gang. I love Avast! I don’t plan on changing despite the rant I posted from an IT individual that better described the issue–despite their point of view. I hated Norton, great but too complicated. However, if there is a misdiagnosed file, then it has to be identified. There is a first time for everything. A mis-diagnosis doesn’t disqualify Avast as a good product.

Here is the name: Win32:Zlober [Drp]

I did an Internet search and didn’t find anything on it. Yes, some similar names, but nothing on it specific except I think in a foreign language.

I will zip the file and send it as requested. I looking for help, not criticism.

Sure. Thanks for helping improving avast.

No criticism of you, as you did not write the quoted text. ;D

Hi Scott :

  After some time, I was able to find your Thread on the Aumha Forums in 
  their HijackThis "section" under "ezkey" . The MVP who made those
  "Bit392.tmp" Comments is Bill Castner; however, they should be viewed in
  context . He also said you have Remnants of Norton antivirus installed
  and we always recommend on this Forum to COMPLETELY REMOVE IT ;
  have you run the Norton Removal Tool by now !? AND he commented on
 "UniBlue"; have you completely removed it !? Bill said using ATF Cleaner
  should "clean" the "Bit392" ; have you used it ? If yes; have you rebooted
  your computer, then run an Avast Scan and "it" still shows up !?

  I definitely do NOT agree with Bill's Recommendations of having Windows
  Defender, Comodo BOclean, Spybot, and the 2007 Version of Ad-aware.
  For spyware/antiTROJAN protection, using the FREE version of
  "SUPERAntiSpyware" from www.superantispyware.com would be an 
  Excellent Choice .

  And Bill's "rant" was most likely the "way" he was increasing the chances
  of you bringing the Issue up on these Forums .

  P.S. There is increasing vulnerabilities with QuickTime; hopefully you have
  recently "updated" it !? Or uninstalled it !? Perhaps the latter can NOT
  be chosen because of the IPod !?

i mentioned it in another thread already… the temp file contains “corrupted” NSIS installer, which looks from some point of view like the dropper of Zlob virus… this detection is fixed already in the internal version of VPS… it will be available for publics tomorrow.