Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: ?Malicious? files in C:\Users\MYUSER\AppData\LocalLow\Adobe.

03 Oct 2014   #1
CGV2222

Windows 7 64 bit
 
 
?Malicious? files in C:\Users\MYUSER\AppData\LocalLow\Adobe.

So, when I'm in my normal computer, a file kept trying to download .gif files and stuff and Avast! kept marking it as malware and stopping it from downloading, so I tried to figure out when it was from, and it led me to my Adobe folder in LocalLow, and I see 3 folders, named a bunch of random letters that have files that are ALSO named things completely random, a .exe file keeps executing itself while I'm using the computer and using 90kb of RAM and opens MANY of them, however, Avast! and MalwareBytes have had no luck removing it, I'm in safe mode with networking right now and still, nothing. I'd really appreciate some help.

The file that kept auto executing was
gyizacobfkwx.exe
it seems to be masquerading itself as google chrome.

Inside my adobe folder, one of the gibberish folders is filled with stuff that looks like a /users folder merged with my windows folder, except none of the inside folders contain any files.

In my normal computer use, I also tried running rkill, but rkill didn't do anything at all. I don't know what I'm dealing with right now.

I tried to run Avast! but it seemed to have disabled avast somehow? I don't know how. It tells me that it can't run the scan because of missing endpoints.


My System SpecsSystem Spec
.
04 Oct 2014   #2
Tookeri

Windows 7 Pro 32
 
 

Try checking the file on virustotal.com and see what anti-virus products pick up something and to find out what kind of malware it is. Then see if any of the well known AV's that detected something have a free online scanner you can try.

You can try Autoruns to perhaps stop the program from starting after boot. Autoruns for Windows
My System SpecsSystem Spec
30 Jan 2015   #3
RebelLion999

Windows 7 Home Premium 32bit
 
 
Any luck?

I am experiencing the exact same issue, with different file names of course.
Was there ever a solution offered that was NOT an advertisement for antivirus software?
My System SpecsSystem Spec
.

01 Feb 2015   #4
Tookeri

Windows 7 Pro 32
 
 

Autoruns was released in a new version a few days ago, now with VirusTotal support. So give that a try to try and find any malicious startup items:

https://technet.microsoft.com/en-us/.../bb963902.aspx

If you need more info here's a review: Startup Manager Autoruns 13 introduces Virustotal integration - gHacks Tech News
My System SpecsSystem Spec
01 Feb 2015   #5
cottonball

Windows 7 Home Premium
 
 

Let's see what the following detects...

Please use the Farbar Recovery Scan Tool Download
Select the version that applies to your system.
Save it to your Desktop.
Double-click the downloaded file to run it.
When the tool opens, click Yes to the disclaimer.

Press the Scan button.

When done, the tool makes a log, FRST.txt, in the same directory from which the tool is run (Desktop).

Please provide the FRST.txt in your reply.
The first time the tool is run, it also creates another log: Addition.txt

Also post the Addition.txt in your reply.
My System SpecsSystem Spec
Reply

 ?Malicious? files in C:\Users\MYUSER\AppData\LocalLow\Adobe.




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
OK to Relocate \Users\xxx\AppData\LocalLow?
I use Media Center Netflix which uses Silverlight "Isolated Storage" to buffer streaming data. Win7 Isolated Storage is located at C:\Users\Tom\AppData\LocalLow\Microsoft\Silverlight\is My C Drive is an SSD so I don't want streaming data buffering to be happening there, reducing the life of the...
General Discussion
What is C:\Users\PC\AppData\Local\Temp ? :)
While i was exploring windows explorer, i came up to this folder C:\Users\PC\AppData\Local\Temp What does it contain? What are tmp, old, mtx, and text document files? Is it ok to delete this folder? (I don't know what came up to my mind, i just feel i want to delete some stuff on my computer...
General Discussion
can i delete the files inside c:\Users\User\AppData\Local\Microsoft?
hi can i detele the files inside c:\Users\User\AppData\Local\Microsoft\Windows\WebCache\ i tried _http://www.justanswer.com/computer/5dl5x-c-users-user-app-data-local-microsoft-windows-files-contains.html but it doesn't clean them ,and ccleaner and the windows clean tool doesn't empty...
General Discussion
Cannot find AppData under users file
Windows 7, To old to navigate Windows Explorer anymore.... Hi all, I'm sure this question has been asked a thousand times, but I can't find the info I need! I'm trying to backup my "eM Client" data files, or complete e-mail backup, tech provides the following instructions; Backing up eM Client...
General Discussion
When does a file/folder go to AppData\ Local, LocalLow and Roaming?
Under C:\Users\<username>\AppData, there are three folders. Local LocalLow Roaming Then under Local, there's Local\VirtualStore What are the factors and considerations that Windows 7 uses when it determines and allocates a particular file/folder to one of the three main folders?
General Discussion
ROBOCOPY and not existing folder "c:\Users\"MyUser"\Doc
Hello Fellow 7 users, I have just switched OS to Windows 7, and i am impressed so far. I want to backup my data on an external harddrive. I would like to use the function ROBOCOPY in the command windows because then i don't have to third party program running all the time. But the copying...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 21:42.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App