Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Cannot Delete Virus Files In System Folders

05 Oct 2015   #1
DallasSteve

Windows 7 64-bit
 
 
Cannot Delete Virus Files In System Folders

My Windows 7 64-bit computer has become infected with the ConHost virus. There are dozens of copies of the executable in the Windows/winsxs folder. I start up in Safe Mode, launch Windows Explorer, Run As Administrator, navigate to the files and, you guessed it, Microsoft is too busy protecting my viruses to let me delete them. Sometimes it says I need Trusted Installer permission, sometimes System permission. If the person at Microsoft who came up with that idea was here with me it wouldn't be pretty. Can someone tell me how I can take control of the computer that I paid for? And maybe someone should tell Mr. Microsoft that this is making me want to find a computer running a different OS (not affiliated with Microsoft).


My System SpecsSystem Spec
.
06 Oct 2015   #2
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

ConHost virus is a Trojan disguised to look like it's a MS protector file ... it of course is not from MS.

In the registry it will look something like this:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Conhost.exe " = "%AppData%\<random>.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Conhost.exe " = "%AppData%\<random>.exe"

%AppData%\<random>.exe
%CommonAppData%\<random>.exe
C:\Windows\Temp\<random>.exe
%temp%\<random>.exe

C:\Program Files\<random>

Let's see if we can detect it running in the background. Download DDS from one of these links:
DDS.com
DDS.pif
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
My System SpecsSystem Spec
06 Oct 2015   #3
DallasSteve

Windows 7 64-bit
 
 

Jacee

I appreciate the suggestion, but I've never heard of DDS and I am cautious about downloading files I don't know about. Can you tell me the complete name of this program or provide a link to it's creator's website? My other option is I can re-install my OS and restore my work files. Fortunately I've saved them all off the computer.

Thanks

Steve
My System SpecsSystem Spec
.

06 Oct 2015   #4
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

DDS by sUBs, "doesn't do squat". It just shows me what's running.
My System SpecsSystem Spec
Reply

 Cannot Delete Virus Files In System Folders




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
How do i permanently delete the virus from the system?
see this image... some of the infected files with virus showed as moved to qurantine in Norton Endpoint v11 protection... some of them get deleted by itself... I scan the files that contained in the network with Norton it showed like this... Here what is log only means?... Whether the...
System Security
Can a virus delete files on mapped network drive?
I have a computer on the LAN with a bunch of HDDs in it. My main computer has the computer mapped as a network drive. I put my video projects on mapped network drives. Can a virus find the network drive through my computer and delete all of the files or ransomware encrypt it?
System Security
Can a virus delete files on mapped network drive?
I have a computer on the LAN with a bunch of HDDs in it. My main computer has the computer mapped as a network drive. I put my video projects on mapped network drives. Can a virus find the network drive through my computer and delete all of the files or ransomware encrypt it?
Network & Sharing
How to delete program files and system folders?
Before I go on, I would like to note that: - I'm currently using Windows 7 Ultimate 64 bit - I have 2 HDD (D and E drive) and 1 SSD (C drive) - I have posted screenshots as it might clarify what I'm trying to say Anyway, I'm having trouble with deleting program files (both 86 and 64) and...
General Discussion
Virus Hides and will Not Show Files Folders
Hello. Newbie Here. I have Win 7. I just purchased this Dell Laptop with preloaded software and apparently free viruses. I've used the following to disinfect the laptop. Malwarebytes, Sophos, TDSSKiller, Spybot S&D, ComboFix and running Avast Antivirus. I think this computer is virus free,...
System Security
How to delete all folders/files with a certain name
I want to delete all the files/folders with a certain name like the __MACOSX folders that comes with many icon packs. Is there a tool or script that can do that? I think there should a command-line instruction to do this but i couldn´t find it.
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 17:53.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App