Hidden Virus File

mervyn100 · Oct 24, 2013

I recently developed a virus on my computer. I did a MSCONFIG and found the malicious file in the start-up and ‘Disabled’ it so it did not run when I started my computer. Next, I wanted to delete this file so found its location in C:\Users\Appdata\...etc. However, when I got to the final folder there was no file visible? I have turned on all hidden files in explorer but still nothing there? Do I need to ‘Enable’ this file to start-up before it appears? Any help would be very much appreciated.

I have a Dell PC with Windows 7 running.

SandeepP · Oct 24, 2013

mervyn100 said:
I recently developed a virus on my computer. I did a MSCONFIG and found the malicious file in the start-up and ‘Disabled’ it so it did not run when I started my computer. Next, I wanted to delete this file so found its location in C:\Users\Appdata\...etc. However, when I got to the final folder there was no file visible? I have turned on all hidden files in explorer but still nothing there? Do I need to ‘Enable’ this file to start-up before it appears? Any help would be very much appreciated.

I have a Dell PC with Windows 7 running.

Hi mervyn100,

Welcome to Seven forums.

Please check these links below for removing various infections on the system:

http://www.sevenforums.com/security...uide-2011-how-get-rid-all-latest-malware.html

http://www.sevenforums.com/security...-pc-clean-remove-malware-four-easy-steps.html

Kindly update your system specs here by following this.

Keep us posted with the results so we can advise you further.

cottonball · Oct 24, 2013

Let's see if we can actually find the malicious file, and know what it is we are working with...

:info: Please use the Farbar Recovery Scan Tool
Download: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
Select the version that applies to your system.
Save it to your Desktop.

Double-click the downloaded file to run it.
When the tool opens click Yes to the disclaimer.

Press the Scan button.

The tool makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).
:ar: Please provide the FRST.txt in your reply.

The first time the tool is run, it also makes another log: Addition.txt
:ar: Also post the Addition.txt in your reply.

mervyn100 · Oct 25, 2013

Thanks for the replies.

Sanddeepp I have tried both them specs but unfortunately none have removed the infected file.

Cottonball I have located the file but it does not appear in location specified in MSCONFIG for me to delete it.

I have attached some pics to try and explain.

The first is showing the name of the file that I have disabled

The second show the path to its location.

The third shows the location folder but no file in there.

Hope this explains a bit further.

Thanks in advance.

cottonball · Oct 26, 2013

Please press on with Post #3.

The tool may shed some light as to where that file is.

It looks to be written in a foreign language, maybe Russian, but not sure.

andrew129260 · Oct 27, 2013

You could use ccleaner to completely delete the entry, but depending on the nature of the threat, it could possibly just add itself there again.

SandeepP · Oct 28, 2013

Hi mervyn100,

It might not show when you browse to the folder location. Have you checked progam files to check if any similar software is installed. If yes then use cc cleaner to remove those software and left over files.

You can also try this free antivirus which I normally used to get rid of many virus on my personal system:

Free Antivirus | Download Free Virus Protection Software | AVG

Use the free version. Keep us posted with the results so we can advise you further.

Hidden Virus File

mervyn100

New member

My Computer

SandeepP

New member

My Computer

cottonball

Retired ol' hound...

My Computer

mervyn100

New member

Attachments

My Computer

cottonball

Retired ol' hound...

My Computer

andrew129260

IT Support Pro

My Computer

SandeepP

New member

My Computer

Similar threads