Help
I am getting a reoccurring "virus" that occurs every few hours, usually while browsing in Firefox. Spybot detects a change called "upwJQGgCXjxrDJa.exe," but even when I deny the change the problem occurs. Files disappear from the desktop and the Start Menu > All Programs show up empty (Windows 7). A simple system restore and running unhide.exe solves the issue temporarily but it keeps popping up again later. The issue doesn't affect anything else and I can still access programs I have pinned to the taskbar, so I can still browse the internet, I just can't access any of my programs in my start menu. Even in My Documents and other folders, it says "This folder is empty" but like I said, I've been able to get back to them with system restore and unhide. If anyone knows how to stop the situation from happening again, though, let me know.
Page 1 of 1
Hidden Files & Folders All Programs > Empty
Back to top
#2
- New Member
-
- Group: Members
- Posts: 7
- Joined: 13-November 11
- Gender:Male
- Location:Henderson, LA
Posted 13 November 2011 - 05:21 PM
I ran across a laptop that was having intermittent boot failures. There was a suspicious popup that was supposedly scanning the machine and finding numerous hardware and software problems (that it would fix of course); and the actual antivirus software that was installed would not stay active.
In addition, like you reported, all of the data files were basically set with the "hidden" attribute. As well as the All Programs folders showing up "empty" in the Start Menu (the programs ARE however still in their original locations in c:\Program Files).
I was eventually able to boot into Safe Mode and run Autoruns. Under the logon tab, there was an entry under the key, HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run. The image path was c:\programdata\upwJQGgCXjxrDJa.exe
I deleted the entry and rebooted the machine and was immediately able to run the AV software without any problems. I did a full scan, which removed additional trojan horse viruses. So I'm not sure which behaviors were solely attributed to the "upwJQGgCXjxrDJa.exe" issue.
And at this point there is VERY little information about upwJQGgCXjxrDJa.exe out there.
So I would try running Autoruns and search for any instances of upwJQGgCXjxrDJa.exe and delete them. You can find detailed instructions on how to do this in this post: http://www.bleepingcomputer.com/tutorials/how-to-remove-a-trojan-virus-worm-or-malware/#remove
Hope this helps.
In addition, like you reported, all of the data files were basically set with the "hidden" attribute. As well as the All Programs folders showing up "empty" in the Start Menu (the programs ARE however still in their original locations in c:\Program Files).
I was eventually able to boot into Safe Mode and run Autoruns. Under the logon tab, there was an entry under the key, HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run. The image path was c:\programdata\upwJQGgCXjxrDJa.exe
I deleted the entry and rebooted the machine and was immediately able to run the AV software without any problems. I did a full scan, which removed additional trojan horse viruses. So I'm not sure which behaviors were solely attributed to the "upwJQGgCXjxrDJa.exe" issue.
And at this point there is VERY little information about upwJQGgCXjxrDJa.exe out there.
So I would try running Autoruns and search for any instances of upwJQGgCXjxrDJa.exe and delete them. You can find detailed instructions on how to do this in this post: http://www.bleepingcomputer.com/tutorials/how-to-remove-a-trojan-virus-worm-or-malware/#remove
Hope this helps.
Share this topic:
Page 1 of 1