Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How Can You Find Hidden Files?


  • Please log in to reply
2 replies to this topic

#1 Dave22

Dave22

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 27 June 2008 - 01:50 AM

In the process of removing infections from my registry and windows explorer I came across a couple of files that I could not locate actual positions.

One was listed under HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Svchost

I would delete the file here and it would be reinstalled if I simply left the folder and came back. How can I find the source of files like this? Is there a utility that records all actions and the files that initiate them so a guy can find out where its coming from?

Another I still have not removed from my pc and it hopefully is the last infection that has hijacked IE. This file I found with Security Task Manager which wont remove it unlicensed. I wont buy it because I dont trust the product promises anymore. Any way the file is shown in the attached image.

There is no directory, it cant be found with search, and I have no clue where to begin looking. How do you know?

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Adamsappleone

Adamsappleone

  • Members
  • 152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tucson, Arizona
  • Local time:06:23 AM

Posted 27 June 2008 - 02:07 AM

Have you tried this?

1. Click "Start"
2. Click "My Computer"
3. Click "Tools"
4. Click "Folder Options"
5. Click the tab called "View"
6. Check "Show hidden files or folders"
7. If you also wish to view system files, Uncheck "Hide protected operating system files"

WARNING:
Do not delete hidden or system files if you do not know what they do. Many of these files are hidden for a reason. Consult the internet or a friend who is proficient with computers before deleting, editing or moving any of these files. Sometimes this can make a computer un-bootable.

Hope this helps.

Edited by Adamsappleone, 27 June 2008 - 02:11 AM.

Multi-Boot, Vista Ultimate x64, Windows 7 x64 & Windows 8 Pro x64

Posted Image


#3 Dave22

Dave22
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 27 June 2008 - 10:58 PM

Yes I have searched hidden files with windows search but the little identifying information given, doesnt come up in the the search. And there is no directory with which to find it manually. I am almost positive this is a malicious file that has thoroughly covered its tracks.

I am not new to digging around in hidden system files or the registry, but what I do need to learn is sure fire ways to find out which files are taking what actions.

My internet hijacker could be found if I knew how to see which file changes my security setting, then which file installed that file, and so on...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users