Vista's Windows Explorer

[John Larronn]

Hi there,

I have got a virus on my computer which runs Vista Home Premium.

In Windows 98 I usually removed a virus manually either in Windows Explorer
(prefered) or in the Registry. But Vista is different, in that I cannot find
the pathname and virus in Windows Explorer nor in the Registry.

The pathname is: C:\Users\John
Larronn\AppData\Local\Mozilla\Firefox\Profiles\1e4r4c5e.default\Cache\D2466410d01

D2466410d01 is the virus.

Could anyone tell me please how to find this pathname in Windows Exploreer
(preferred) or in the Registry?

Thanks very much,

John

 

[Mick Murphy]

How do you know it is a virus?
What is the name of your Anti-virus that found it?

Go into Safe Mode and scan your computer with Malwarebytes, Spybot Search &
Destroy, and your Anti-virus to remove it, if it is a virus/malware/spyware,
etc.

http://www.spybot.info/en/index.html

Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program.
Download, install, update, and immunize your System with it.
Then SCAN with it.
Update it, and scan your System once a fortnight.

http://www.malwarebytes.org/mbam.php

Malwarebytes is as the name says, a Malware Remover!
For the Free version scroll down their page to either download from
Download.com, or Major Geeks.com

Download, install, and update.

Important re: Safe Mode
If you happen to find a problem that you can’t uninstall / delete, reboot
the computer, and go into Safe Mode.
To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow
key to get to Safe Mode from list of options, then hit ENTER.
RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D
while in Safe Mode.

 

[Ken Blake, MVP]

Hi there,

I have got a virus on my computer which runs Vista Home Premium.

In Windows 98 I usually removed a virus manually either in Windows Explorer
(prefered) or in the Registry. But Vista is different, in that I cannot find
the pathname and virus in Windows Explorer nor in the Registry.

The pathname is: C:\Users\John
Larronn\AppData\Local\Mozilla\Firefox\Profiles\1e4r4c5e.default\Cache\D2466410d01

D2466410d01 is the virus.

Could anyone tell me please how to find this pathname in Windows Exploreer
(preferred) or in the Registry?

As a general rule, you can't remove a virus manually like that. You
need to use an anti-virus program.

 

[Rick Rogers]

Hi,

You likely don't have Folder Options/View set to see hidden and system
folders.

The bug looks like it's a plugin for FF, it wouldn't be loading from a
registry entry. Check FF's settings and disable the entry that is loading
it.

In general, malware removal has become much more difficult than the Win98
days. Bugs can resist termination or automatically restart themselves before
you can remove the offending files. They also can take advantage or many
different ways of getting loaded into the system, plugins are just one
method. Using the registry run keys is sort of passe as far as virus writers
go, few still use this obvious method. Proper detection and removal often
requires formal scanning from Safe mode, and sometimes from outside of
Windows.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Windows help - www.rickrogers.org
My thoughts http://rick-mvp.blogspot.com

 

[John Larronn]

Hi everybody,

Thanks very much for your help.

I'm a bit under the weather now, but I will try out all of your advice
during the next few days.

My anti-virus program is Virgin PCguard. It detected the virus but failed to
remove it.

I'll let you know how I'll get on.

Regards,

John

 

[John Larronn]

Hi all,

I have got good news, the virus is gone. I don't think Virgin PCguard
removed it, otherwise it would have said so.

Perhaps Rick was right with his opinion that the virus was a plugin. A few
days ago I installed a plugin and a window came up telling me that another
plugin had been disabled. When I did a virus scan a few days later, the
virus was gone.

Thanks for your help.

John