Hello,
Recently I noticed on the icon on the gpu that the process conms.exe is using it for very short time.At first I used Avira but wasn’t pleased with the program but she found that in that file is the virus TR/Kazy.133936 a trojan.When prompted to delete It didn’t anything(atleast she blocked it)I heard that avast is better and I installed it but he cant find it.I tried to manually delete the file but turns out there is no such file on the computer(I’ve showed hidden files and folders).I don’t know what to do.I think that this is a very new virus or a very rare one.I searched the internet to see if others have the same problem-found only 2 with the same reactions.I hope that they find I way to stop it,because I want to stick with avast.
Thank you!
Thank you for the quick response first!
Forgot to mention - I already scanned with Malwarebytes Anti-Malware,Microsoft Security Essentials,AVG Free,Avira and Avast,but they didn’t find anything.Only Avira blocked the access to the file and when I press to delete the file it is not moved to quarantine and everything starts again.I don’t know a lot about viruses but I think that in very short time it does what it does and then its deleting itself, Im saying that because Avira showed me directory of the file but I can’t find such directory and file.
C:\Users\NiK\AppData\Local\Temp\fvdzfnvkd\conms.exe
I don’t know if its right or wrong,but avira blocked it and I haven’t got problems so I assume she was right.
I don’t know if the C:\Users\NiK\AppData\Local\Temp\ and sub-folders might be hidden, in your OS. If so you would need to use windows explorer, Tools, Folder Options to view hidden files and folders. Then hopefully you should be able to view the C:\Users\NiK\AppData\Local\Temp\fvdzfnvkd\conms.exe file and upload it (unless you had avira remove it ?).
Probably nothing finds it because its in the Temp folder-so it’s temporally there.
Also for I brief moment I managed to kill the process conms.exe from the proccess manager,then I go to the Temp folder,and most of it was empty-only microsoft 1 or 2 other folders was there.