Rid problem file forever

Whenever I run a full system scan of my hard drive, Avast 4.8 Home Edition stops at a file with a potential virus. It has a very long file name with a lot of random numbers for most of it, but the first characters are always “EasyPDF”. I always say to move the file and add the “.vir” extension. I then go to the moved folder and delete that file.

I’ve tried searching my hard drive for any files that start with “EasyPDF” and can’t find any. How can I find where this file resides and get rid of it forever?

There is no point in moving and then finding and deleting it almost instantly, effectively the same as choosing delete.

Deletion isn’t really a good first option (you have none left), ‘first do no harm’ don’t delete, send virus to the chest and investigate.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.

But you’ve deleted it, how will you find it? ???
To be sure you’re clean, I suggest:

  1. Disable System Restore and reenable it after step 3.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.