Virus Dumping Files

1 minute read


If you have a virus that is actively dumping files, try this to delete the temp files and isolate the service that is dumping them.

To Resolve:

  1. Find out where the files are being dumped into. Run “Folder Size Viewer” tools like “Windirstat” to find bloated directories.

  2. If you can, try and determine which process is dumping the files and kill it. Many times they take over the “svchost” service, try these steps to determine the service running the instance:

    • Run – cmd – tasklist /svc /fi “imagename eq svchost.exe”
    • Match the PID by the one listed in “Process Explorer” or “Task Manager”.
    • You can further troubleshoot by picking a likely candidate and run the following from an elevated CMD window: SC Config Dcomlaunch Type= own (where Dcomlaunch is the name of the service.)
    • Reboot the computer.
    • After running virus tools, run this command to revert changes: SC Config Dcomlaunch Type= share (where Dcomlaunch is the name of the problematic service.)
  3. Now open up a Command Prompt and navigate to that directory: Run – cmd – (path) – (Enter Button).

  4. Then type “cd SPACE TAB” (keyboard keys) to select a folder. This changes the directory to a specific folder. Press enter.

  5. Then type: del *.* (This deletes all files with extensions in the folders).

  6. Open a separate cmd window for each folder and one that deletes the main folder.

  7. Launch multiple virus scanners at the same time to scan for infections.