Deleting hidden files

I need someone to point me to a piece of software that will let me delete anything I want to from my hard drive. I know the dangers, and why MS hides some folders, etc. But I am an old hand, and if I screw it up, I will just wipe the drive and start over.

I have some indications that I have a rootkit hidden away in my documents folder. That is, some programs say I have one, some say I am clean. But I would delete these folders whole hog if I could. The problem is the folder the programs say the rootkit is in doesn't show up even when attributes SHR are turned off. It doesn't show up at the DOS prompt under the DIR command. In the old days you could use your disk utility software like Norton and actually get into the disk at the hardware level and root out anything. But I can't figure out how now. Any help will be appreciated.

Thanks

 

Ok, to access hidden files

Right-click on Start Menu, then go to Explore, then Tools, then Folder Options, then go to View tab, and it should say Files and Folders, itll say under that Hidden Files and Folders, just click on Show Hidden Files And Folders

 

I already did that. I know XP hides some folders even from the "show hidden and system files" option. But these are not Windows folders. The suspect folder is named TMP01 under my My Documents folder, but as I say, ithat folder does not show up anyplace when I list files/folders.

These folders/files are HIDDEN. Windows doesn't see them from Explorer or the DOS prompt. The folders and their contents just don't show up. But the spyware programs list them. I did an ATTRIB check in the command prompt window in my documents folder, and those directories just don't show up. What I am looking for is a primitive level disk program that will bypass the restrictions and let me see everything on the disk.

 

What program/s are you using to detect rootkits. I use 2 different programs, 1 detects nothing, the other detects a hidden file that is protected as a Toshiba application.

Have you tried Cleanup! http://www.majorgeeks.com/download4895.html

CrapCleaner, aka CCleaner
http://www.majorgeeks.com/download.php?det=4191

and EmpTemp http://www.majorgeeks.com/download.php?det=1575
These 3 may remove it. They may not work with rootkits, though.

How about Check for Rootkits: (Pick at least one)

http://www.majorgeeks.com/icons/green_caution.gif F-Secure BlackLight: http://www.majorgeeks.com/F-Secure_BlackLight_d4983.html
http://www.majorgeeks.com/icons/green_caution.gif Rootkit Revealer: http://www.majorgeeks.com/Rootkit_Revealer_d4652.html

taken from "Must have free downloads" from MG.
http://www.majorgeeks.com/page.php?id=20

Move on Boot will delete stubborn files, and folders (not sure about folders, though).
http://www.snapfiles.com/get/moveonboot.html

Not listed on MG, unfortunately.

Also try a google search for "delete stubborn files", or similar, for other options.

Let us know what works and what doesn't. Bazza


===

 

I have run Rootkit Revealer, it says I am clean. Spysweeper and Spybot S&D both consistently find the suspicious file, offering to remove it. But them when I run them again, the file still exists. Spysweeper tells me it can't delete the file until I re-boot, and when I do, a very quick message flashes on screen but I don't have time to read it. In any case, the file and hidden folder remain (they say - I have no way of verifying that they really exist).

I use CCleaner. I have not used the others, Cleanup!, EmpTemp, and Blacklight. I will try them. Thanks for the additional ammunition.

 

I have some more information, maybe it will clear things up enough so that the expertise here can solve this.

Everytime I run Spysweeper it says I have a potential rootkit file (hidden from Windows). It is allegedly located at:
c:\documents and settings\myname\local settings\temporary internet files\antiphishing\ then a long hex value:6729bbf9-d54c-48cb-a4d7-ad400339d808.dat.

The problem is there is no folder named "temporary internet files" under documents and settings\myname\. So obviously if the file is hidden from Windows it is hidden from me and my puny efforts to find it using the DOS prompt. I am going to contact Webroot and see if they can help. I ran Blacklight by the way, and it says I am clean.

Thanks.

 

Yes, I turned on the "show hidden files" in folder options. Since I was last here, I have downloaded a very nice file manager that shows all the files, hidden and otherwise. That directory that doesn't even appear in the Windows list shows right up. I found the funny file and deleted it. Now I am Happy. The program is by Altap, named Servant Salamander 1.52. It is the freeware version of their much fancier Windows Explorer replacement program. Nice.

Thanks for the help. Googling for "find hidden files" did the trick.

 

Google will usually come to the rescue, if only you can think of the right search criteria.
Or try a few variations of the search criteria.
Glad you got there in the end, and found a new useful utility as well. Bazza

===