How To Find and Delete a File

How To Find And Delete A File

Method #1: There are several ways to find and delete files, especially when your system is infected with malware. After killing one of the active processes, sometimes windows will refuse to delete the file in question. One trick to getting windows to relenquish control of the file while you’re still in normal mode is to try renaming or moving the file. Sometimes this will force windows into unlocking the file, allowing it to be deleted. The first method (and most user friendly method) to finding a file is to use the windows default search, which is available from Start>Search>Files and Folders… The user can search for a specific file or files, and even base the results on the text found within the file itself. Unless the file in question is a system file, generally speaking, the file should be able to be deleted with relative ease. To delete the file, you can either hit the delete button, or right click on the file and select the delete option. Below is a screenshot of the application.

Method #2: The next method to deleting a file, and specifically during a malware infection, involves using the windows commandline. The reason we will be looking at this method is that sometimes malware will start even during safemode, which will at some point require you to boot up with only the command prompt at your disposal. While the command prompt may be daunting at first to some, it’s actually quite easy to learn and will always prove to be a valuable piece of knowledge to have. To search for a file, you must use the “dir” command, but first we will examine the parameters for it:

Displays a list of files and subdirectories in a directory.

DIR [drive:][path][filename] [/A[[:]attributes]] [/B] [/C] [/D] [/L] [/N]

[/O[[:]sortorder]] [/P] [/Q] [/S] [/T[[:]timefield]] [/W] [/X] [/4]

[drive:][path][filename]

Specifies drive, directory, and/or files to list.

/A          Displays files with specified attributes.

attributes   D  Directories                R  Read-only files

H  Hidden files               A  Files ready for archiving

S  System files               –  Prefix meaning not

/B          Uses bare format (no heading information or summary).

/C          Display the thousand separator in file sizes.  This is the

default.  Use /-C to disable display of separator.

/D          Same as wide but files are list sorted by column.

/L          Uses lowercase.

/N          New long list format where filenames are on the far right.

/O          List by files in sorted order.

sortorder    N  By name (alphabetic)       S  By size (smallest first)

E  By extension (alphabetic)  D  By date/time (oldest first)

G  Group directories first    –  Prefix to reverse order

/P          Pauses after each screenful of information.

/Q          Display the owner of the file.

/S          Displays files in specified directory and all subdirectories.

/T          Controls which time field displayed or used for sorting

timefield   C  Creation

A  Last Access

W  Last Written

/W          Uses wide list format.

/X          This displays the short names generated for non-8dot3 file

names.  The format is that of /N with the short name inserted

before the long name. If no short name is present, blanks are

displayed in its place.

/4          Displays four-digit years

Switches may be preset in the DIRCMD environment variable.  Override

preset switches by prefixing any switch with – (hyphen)–for example, /-W.

Also keep in mind that during malware infections, some of the files are hidden from normal search parameters. This is why it’s important to use the /A HS option. /S searches all subdirectories, and /T is used to search for files created, accessed or written to within a certain time frame. While /T may be handy, a file’s timestamp can be easily forged or altered, so it’s best to use the /S parameter when searching for a particular file instead. Below is an example of how to use the dir command from the command prompt.

dir asdf.* /s /a hs

Once the location of the file is found, there are two ways to go about deleting the file. The first is simply typing the location, along with the file name using the del command. Which will be shown below.

del c:\temp\asdf.exe

The second method of doing this is to navigate to the folder using the cd command. This is helpful if there are multiple files located within that particular directory. A short example of this combination of commands is shown below.

cd temp

del asdf.exe

Both of these approaches are a matter of personal preference, and there is no “correct” approach to followed. As long as the file is deleted, that’s what matters, especially when removing an occurrence of malware.

Conclusion

There are really only two methods for searching a file, and a handful of ways to delete them. Aside from knowing exactly where the file location is, navigating to said location and deleting the file using windows explorer, both of the discussed methods are effective in getting rid of files. There are free programs on the internet that make the search process somewhat easier, but ultimately, they do the same thing as the windows search option or searching for files via the commandline. Either of these methods that you choose to implement will come in handy when removing malware, or just clearing out junk data manually.

GD Star Rating
loading...
GD Star Rating
loading...

Latest Articles

43thincrt.gif

ThinCRT Flat Panels

US-based Candescent Technologies calls its implementation of FED technology ThinCRTs. The technology works on the same principles as standard picture tubes used by desktop computers and televisions. Beams of electrons are fired from … [Read more...]

36holo.gif

Holographic Data Storage

In late 1995 a joint university/industry/government consortium initiated the Holographic Data Storage System (HDSS) programme, with the initial goals of developing several key components for the system, including a high-capacity, … [Read more...]

Safety Standards For Computer Monitors

In the late 1980s concern over possible health issues related to monitor use led Swedac, the Swedish testing authority, to make recommendations concerning monitor ergonomics and emissions. The resulting standard was called MPR1. This was … [Read more...]

Virus Guides

051815_0322_HowtoRemove1.jpg

How to Remove Bitcryptor Virus

Bitcryptor Virus is a virus of the ransomware variety. These are viruses that infect your computer and try to trick you into paying money in order to get rid of the virus. It will encrypt the files on your computer and keep you from using important programs on your computer. If you are unable to … [Read more...]

051315_2045_HotFinderco1.png

Hot-Finder.com Virus Removal Guide

Hot Finder is another browser hijacker that can make your browsing experience annoying and cause issues for your PC. Installing this hijacker will change your browser homepage to hot-finder.com and will change your default search engine to Yahoo. Like many other hijackers, the software is not … [Read more...]

Leave a Reply

Your email address will not be published. Required fields are marked *