Gif that cannot be deleted

Posted on 2006-05-02
Last Modified: 2013-12-04
On April 27, 2006 we received on our system a gif file that definitely looks malicious.

It has a VERY long filename: "cubic berserk move graph fibrous thug weren't cheesy..." and so on for about a paragraph... and ends in .gif

If I right click I only get the options of:

Open with
Send to

None of which looks like it would be a good thing to do.

No options for delete, rename, cut, etc. are available.

Also if I highlight it and hit delete, nothing happens.  If I select files above and then Shift-Click to select a file below it - and hit delete, nothing happens.   Have not seen one like this.

Any suggestions on how to kill this would be greatly appreciated.

Question by:Tomster2
    LVL 5

    Accepted Solution

    1. Take note of the directory that it is in. (ie. C:\Documents and Settings\USER\My Documents..)
    2. Restart your computer in Safe mode:
       2a. reboot and just tap F8 as it boots up.
       2b. select Safe Mode
       2c. Log on as Administrator
    3. pull up a command prompt (Start->Run, type 'cmd'; hit enter)
    4. change directory to the one that the file is in:
        4a. type: cd "C:\Documents and Settings\USER\...etc"
        4b. type: dir/x
              4bi: you should "cubicb~1.gif" listed somewhere (confirm this)
    5. delete the file by typing: del cubicb~1.gif  (or whatever the file is listed as)
    6. type: exit
    7. restart the computer
    8. hope, pray, and post back here if it doesn't work

    good luck :)
    LVL 47

    Assisted Solution

    Killbox is very good in deleting persistent file, use the "delete on reboot" option, and make sure you typed the "full pathname"

    There's also another tool that removes persistent file if Killbox doesn't do it.

    what's the complete path of that file by the way?
    LVL 32

    Assisted Solution

    Yes, good tip from forrestoff for deleting the file.
    If the file is in a folder with nothing else of interest you may be able the delete the entire folder.

    Before deleting it, you might want to investigate a bit:

    Note the date and time on the file.
    What folder is it in?
    Search your system for anything else created on or about that date in case someone hacked your system.
    LVL 4

    Assisted Solution

    Have you tryed from safe mode to scan your computer for viruses with eg. stinger ?
    Also through safe mode, instead to delete this file, try to rename it in order to trace the root of the problem. Because as r-k sayed you might be hacked.
    To rename a file you can do it :
    1. Right click on it -> rename
    2. Mark that file from explorer and press the F2 key
    3. Command prompt -> rename <oldname.ext> <newname.ext>

    Try the above steps and let us know the resaults..

    Hope this helps..

    Author Comment

    Thank you all for the comments.

    I found that going to Start | Run | cmd and navigating to the folder I was able to delete it there.   This was while in normal mode.   Odd that I could not delete from Windows, but could from DOS - but not the first time.   I just didn't think of trying it this time.   If that didn't work the next step would be to try the suggestions above.

    All are good points, so I splitting the points accordingly.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
    Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now