[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Gif that cannot be deleted

Posted on 2006-05-02
5
Medium Priority
?
151 Views
Last Modified: 2013-12-04
On April 27, 2006 we received on our system a gif file that definitely looks malicious.

It has a VERY long filename: "cubic berserk move graph fibrous thug weren't cheesy..." and so on for about a paragraph... and ends in .gif

If I right click I only get the options of:

Preview
Edit
Print
Open with
Send to

None of which looks like it would be a good thing to do.

No options for delete, rename, cut, etc. are available.

Also if I highlight it and hit delete, nothing happens.  If I select files above and then Shift-Click to select a file below it - and hit delete, nothing happens.   Have not seen one like this.

Any suggestions on how to kill this would be greatly appreciated.

0
Comment
Question by:Tomster2
5 Comments
 
LVL 5

Accepted Solution

by:
forrestoff earned 500 total points
ID: 16591137
1. Take note of the directory that it is in. (ie. C:\Documents and Settings\USER\My Documents..)
2. Restart your computer in Safe mode:
   2a. reboot and just tap F8 as it boots up.
   2b. select Safe Mode
   2c. Log on as Administrator
3. pull up a command prompt (Start->Run, type 'cmd'; hit enter)
4. change directory to the one that the file is in:
    4a. type: cd "C:\Documents and Settings\USER\...etc"
    4b. type: dir/x
          4bi: you should "cubicb~1.gif" listed somewhere (confirm this)
5. delete the file by typing: del cubicb~1.gif  (or whatever the file is listed as)
6. type: exit
7. restart the computer
8. hope, pray, and post back here if it doesn't work

good luck :)
0
 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 500 total points
ID: 16591361
Killbox is very good in deleting persistent file, use the "delete on reboot" option, and make sure you typed the "full pathname"
http://www.atribune.org/downloads/KillBox.exe

There's also another tool that removes persistent file if Killbox doesn't do it.

what's the complete path of that file by the way?
0
 
LVL 32

Assisted Solution

by:r-k
r-k earned 500 total points
ID: 16591365
Yes, good tip from forrestoff for deleting the file.
If the file is in a folder with nothing else of interest you may be able the delete the entire folder.

Before deleting it, you might want to investigate a bit:

Note the date and time on the file.
What folder is it in?
Search your system for anything else created on or about that date in case someone hacked your system.
0
 
LVL 4

Assisted Solution

by:mrenos
mrenos earned 500 total points
ID: 16606659
Have you tryed from safe mode to scan your computer for viruses with eg. stinger ?
Also through safe mode, instead to delete this file, try to rename it in order to trace the root of the problem. Because as r-k sayed you might be hacked.
To rename a file you can do it :
1. Right click on it -> rename
2. Mark that file from explorer and press the F2 key
3. Command prompt -> rename <oldname.ext> <newname.ext>

Try the above steps and let us know the resaults..

Hope this helps..
0
 

Author Comment

by:Tomster2
ID: 16733929
Thank you all for the comments.

I found that going to Start | Run | cmd and navigating to the folder I was able to delete it there.   This was while in normal mode.   Odd that I could not delete from Windows, but could from DOS - but not the first time.   I just didn't think of trying it this time.   If that didn't work the next step would be to try the suggestions above.

All are good points, so I splitting the points accordingly.

Tomster
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Loops Section Overview
Screencast - Getting to Know the Pipeline
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question