PlanetZ forums - scopeusers.com

Some time ago i was about searching for electronic components.
While browsing a related web page (it's quite strange), i was allerted by the realtime scan service of my AV for a threat. Halted the internet traffic, i manually removed the file pointed out by the AV and all other the files created around that time, cause the AV was unable to act against the threat.
I also drained the registry from all the keys pointing at those files.

BUT

I use to browse logging in a limited account.
In the Temp directory of such account, two files using the reserved names COM2.EXE and LPT9.EXE proved to be undeleteable.

The OS is Win XP.
I Googled about a lot, uselessly trying lot of tricks for days.
Tryed from the command line using the syntax M$ point out for this kind of issues; tryed from the recovery console; tryed booting from NTFS DOS diskette, tryed to change rights and owner for those files.

THEY ARE STILL THERE


The size for these files is 0 byte; startup keys nor other keys in the registry point to them, so i'm quite sure they don't represent a threat, but i still wish to get rid of them...

Try Move on boot.

Thanks paul, i just tryied Move on boot, but no way to deleting or renaming those hellish files.

i was wrong about dimensions; they are 74 and 76 kB, but if i check size in the properties tab, 0 B is reported.

Maybe i've to try some utility that access the FAT in ASCII mode..

Try Unlocker Assistant.

This link may be some help:

http://www.castlecops.com/p852724-Gromo ... _Help.html

Often if you can't delete a file it's because it's in use by some process. If you can end the process often you can then delete the file. But often the process will restart on the next boot and recreate the file.

The real solution is to delete the cause and the best for that is Hijack This. (See the above link).

S

Boot up using something like Knoppix (bootable CD), mount your Windows partitions (NTFS I guess?) then vape whatever files you like!

Counterparts wrote:Boot up using something like Knoppix (bootable CD), mount your Windows partitions (NTFS I guess?) then vape whatever files you like!

Thanks friend, files deleted!

Had some problems coz windows partition was shown as mounted just after boot, but all files have been able to be viewed only.
I unmounted then remounted the partition, then the thing worked.

I tryed by an Ubuntu 6 installation disk before downloading Knoppix, but it seems the tryout options don't allow to mount partitions without HDD installation.

I tryed to use Ubuntu some month ago, but wasn't be able to find a well working driver for my modem, so i removed it. Still i could like to use any Linux OS...

Ehi Counterparts, Knoppix is great!

A follow-up to this thread:

I recently was in a situation where I could not delete a folder. I tried all of the above things and even Knoppix did not work. The problem was the path was too long, created by sandboxie I gather. The solution was subst. It is also a nice trick to know to create virtual hard drives. Here is what I did.

From the command prompt type:

subst x: c:/ploob (in this example x will be the new drive and ploob the folder)


Now that folder appears as drive X in mycomputer


To delete it:

subst /d x:

Note: This method seems to only work when the path is too long like I had.