Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Cannot delete malicious file

microsoft.public.windows.vista.security






Speedup My PC
Reply
  #1 (permalink)  
Old 04-12-2008
Bill B
 

Posts: n/a
Cannot delete malicious file
Windows Defender has found a "Backdoor:Win32 Agent" but when I ask to have it
removed I receive error '0x80501001', couldn't complete the action
successfully. I have located the file on my external hard drive and have
tried to delete it manually (using right click from the mouse). Apparently
the file is successfully deleted but when I go back into the folder it has
re-appeared. Can anyone help me get rid of this file?
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 04-12-2008
Man-wai Chang ToDie (33.6k)
 

Posts: n/a
Re: Cannot delete malicious file
Bill B wrote:
> Windows Defender has found a "Backdoor:Win32 Agent" but when I ask to have it
> removed I receive error '0x80501001', couldn't complete the action
> successfully. I have located the file on my external hard drive and have
> tried to delete it manually (using right click from the mouse). Apparently
> the file is successfully deleted but when I go back into the folder it has
> re-appeared. Can anyone help me get rid of this file?


Boot into safe mode and try again.

--
@~@ Might, Courage, Vision, SINCERITY.
/ v \ Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Xubuntu 7.10) Linux 2.6.24.4
^ ^ 19:16:01 up 11 days 27 min 1 user load average: 1.29 1.12 1.09
? ? (CSSA):
http://www.swd.gov.hk/tc/index/site_...ub_addressesa/
Reply With Quote
  #3 (permalink)  
Old 04-12-2008
Man-wai Chang ToDie (33.6k)
 

Posts: n/a
Re: Cannot delete malicious file
Bill B wrote:
> Windows Defender has found a "Backdoor:Win32 Agent" but when I ask to have it
> removed I receive error '0x80501001', couldn't complete the action
> successfully. I have located the file on my external hard drive and have
> tried to delete it manually (using right click from the mouse). Apparently
> the file is successfully deleted but when I go back into the folder it has
> re-appeared. Can anyone help me get rid of this file?


BTW, seems that the virus has been activated and locked the EXE.... I
hope not. Boot into safe mode and scan that file again.

--
@~@ Might, Courage, Vision, SINCERITY.
/ v \ Simplicity is Beauty! May the Force and Farce be with you!
/( _ )\ (Xubuntu 7.10) Linux 2.6.24.4
^ ^ 19:25:01 up 11 days 36 min 1 user load average: 1.01 1.08 1.08
? ? (CSSA):
http://www.swd.gov.hk/tc/index/site_...ub_addressesa/
Reply With Quote
  #4 (permalink)  
Old 04-12-2008
Bill B
 

Posts: n/a
Re: Cannot delete malicious file
I've tried again in Safe Mode but unfortunately the problem is still there.
Any other suggestions would be welcome

"Man-wai Chang ToDie (33.6k)" wrote:

> Bill B wrote:
> > Windows Defender has found a "Backdoor:Win32 Agent" but when I ask to have it
> > removed I receive error '0x80501001', couldn't complete the action
> > successfully. I have located the file on my external hard drive and have
> > tried to delete it manually (using right click from the mouse). Apparently
> > the file is successfully deleted but when I go back into the folder it has
> > re-appeared. Can anyone help me get rid of this file?

>
> BTW, seems that the virus has been activated and locked the EXE.... I
> hope not. Boot into safe mode and scan that file again.
>
> --
> @~@ Might, Courage, Vision, SINCERITY.
> / v \ Simplicity is Beauty! May the Force and Farce be with you!
> /( _ )\ (Xubuntu 7.10) Linux 2.6.24.4
> ^ ^ 19:25:01 up 11 days 36 min 1 user load average: 1.01 1.08 1.08
> ? ? (CSSA):
> http://www.swd.gov.hk/tc/index/site_...ub_addressesa/
>

Reply With Quote
  #5 (permalink)  
Old 04-12-2008
Bob
 

Posts: n/a
Re: Cannot delete malicious file
I suspect the file has in fact been deleted, however "Indexing" doesn't know
it. If you Rebuild the Index you won't see it again.

How to Rebuild Windows Vista Search Index
http://www.wikihow.com/Rebuild-Windo...a-Search-Index
-------
*Report back, please*


"Bill B" <BillB@discussions.microsoft.com> wrote in message
news6CABCEE-3BEF-47CC-A61C-90E466D8C3D6@microsoft.com...
> I've tried again in Safe Mode but unfortunately the problem is still
> there.
> Any other suggestions would be welcome
>
> "Man-wai Chang ToDie (33.6k)" wrote:
>
>> Bill B wrote:
>> > Windows Defender has found a "Backdoor:Win32 Agent" but when I ask to
>> > have it
>> > removed I receive error '0x80501001', couldn't complete the action
>> > successfully. I have located the file on my external hard drive and
>> > have
>> > tried to delete it manually (using right click from the mouse).
>> > Apparently
>> > the file is successfully deleted but when I go back into the folder it
>> > has
>> > re-appeared. Can anyone help me get rid of this file?

>>
>> BTW, seems that the virus has been activated and locked the EXE.... I
>> hope not. Boot into safe mode and scan that file again.
>>
>> --
>> @~@ Might, Courage, Vision, SINCERITY.
>> / v \ Simplicity is Beauty! May the Force and Farce be with you!
>> /( _ )\ (Xubuntu 7.10) Linux 2.6.24.4
>> ^ ^ 19:25:01 up 11 days 36 min 1 user load average: 1.01 1.08 1.08
>> ? ? (CSSA):
>> http://www.swd.gov.hk/tc/index/site_...ub_addressesa/
>>


Reply With Quote
  #6 (permalink)  
Old 04-13-2008
Malke
 

Posts: n/a
Re: Cannot delete malicious file
Bob wrote:

> I suspect the file has in fact been deleted, however "Indexing" doesn't
> know it. If you Rebuild the Index you won't see it again.
>
> How to Rebuild Windows Vista Search Index
> http://www.wikihow.com/Rebuild-Windo...a-Search-Index


Actually it is probable that the file has *not* been deleted and that the OP
has one of the many types of malware that is respawning.

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
Reply With Quote
  #7 (permalink)  
Old 04-13-2008
Malke
 

Posts: n/a
Re: Cannot delete malicious file
Bill B wrote:

> I've tried again in Safe Mode but unfortunately the problem is still
> there. Any other suggestions would be welcome


You have something that is respawning. Go through these general malware
removal steps systematically -
http://www.elephantboycomputers.com/...moving_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, get guided help. Choose one of the specialty forums
listed at the first link. Register and read its posting FAQ. You will
generally be asked to:

1. Download and execute HiJack This! (HJT) -
http://www.trendsecure.com/portal/en...HJTInstall.exe

2. Disable Notepad's word wrap - In Notepad.exe; Format --> uncheck; "Word
wrap"

3. Download/run Deckard's System Scanner -
http://www.techsupportforum.com/sect...eckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post at the
forum you chose. DO NOT POST LOGS IN THE MS NEWSGROUPS.

Standard disclaimer: I can't see and test your computer myself, so these are
just suggestions based on many years of being a professional computer tech;
suggestions based on what you've written. You should not take my
suggestions as a definitive diagnosis. If you can't do the work yourself
(and there is no shame in admitting this isn't your cup of tea), take the
machine to a professional computer repair shop (not your local equivalent
of BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may be
so infested that Windows will need to be clean-installed. If possible, have
all your data backed up before you take the machine into a shop.

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
Reply With Quote
  #8 (permalink)  
Old 04-14-2008
Bill B
 

Posts: n/a
Re: Cannot delete malicious file
Malke,
Many thanks for your help. I eventually managed to remove the file by using
the 'File ASSASSIN' function in Malwarebytes' Anti-Malware software. I'll
cetainly refer to your suggestions again should I ever get caught again.
Cheers
Bill B (Brit in France)

"Malke" wrote:

> Bill B wrote:
>
> > I've tried again in Safe Mode but unfortunately the problem is still
> > there. Any other suggestions would be welcome

>
> You have something that is respawning. Go through these general malware
> removal steps systematically -
> http://www.elephantboycomputers.com/...moving_Malware
>
> Include scanning with David Lipman's Multi_AV and follow instructions to do
> all scans in Safe Mode. Please see the special Notes regarding using
> Multi_AV in Vista.
>
> http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
> http://tinyurl.com/yoeru3 - download link and more instructions
>
> You can also check to see if there are targeted removal steps for your
> malware here:
> Bleeping Computer removal how-to's -
> http://www.bleepingcomputer.com/forums/forum55.html
>
> When all else fails, get guided help. Choose one of the specialty forums
> listed at the first link. Register and read its posting FAQ. You will
> generally be asked to:
>
> 1. Download and execute HiJack This! (HJT) -
> http://www.trendsecure.com/portal/en...HJTInstall.exe
>
> 2. Disable Notepad's word wrap - In Notepad.exe; Format --> uncheck; "Word
> wrap"
>
> 3. Download/run Deckard's System Scanner -
> http://www.techsupportforum.com/sect...eckard/dss.exe
>
> 4. Save the scan results (Main.txt and Extra.txt)
>
> 5. And then post the contents of Main.txt and Extra.txt in your post at the
> forum you chose. DO NOT POST LOGS IN THE MS NEWSGROUPS.
>
> Standard disclaimer: I can't see and test your computer myself, so these are
> just suggestions based on many years of being a professional computer tech;
> suggestions based on what you've written. You should not take my
> suggestions as a definitive diagnosis. If you can't do the work yourself
> (and there is no shame in admitting this isn't your cup of tea), take the
> machine to a professional computer repair shop (not your local equivalent
> of BigComputerStore/GeekSquad). Please be aware that not all local shops
> are skilled at removing malware and even if they are, your computer may be
> so infested that Windows will need to be clean-installed. If possible, have
> all your data backed up before you take the machine into a shop.
>
> Malke
> --
> MS-MVP
> Elephant Boy Computers
> www.elephantboycomputers.com
> Don't Panic!
>

Reply With Quote
  #9 (permalink)  
Old 04-14-2008
Malke
 

Posts: n/a
Re: Cannot delete malicious file
Bill B wrote:

> Malke,
> Many thanks for your help. I eventually managed to remove the file by
> using the 'File ASSASSIN' function in Malwarebytes' Anti-Malware software.
> I'll cetainly refer to your suggestions again should I ever get caught
> again. Cheers


Glad to hear you got things sorted. Yes, the Malwarebytes programs are my
new Best Friends. ;-)

Thanks for taking the time to let me know you're OK now.

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Malicious subtitle file could trip up VLC media player Steve Security News 0 03-19-2008 02:30
Malicious subtitle file could trip up VLC media player Steve Security News 0 03-18-2008 18:10
Malicious subtitle file could trip up VLC media player Paul Security News 0 03-18-2008 18:10
Malicious File names of the day, (Sat, Sep 15th) Steve Security News 0 09-15-2007 18:14
Analyzing (malicious) SWF file actions, (Thu, Jun 7th) Steve Security News 0 06-07-2007 02:00




All times are GMT +1. The time now is 18:59.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120