cannot delete flv file

[tbone1621]

I recently downloaded an flv file that I cannot delete, rename or move. I've tried regular delete, Eraser, deletedr, unlocker and file assassin. Any ideas? Please help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:16:59 PM, on 12/29/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\dcmsvc\dcmsvc.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ArcSoft\TotalMedia\TM Monitor.exe
C:\Program Files\CMS Products\BounceBack Ultimate\BBLauncher.exe
C:\Program Files\CMS Products\BounceBack Ultimate\CMSITLauncher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\ProgramData\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SoundMan] "SOUNDMAN.EXE"
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] "C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [dcmsvc] "C:\Program Files\dcmsvc\dcmsvc.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
O4 - HKCU\..\Run: [Eraser] "C:\Program Files\Eraser\eraser.exe" -hide
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BounceBack Launcher.lnk = ?
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TM Monitor.lnk = C:\Program Files\ArcSoft\TotalMedia\TM Monitor.exe
O8 - Extra context menu item: Aros Magic Viewer... - C:\Program Files\Aros Magic\Viewer\ieLaunch.js
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BBWatcherService - CMS Products, Inc. - C:\Program Files\CMS Products\BounceBack Ultimate\BBWatcherService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BounceBack ITConsole Service (CMSITService) - Unknown owner - C:\Program Files\CMS Products\BounceBack Ultimate\CMSITService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 8473 bytes


Malwarebytes' Anti-Malware 1.42
Database version: 3453
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12/29/2009 4:14:46 PM
mbam-log-2009-12-29 (16-14-46).txt

Scan type: Quick Scan
Objects scanned: 104021
Time elapsed: 5 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[wildbill]

http://www.computerforum.com/131398-important-please-read-before-posting.html

 

[johnb35]

Have you tried booting to safe mode and tried deleting it?

 

[canivari]

try killing explorer from taskmanager
and from the taskmanager choose:
file
new task run
explorer
hit enter
try to delete the file now

 

[ganzey]

just download UNLOCKER i use it all the time, it deletes undeletable files

 

[johnb35]

just download UNLOCKER i use it all the time, it deletes undeletable files

Try reading his first post.... he said he already tried using unlocker.

 

[S.T.A.R.S.]

Delete that FLV file from the "Safe Mode with the Command Prompt" or use the Ubuntu 9.04.It cant be more simple




Cheers!

 

[tbone1621]

delete flv

I've tried entering the safe mode using the F8 key, but it just starts normally. I looked up starting Windows 7 Safe Mode and one place said not to use the System Config if you're having problems entering Safe Mode using the F8 key. Attached is their reason. I have not tried killing Windows Explorer using the task manager yet...should this work?

Problems that can occur by forcing Safe Mode using the System Configuration Utility

It is possible to make your computer continuously boot up into safe mode using the System Configuration utility as described above. The program does this by changing your boot.ini file, the settings file that configures your computer's boot sequence, and adding the /safeboot argument to your operating systems startup line. An example of this can be seen below.

Original [operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /FASTDETECT /NOEXECUTE=OPTIN
After using MsConfig.exe [operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /FASTDETECT /NOEXECUTE=OPTIN /safeboot:minimal

When you are done using safe mode, you would then run the System Configuration utility again and uncheck the /Safeboot option, thus removing the /safeboot argument from the boot.ini file, and allowing your computer to boot up normally.

On a computer that is operating properly this is normally not a problem. Unfortunately, though, a new trick that some of the more recent malware are using is to delete certain Windows Registry keys so that your computer can not properly boot into safe mode. It is in these situations that using the System Configuration utility to boot into safe mode can cause the computer to become inoperable for many users.

This is because once you set the computer to boot into Safe Mode using /Safeboot, it will continuously attempt to start Safe Mode until the /safeboot argument is removed from the boot.ini. Since the malware is not allowing us to actually boot into safe mode, you have no way of getting to a point where you can run the System Configuration utility again to uncheck the /Safeboot option. Thus, you are stuck with a computer constantly attempting to get into safe mode and not being able to do so.

If a situation like this has happened to you it is possible to fix this problem by renaming your boot.ini file. The first step would be to use a boot disk to start your computer. If your computer does not have a floppy disk, then you can typically boot off the Windows CD that came with your computer in order to access the Windows Recovery Console. More information about the Windows Recovery Console can be found here. Once booted to a command prompt, you would simply rename your C:\Boot.ini file to another name like C:\Boot.ini.bak. The command to rename the file at the command prompt is:

ren C:\Boot.ini Boot.ini.bak

Once the file is renamed, you can then remove the boot disk and reboot your computer to get back to normal mode. When booting up after the rename, do not be surprised if you see an error stating that you do not have a valid Boot.ini file. When you get back to normal Windows mode, you can then rename C:\Boot.ini.bak to C:\Boot.ini and run Msconfig again to remove the /safeboot flag.

Conclusion
It is not uncommon when people are helping you troubleshoot your computer that they tell you to enter Safe Mode. With this tutorial you should now know how to enter Safe Mode when it is required.

If you have any questions please feel free to post them in our computer help forums.

--
Lawrence Abrams
Bleeping Computer Windows Basic Concept Tutorials
BleepingComputer.com: Computer Support & Tutorials for the beginning computer user.

 

[canivari]

when you power on you computer u need to click a lot of times in F8
until u reach a menu
in that menu u will see safe mode choose that one with up and down arrows
and press enter

 

[canivari]

just seen this one:
If a file (or folder) still appears to be 'undeletable' this is often caused by the indexing service.
Right click the file you need to delete, choose properties, advanced and untick "allow indexing" you will then be able to delete the file.

 

[tbone1621]

delete flv

Okay, I've tried using the F8 button (both holding it down and rapidly hitting it). The only menu it showed was to get into Windows 7 (which it normally does) and an advanced tool for diagnosing the memory. Nothing for Safe Mode.

I also tried accessing Properties and absolutely nothing happens.

 

[ganzey]

ok, do you know anyone else with a computer? if so, put your hard drive in their pc as a slave, then simply browse to the location, and delete it.

 

[canivari]

is your keyboard USB?
If it is try with an PS/2
I think the problem is that

 

[S.T.A.R.S.]

LoL people you complicate life so much over one single FLV file that can be deleted so easily through the Ubuntu 9.04 which he can boot from the CD or USB stick.LoL dude just use Ubuntu and you will solve your problem in few minutes.
After that just scan your computer for viruses and thats it.
It really cant be more simple




Cheers and happy old 2009. year xD

 

[tbone1621]

delete flv

I got into Safe mode and tried deleting the file. The delete option just got stuck in the "Calculating" mode and didn't do anything.

I also installed Ubuntu but cannot find the file (it's in the Favorites - Download folder). Ubuntu says that folder is empty.

 

[S.T.A.R.S.]

I got into Safe mode and tried deleting the file. The delete option just got stuck in the "Calculating" mode and didn't do anything.

I also installed Ubuntu but cannot find the file (it's in the Favorites - Download folder). Ubuntu says that folder is empty.

LoL you didn't have to install it.Just download the Ubuntu 9.04 ISO,burn it to CD then boot from that CD,enter into that folder where your FLV file is located and then turn on the option to show the hidden files and folders.Then you will see that FLV file and will be able to delete it.If you still do not see that FLV file then you have probably looked for it on the wrong location...



Cheers and happy almost new 2010. year!!!

 

[tbone1621]

delete flv

Boys & Girls - Thank you all for taking the time to give your suggestion on removing this file. Special thanks to S.T.A.R.S. I FINALLY figured out how to locate the files using Ubuntu and deleted the file! Thank You! But why was Ubuntu able to delete the file when Unlocker, DeleteDR & FileAssassin were unable to?

 

[S.T.A.R.S.]

But why was Ubuntu able to delete the file when Unlocker, DeleteDR & FileAssassin were unable to?

The reason is simple.Because while you are in the Ubuntu OS,your Windows OS is COMPLETELY shutted down and NOTHING is not currently using that FLV file.Nothing is not blocking it from Windows OS because the Windows OS was completely OFF.

 

[trevca]

flv's!!!

have tried the ubuntu thing and booted with it..file was not hidden in the first place but cannot be dumped..thinking i was being clever I thought i'd send it to the desktop to delete it and also sent ti to the e drive to try and attack the b*****d..but guess what..it's now everywhere on the system and can't be deleted from anywhere..in fact windows keeps failing and showing "not responding" message so my only option is to cancel all the time..

slightly embarrasing flv as well to have showing on the desktop, as you can imagine..

suggestions anyone?..apart from don't use the internet for porn of course..

 

[carlo.santos]

Reboots are usually required to unlock some files...especially context menu handlers...try rebooting and deleting them (they may automatically get deleted during the reboot process).

Failing that, download and install Unlocker:
www.filesUnlocker.com