Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Help! Undeletable files on main server, possibly virus?

Status
Not open for further replies.
josh0227

josh0227

MIS
May 10, 2005
66
US
We have an immediate concern on our main server. All of the sudden there have been several files, with nothing in them that have appeared out of thin air. I can't delete them. When I try to, it gives me an error telling me that "Cannot delete file. Cannot delete from the source file or disk."
The file names are either blank, or have spaces before the entries which are listed as follows:
com1
prn1
prn3
com0
.tmp

etc....

I have tried deleting them in DOS using short file names, and all of the possible commands and it doesn't work. I am the enterprise admin and it still doesn't work. It tells me that access is denied. There is nothing in the files, except for more files, with names like:

forArMaDateam, .com1, .com2, forBpM, aux3, nul3, randomMaze 4,5238934211693e+34..., etc.....

I really don't know what to do.

Has anyone seen this before?
 
Sort by date Sort by votes
Sounds very suspicious!

Are virus scans turning up any useful information?
 
Upvote 0 Downvote
No. we have symantec, and it doesn't detect anything.
 
Upvote 0 Downvote
Does this machine have ftp, if so you have a security problem, someone is playing games from the FTP directory. The files can be deleted with many DOS ultilities.
Search for norton commander or norton commander clone, download.. this will delete those files.

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Well, I tried Norton Commander and it did not work. Any other ideas? We are going to try to boot into safe mode next week, however I suspect that the same thing will happen.

Thanks.
 
Upvote 0 Downvote
Been about 5 years since I had exact thing happened. Norton does work, but now I remember there was a trick to it. Try F9, file attributes or try to rename the file from within Norton, try moving the files to a sub directory, then delete. Wish I could remember... I should remember it happen about 4 times from a monkey aceessing my ftp. If you have ftp, disable the service first.

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
These files are using DOS reserved device names which are illegal but are still capable of being created. In order to remove them follow this tip from the JSIINC website

del \\.\Drive:\directory\filename
Example: del \\.\c:\someplace\lpt1

Now how these files got there is another story.

Hope this helps.
 
Upvote 0 Downvote
Ok,
I tried that and it asked me if I wanted to delete those files, and I said yes. Then DOS either tells me that it cannot find the file to delete, or it does it, however the file still remains in explorer. This is starting to really frustrate me.

Help!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
529
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
708
Aquiles Vidal
Aquiles Vidal
Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
800
gbaughma
gbaughma
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
709
microsGuy16
microsGuy16
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
929
suncit
suncit

Part and Inventory Search

Sponsor

Back
Top