Deleteing undeletable files

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi .. I use gmail for the past 16 months for email. Prior to that
Thunderbird.  In an old profile in Thunderbird there was a back of my
old email that contained some virus files, win32.bagle type .. they are
dormant, never executed but I cannot delete them.  I was unaware they
were there until I switched to Bitdefender and were discovered then.
When I try and delete them it says they cannot be deleted as they are
being used by another program.  How do I delete them?
Thanks,


Re: Deleteing undeletable files

Bobt wrote:

Quoted text here. Click to load it

You will want to open Thunderbird, find the particular messages with the
virus attachment, and delete those specific messages. Otherwise, you
take the chance an ill-behaved a-v program could delete the entire mail
file, taking all of your email with it. Empty the Trash when finished
deleting the messages.

While viewing the mail, click on the column heading with the paperclip
symbol; this will sort by messages with and without attachments so you
can more easily find them.

--
   -bts
   -Motorcycles defy gravity; cars just suck

Re: Deleteing undeletable files

a.nony.mous@example.invalid says...
Quoted text here. Click to load it
********** SEPARATER ***********
One of the reasons I still use Eudora 3.06 is that it stores attachments as
files instead of embedding them into one large mail file. That feature makes it
very easy to dump the contents of the attachment directory. 3.06 also has the
added advantage that it only supports text in HTML, which has always been a
major source of malware. Unfortunately, the newer versions of Eudora do none of
that.

I do realize however, that one of these days an email feature will come along
that will necessitate me upgrading my email client program. Is there any modern
email program out there that still stores attachments as files?

J.A. Coutts


Re: Deleteing undeletable files

What? You are mistaken. All versions of Eudora has those features.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com , David
H. Lipman, Max M Wachtell III  aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



Quoted text here. Click to load it



Re: Deleteing undeletable files

pcbutts1@leythosthestalker.com says...
Quoted text here. Click to load it
*************** REPLY SEPARATER ***************
Perhaps, but I did try a newer version and gave up in disgust because it looked
too much like Outlook/Outlook Express (which I abhore because of its HTML
support), and it lacked the simplicity of the old lite version. I am a firm
believer in the KISS principle (Keep It Simple Stupid). and software that
leaves a small footprint.

J.A. Coutts


Re: Deleteing undeletable files

administrator@spam.yellowhead.com (John Coutts) wrote:

Quoted text here. Click to load it

Eudora 7 still stores attachments in the "Attach" directory on my
system.

Re: Deleteing undeletable files


Quoted text here. Click to load it

You delete all unwanted email and email attackments while in T-Bird.
One way to go about it is to Save messages you want to keep in
folders you create on your hard drive. T-Bird has provisions for you
to do the Saves to whatever folder(s) you specify. When done with
that, you delete everything that's left from your T-Bird "folders".

It's not a good idea to retain mail and attachments you want to keep
in T-Bird folders, since the program is a bit buggy and it has a bad
habit of losing folders you create. It's just not a reliable archiving
method. Creating separate folders for archive purposes is a much
better approach. Then T-Bird's folders are just temporary filtering
folders used only to sort email but not archive it.

Ths approach fits in with "safe hex" as well. You immediately delete
all unsolicted attackments as soon as they are received. Then you
never wind up in the situation you're in with old previously
undetected malware in your T-Bird folders.

Art
http://home.epix.net/~artnpeg

Re: Deleteing undeletable files

Thanks .. unfortunately I deleted and removed Thunderbird a while ago
as I have not used it for over a year ... what wasn't deleted was the
profile which contained the emails ... so Thunderbird is no longer on
my computer ...
bobt

Quoted text here. Click to load it


Re: Deleteing undeletable files

on 03 Jan 2007, something possessed Bobt to write:

Quoted text here. Click to load it
Well, in that case, try reinstalling thunderbird.  Don't worry about
setting up e-mail accounts (although if you wanted to, you could use TB
to check gmail through POP3), but since the profile is still there, you
should have access to these messages.  Another alternative, if you're
dumping thunderbird and never looking back, would be to delete the
thunderbird folder in your user account's application data folder (c:
\documents and settings\%user%\application data\thunderbird.  This should
delete your entire profile, including the messages.

Cheers,

William

Re: Deleteing undeletable files

Try renaming the file you want to delete and then deleting it.  Also, right
click on the file and see if it is a "read only" file.  If it is, unchecking
the read only box will allow it to be deleted.
Quoted text here. Click to load it



Re: Deleteing undeletable files

posted on 3 Jan 2007 06:24:59 -0800, Bobt wrote: Begin  

Quoted text here. Click to load it

They're not as 'dormant' as you think if you can't delete them.

Quoted text here. Click to load it

Try this http://www.snapfiles.com/get/removereboot.html
or this http://www.downloads.subratam.org/KillBox.zip

--

Bart

Re: Deleteing undeletable files

on 05 Jan 2007, something possessed Bart Bailey to write:

Quoted text here. Click to load it
I think what Bob meant was that they were dormant in respect to their main
payload being released.  For example, time-bomb viruses that wait for a
specific date or a specific time or a specific signal (if it dials home or
ads itself as a service listening on whatever port) from an IP addie
waiting to mess up the host PC.

Regards,

Will

Re: Deleteing undeletable files

on Sat, 06 Jan 2007 01:38:18 GMT, William wrote: Begin  

Quoted text here. Click to load it

Those used to be referred to as logic bombs, where certain conditions
had to be met to deploy the payload, but in the OP's case I'd more
likely suspect a remote administration tool (RAT) might have gotten
installed by an innocent click and now it's just a sneaky little bot
'borrowing' a bit of bandwidth.

--

Bart

Re: Deleteing undeletable files


Quoted text here. Click to load it

Hey Bart, long time no see :)

The links you provided are not appropriate to the problem.
It's the old issue that Chris Quirke used to complain about
where many email apps store email and attachments in such
a way that av can't hardly delete individual items. The av
can detect malware in these so-called "folders". These "folders"
are actually files which may contain many items under
the control of the email app itself. It's somewhat similar to
the issue of av not being able to delete individual items
in a zip or other compressed archive.

Chris used to recommend a old version of Eudora because
it stored email and attachments in a straightforward way
as individual files on the drive. Since he did (does?) service
work he didn't want a customer to be left with malware
attackments in their email "folders". I used to argue that
with Pegasus and Thunderbird (at least) a person really
has to do some work to take a hit from attackments since
these email apps don't allow the user to Run (execute)
them. The user literally has to Save the attackment to
some subdirectory and then exit or minimize the email app
and go run the damn thing :) But I do understand his
concern from the POV of a service tech.

I suppose, knowing MS, that the problem is far worse
with OE. I'd guess OE allows the user to Run attackments.
If so, therein lies the real problem and issue. Since I've
never used OutBreak I don't know for sure.

In the case of the OP with just a old T-bird profile and
no T-bird app any more, it's actually a non-issue since
there's no way the stored malware can be executed.
The malware isn't even "dormant" in the usual sense
of the word. It's effectively "dead". He should search
the "folders" using a text finder program to see if there's
any old email he wants to try to extract and Save (using a text
editor) and then simply delete the profile so that av quit
alerting when a on-demand scan is done.

Art
http://home.epix.net/~artnpeg

Re: Deleteing undeletable files

Sat, 06 Jan 2007 12:45:15 GMT, Art wrote: Begin  

Quoted text here. Click to load it

Back atcha Art
been distracted so to speak trying to bulletproof this XP-Pro box for
net usage, finally got MSIE off it, no small chore. Only downside is
that the neck stretchers and tear jerkers on YouTube won't play.

Quoted text here. Click to load it

If the bad guys can run from within an attachment, what's the harm in
deleting the whole message, certainly not something you'd want to hang
onto, or is the whole mailbox integrated into a corruptible mess?
My Forte Agent stores attachments (if I even want them) to a folder on a
separate drive and can be accessed independently of the message body.

Quoted text here. Click to load it

Legacy v1.93 Agent for mail and news here, haven't found anything better
and this old dog ain't up for many new tricks these days, hell, my
recent project of configuring a DVD burner so as not to corrupt
everything else is enough exercise. <g>

Quoted text here. Click to load it

For whatever reason my OS wants to see an OE folder
in amongst the Program Files,
so it's got one,
empty and read only.

Quoted text here. Click to load it

Agent Ransack is an excellent freebie grepper
that will let you 'touch' its findings
http://www.mythicsoft.com/agentransack/
sure beats that damn eye rolling find-wizzard in XP
that can't even get a hit on its own ass.

--

Bart

Re: Deleteing undeletable files


Quoted text here. Click to load it

Hey, eradicating IE without destroying the OS must have been more
than a chore. I'd call it a miracle :)

I gave up on that way back when Peg started using Win ME on her
Hp Pavilion. Too much of the OS became non-functional. When I
started using Win 2K Pro, I never gave IE eradication a serious
thought. Instead, I play the game of using MS updates on automatic
and let everything MS wants get installed, including sp4, the rollup,
and all the many hotfixes and patches. I keep IE6 on max security
in the Internet zone and I have a small # of sites set in Trusted. In
addition to MS, there are a couple of sites I like that don't work
without IE. I use K-Meleon as my default browser (it's really nice
IMO) and I use FF and Opera as alternates.

I still don't use realtime av and I still have never taken any hits
(and neither has Peg without using any realtime av). I really like the
AOL AVS product based on KAV 6. We use a LinkSys wireless router
to share our DSL service on our two different PCs. The NAT router
fw takes care of unsolicted inbound. But in any event, I've closed
all ports on both machines. I like running without any software
"protection" underfoot. So far so good. I've cleaned all personal
stuff off both PCs just in case, and I rely on a cloned backup
drive to  Restore everything if necessary.    

I'd be interested in seeing a writeup on what you've done and
the negative effects on XP. Did you follow the lead of others
on this or do it all yourself? I've heard rumors about freeing
the NT based OS from IE (and OE) but I've had serious doubts
about the wisdom (and the reality) of it.  

Art
http://home.epix.net/~artnpeg

Re: Deleteing undeletable files

Sat, 06 Jan 2007 16:23:30 GMT, Art wrote: Begin  

Quoted text here. Click to load it

Miracle workers sometimes need a lifesaver
mine's Norton Ghost

Quoted text here. Click to load it

My duet is OB1 http://offbyone.com/offbyone/index.htm
Smallest means least vulnerable - nuff sed
and legacy Opera v6.06
http://www.oldversion.com/program.php?n=opera
*note - with v7xx Opera introduced DOM
but didn't include the complimentary tube of KY gel

I bought this used machine with XP-Pro installed and never got a
re-install disk so when I corrupted it with an fdisk oversight had to
load a warez copy which has a blacklisted sn# therefore no SP2.
This might have been a blessing as some of the patch action was to
harden the OS.

Quoted text here. Click to load it

I did a brief eval on the KAV internet security package but decided the
extra weight didn't pencil out for my activities.

Quoted text here. Click to load it

It's not NT, but a FAT32 install and as to the reality,
I'll email a screencap of Run:IEXPLORER
Hope your addy's still the one I had from years ago
the WinAmp icon means I was listening to Dwight Yoakam <g>

--

Bart

Site Timeline