Solved Malware, I386, EPSOn File Mystery

[SabrinnaFarinna]

Hi! Dear Vista Fellows! Need your help!

My Dell, with Vista SP1 and Symantec EndPointProtection 11 , came down with “PC Speed Maximizer.”

Try to use MalwareBytes. It, could not pass, kept on being stucked on:
C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EP0NMF7A.dll

There is no “skip” button to avoid this “deadly””sticky” EPSON printer file. Trying to delete this file, never in use, I restarted to Bart PE CD, to Vista Full Version Installer DVD, to Dell Vista Restore DVD. Whenever, I tried to delete this file, I encountered “File Not Found” error message.

How could that be? I tried Safe Mode; I could not delete it either! I can browse the folder content; yet, I can neither delete any file, nor change the permission.

Help! Please! My last resort: Restore the system image from DELL Vista DVD? That would be very depressing!

Sabrinna

 

[Lorien]

Try using one of the following free products to delete the file. Unlocker at: http://www.softpedia.com/get/System/System-Miscellaneous/Unlocker.shtml or File Assassin http://www.malwarebytes.org/fileassassin.php These programs often work when normal Vista delete functions fail to operate properly.

I hope this helps. There may be other options to try (no, let me rephrase and say there ARE other alternatives), so don't restore to factory conditions until we've tried all other possibilities. I also need time to further research the problem.

Good luck!

 

[cwl7454]

Use the following to kill the application:KillBox.Net

 

[SabrinnaFarinna]

Thanks for the kind TIPS! Happy Friday!

Sabrinna

 

[Lorien]

Use the following to kill the application:KillBox.Net

Just out of curiosity, exactly what application are you proposing be "killed"? While deleting this FILE may allow Malwarebytes to finish and possibly remove any malware, I'm not certain what application needs to be uninstalled that can't be uninstalled. Am I missing something even after re-reading the post five times? Are you possibly referring to the Epsom software which may or may not still exist and, if so and unnecessary, can likely be removed normally (or by using a specialized product like you suggested or that I suggested below)?

For removing applications (when that is required and/or if it is needed here and I've completely missed something - which I admit is possible), I recommend Revo http://www.snapfiles.com/get/revouninstaller.html. I actually use Revo for every uninistallation I do (except for some anti-virus software where special removal tools are required). If used properly and carefully in Advanced Mode, it can do a much better removal job than any uninstall program provided with any program (and in fact starts by using that tool and then goes further to get remnants that weren't properly removed by the normal program). I'm unfamiliar with killbox, but intend to download and try it as soon as possible (and compare it to Revo with one or two programs just to see the difference, if any, for myself). I'm always willing to change if I find a better product than what I'm using.

 

[Lorien]

Thanks for the kind TIPS! Happy Friday!

Sabrinna

Keep in mind that this is just a distraction from the REAL problem here. Even if you can remove that file so Malwarebytes finishes, you still need to do a complete malware check and not just with Malwarebytes (though that's an excellent first choice and what I recommend first in such situations).

Try to run anti-malware programs (in safe mode with networking if necessary). To fix this problem (if it is a problem) download, install, and run the following two programs: http://www.malwarebytes.org/mbam.php and http://www.safer-networking.org/en/index.html. You may also want to try the new, free Microsoft Security Essentials http://www.softpedia.com/progDownload/Microsoft-Security-Essentials-Download-131683.html (with the caveat that only ONE AV program can be installed and running on your system at any one time). Use removal tools when appropriate http://www.raymond.cc/blog/archives/2009/05/05/comprehensive-list-of-uninstallers-or-removal-tools-for-antivirus-software/. You may also want to try the free Avira at: http://www.free-av.com/ and Avast at: http://www.avast.com/index. Reboot after completing all the scans. You may also want to try the free OneCare at http://onecare.live.com/site/en-us/center/whatsnew.htm and let it run all the options (except the registry cleaner) because that’s good maintenance (it will take some time to complete but can be done in the background).

If any of these programs find anything whatsoever, please attach a copy of the report log and/or a screenshot of the report to your next post. Depending on what was found, more may be required to truly resolve the problem (even if the report says the problem was cleaned or removed or resolved).

I hope this helps.

Good luck!

 

[cwl7454]

@Lorien

How could that be? I tried Safe Mode; I could not delete it either! I can browse the folder content; yet, I can neither delete any file, nor change the permission.

In response to the above statement I recommended this app;

KillBox is a tool to delete in-use files, if the file is running, KillBox will attempt to end the process (close the running file) and delete it.

 

[Lorien]

@Lorien

How could that be? I tried Safe Mode; I could not delete it either! I can browse the folder content; yet, I can neither delete any file, nor change the permission.

In response to the above statement I recommended this app;

KillBox is a tool to delete in-use files, if the file is running, KillBox will attempt to end the process (close the running file) and delete it.

Ah, thank you very much for the clarification. As you said it was to kill the application, I misunderstood the function of the program and thus its applicability to the problem. So it deletes files and not applications. That's a completely different story (and I hadn't had a chance to go and check it out yet so I accepted what you had written at face value). I will still check it out, but I now see from your description it is competition for Unlocker or File Assassin (which delete files similarly though I'm not exactly sure yet if they do so the same as killbox) rather than Revo (which deletes applications).

Isn't it amazing how the change of one word "file" vs. "application" can cause such misunderstanding?

It now appears to be a perfectly valid recommendation and alternative suggestion - and may even work if the others do not (assuming it isn't tried first and just does the job).

Thank you and my apologies for being confused by seeing "kill the application" rather than "kill the file."

 

[SabrinnaFarinna]

Thanks for your efforts!

After deleting a few EPSON files, Anti-MalWare Scan completed and eradicated Trojans.

Happy ThanksGiving!

Sabrinna

 

[Lorien]

Excellent news! It was our pleasure to help. I assume one of the recommended programs helped you delete the file(s) so the program would finally work.

Thanks for the feedback - it is appreciated.

I will request that the thread be marked as solved.

Good luck and best wishes!