[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 160
  • Last Modified:

virus attack! - need help!

I'm running Grisofts AVG antivirus and our network has been infected with the "W32/ElKern" virus.  I've deleted all infected files except for 9 which I can't seem to locate.  I have "show all files" turned on in the options for folders but there is a directory (and file) showing up as:

c:\WINNT\INSTALLER\{00010409-78E1-11D2-B60F-006097C998E7}\ACCICONS.EXE

I can't seem to locate this directory in explorer and want to get to it to delete the infected files before reloading software.  

Can anyone tell me how to get to this directory so I can delete these files?
0
ghughes
Asked:
ghughes
1 Solution
 
SysExpertCommented:
It may be a temp dir that only exists during installs.
Rerun the Virus check and see if they are still there.

Also delete all cache and temp files in IE etc.

I would also get a better virus Program ( Norton ) and have it do a proper cleanup.

You should not have to do this manually !!

I hope this helps !


0
 
jhanceCommented:
Open a CMD.EXE window and CD to C:\WINNT\INSTALLER

Then type:

DIR /A /X | MORE

See if this file shows up there.  If so, you should be able to delete it using it's SHORT FILE NAME as displayed by DIR using the /X option.
0
 
jmiller47Commented:
I had something similar. You will have to use the Emergency Repair Diskettes and scan maybe twice.

Be prepared. This scan takes a while...
0
 
ghughesAuthor Commented:
jhance,

thank you.  your info helped me along the most.  I was able to get to the directory but the file attributes had been changed so I could not delete them.  I finally figured out to remove the "read only" attributes and was able to delete the files.  Thank you.  I honestly can say you've saved out work network!  I appreciate it.  Take care.
0
 
jhanceCommented:
Glad to help....
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now