The network has approximately 30 users running Windows XP SP3. The server is running Windows 2003 Server, this server is a member server acting in the role of the File server. One of the shares created on the server has the two above mentioned files stored there - autorun.inf and ircphate.exe. The attributes on the two files is shown as hidden. I have used a variety of tools to try to remove this virus. Sophos, Norton, Kapersky all with no luck. The Sophos application was able to identify it however unable to clean the server of the file.
Each time a user access the share with the trojan Norton pops up indicating that it has quarantined the file. The services running on that server are as follows
bill.exe - out call accounting software
Could anyone advise on how can successfully remove these files from my server.