Elthesh
join:2001-12-01
Fort Lauderdale, FL | Folder deletion issue due to long term infection. I hope this is in the right section as this issue is due to a serious infection and is causing me to not even be able to finish a scan.
Alright, I'm working on a secondary computer here that is infected. Badly. I can't even get in Windows, in safe mode or otherwise. I've been running the Kaspersky rescue cd to attempt to scan and clear up the infection. It has detected and removed around 15 or so infected files.
That is, until it reached the Content.IE5 folders. It started to bog down in those, so I stopped the program and went into the file browser on the rescue cd. I then went into the various Admin, NetworkService, etc folders and wiped the Content.IE5 folders on their subfolders, cleared the Temp folders and even wiped out all cookies.
However, under the NetworkServices folder tree, there is one random subfolder under Content.IE5 that apparently has thousands, tens of thousands, hundreds, millions, who knows, of .js files. This would likely be part of the result of the multiple javascript infections that the scanner already found and deleted. I attempted to delete this folder before bed. The drive was actively deleting by the sounds of it. 8 hours later, it still wasn't done. I then paused the deletion and restarted the virus scanner. It hit this folder and now I can see it scanning a neverending parade of, I assume are empty, .js files. This has been going for the past 2 hours. It has yet to find any infections in the folder though.
I can't even view whats in this folder due to the insane amount of files in it. The file browser locks up on that folder after a bit. What I need is a way to delete this folder, kill it, burn it, whatever in a fashion that won't take 12-24-72 hours-months as the Kaspersky cd isn't getting it done. I tried using a few different rescue disks and anything that offered a command line wouldn't even let me access the folders above it, like Content.IE5, etc so I couldn't even get near it using those. It is a hidden folder and I was able to see it using command line commands, but not get into it.
Also, the drive is only showing around 200 gigs of usage out of one terrabyte. That's after about a year of usage, just for a bit more info that I know about it.
This is a Windows XP computer, NTFS file system, Core I5 2500, etc. |
Elthesh
join:2001-12-01
Fort Lauderdale, FL | Some progress. I used Bootsuite and that allowed me to find the issue with the reboot loop which was one or more of the core system files was corrupt which it replaced. Got into Windows and did a bit of work. I was able to right click and check the properties of the massive folder.
Properties worked for almost 2 hours before it finally finished and the final tally was about 29 gigs and over 1.6 million files in the one random content.ie5 folder. I then attempted to rmdir /s /q while I slept and woke up to it still running. I finally stopped it and am runing properties scan again to see if anything at all was deleted. |
·