We spent two days doing just that ourselves and were to rebuild (we own our
server) this morning, but our ISP jumped in and took care of it literally
out of the goodness of their hearts. They replaced all our exe files and we
did an extended replace to get rid of the JavaScripts. The last bit of
stuff from McAfee seems to be holding and we applied the new patch, so all
seems stable now. We are looking at moving from NT4/IIS4 to
Windows2000/IIS5 soon (we were going to do it with the rebuild) - how is
IIS5 handling these viruses?
JoAnn A. Schlosser
Senior Consultant
Association Management Software
Grant Thornton LLP
Washington, D. C.
703.837.4428
-----Original Message-----
From: Maureen [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 8:42 PM
To: CF-Talk
Subject: RE: Code Red backdoor triggered?
At 05:36 PM 9/20/01 JoAnn A. Schlosser wrote:
>OK. We just found out that our backup tapes are infected, too. Has anyone
>found a way to clean this without a total reinstall? I am in the process
of
>copying the site files themselves to clean separately. If I can avoid a
>total tear-down and rebuild, I would be eternally grateful.
I don't think it's possible. I've spend most of the last two days
attempting to clean the servers to point where I am comfortable, but have
finally reached the decision to request the data center to provision new
servers, and just move files and databases that I can certify as virus
free, which will probably take less time than rebuilding the existing
servers.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
