Let's try this again. If you have been hacked then often there will be invalid characters in file names. Trying to delete them via many tools doesn't work. Using erase /s or del /s (or others depending on the OS) will often times work when these other tools won't.
This gentleman is correct in that if you can't read the dir structure then you need to run checkdsk or scandisk or whatever. However, you can read the structure because you can see that they are there, you can't delete them and (I'm assuming) everything else is running fine. Bottom line is that I have seen several machines hacked with directories I couldn't delete with explorer, etc. Using erase /s at the command prompt deleted the hidden / screwed up filename files so that I could delete the directory. One last time. Have you tried erase /s? (It's an easy question.) Regards, Craig ----- Original Message ----- From: "Adam Smith" <[EMAIL PROTECTED]> To: "NT 2000 Discussions" <[EMAIL PROTECTED]> Sent: Thursday, October 18, 2001 10:18 AM Subject: RE: Server hacked... need to get rid of a folder > Did you try the erase /s on it? The 'ERASE' command does not delete directories, only the files contained within it. This will provide a temporary fix to the problem where the directory contains too much data. If you encounter errors with ERASE not being able to read the contents of the directory, then the 'DEL', 'RM', 'DELTREE' and any other commands will not be able to read it either. This means it is a file system problem. Back in the days of FAT, we used to run CHKDSK and SCANDISK which would detect and repair corrupt file and directory entries in the FAT. This is an NTFS partition, I assume. Have you run a Scandisk to check the disk/FAT integrity? Regards, Adam Smith IT Officer SAGE Automation Ltd [EMAIL PROTECTED] http://www.sageautomation.com ԿԬ ************** Email Confidentiality Clause ************** The information contained within this email and its attachments is intended for the named recipients only. It may contain privileged and confidential information. If you are not the intended recipient, you must not copy, distribute or take any action in reliance on it. If you have received this email in error, please return it to the originator advising of the error and delete all copies of it from your system. ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
