I know half the camp says the only way to recover from NIMDA is to do a
fresh install, but I can't right now. I will soon though.
In the mean time...
I am 90% done with cleaning my IIS server. I have it back on the network,
but I am blocking all traffic to and from it at the firewall. As I check
the logs, the IIS server is not trying to port scan other IP's. When I do
my virus scan however, there are 60 .htm files that say they are infected,
but can not be cleaned or deleted. When I try to manually delete them, it
says access denied. I do have full admin rights on the machine, and I am
doing it locally. I can not set the security to full access for the admin
on these files either.
Is there another "brute force" method I can try to get rid of them?
When I edit the files, they look fine. I did not see the text referring to
readme.eml.
Eric
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
