Can you kill them from a DOS box, or DOS boot, or boot disk?
Mike
----- Original Message -----
From: "Eric Brouwer" <[EMAIL PROTECTED]>
To: "NT System Admin Issues" <[EMAIL PROTECTED]>
Sent: Friday, September 21, 2001 9:32 AM
Subject: NIMDA cleanup questions...
> I know half the camp says the only way to recover from NIMDA is to do a
> fresh install, but I can't right now. I will soon though.
>
> In the mean time...
>
> I am 90% done with cleaning my IIS server. I have it back on the network,
> but I am blocking all traffic to and from it at the firewall. As I check
> the logs, the IIS server is not trying to port scan other IP's. When I do
> my virus scan however, there are 60 .htm files that say they are infected,
> but can not be cleaned or deleted. When I try to manually delete them, it
> says access denied. I do have full admin rights on the machine, and I am
> doing it locally. I can not set the security to full access for the admin
> on these files either.
>
> Is there another "brute force" method I can try to get rid of them?
>
> When I edit the files, they look fine. I did not see the text referring
to
> readme.eml.
>
> Eric
>
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
>
>
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
