Re: Corrupted Directories, Intrusions, and Nimda Oh MY

[Mike Shaw <mshaw () wwisp com>]

Try deleting them with the 8.3 names.  If that doesn't work, try 
downloading some win32 versions of Unix utilities.

I had a similar problem where I could delete files on a workstation but not 
copy them.  I was able to copy them using Posix symlinks.

-Mike

At 05:48 PM 11/8/2001 -0800, Drew E. Gilkey wrote:
> Went on vacation for a week, come back to see that my email server is
> reporting that its comepletely full. Look a little deeper into it and I
> see that people have uploaded tons of MP3's, Warez, etc.. Wondering how
> they got in I start to do a virus scan and bam... Nimda was found...
> Unfortunately now I have tons of files on my system that cannot
> seemingly be removed... 2000 thinks they dont exist, yet they do and
> they are taking up disk space.. I have managed to get one of the
> directories removed but the other ones contained tons of locked files,
> weird directory structures that make the system think that the files nor
> directory dont exist, plus permission problems... Anyone got a tool that
> will allow me to just delete the directory and all the subdirectories
> this stuff is in? Or any advice.. I have tried using the ASCII
> characters, etc.. but I just cant seem to get them to delete.. I can
> access the folders via FTP, but when i try to delete them the OS cannot,
> not can I download anything in the folder.
>
> --Drew Gilkey
> Dgilkey () libenn com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com