OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Lew E. Lefton (lleftonmath.gatech.edu)
Date: Thu Nov 08 2001 - 22:38:30 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I don't know if this will work, but you may try installing Cygwin (a Unix
    environment on Windows). Then from a bash shell type

      rm -rf c:\tree\to\erase

    Better yet, you should probably reinstall everything on a freshly
    formatted drive from original media. Then restore your own files from a
    trusted (pre-nimda) backup. Otherwise, who knows what other "goodies" are
    hidden around your system now (keystroke sniffers, etc.)

    Good Luck,
    Lew Lefton

     -----------------------------------------------------------------------
    | Lew Lefton, IT Director | Phone: (404) 385-0052 |
    | School of Mathematics | FAX: (404) 894-4409 |
    | Georgia Institute of Technology | e-mail: lleftonmath.gatech.edu |
    | Atlanta, GA 30332-0160 | http://www.math.gatech.edu/~llefton |
     -----------------------------------------------------------------------

    On Thu, 8 Nov 2001, Drew E. Gilkey wrote:

    > Went on vacation for a week, come back to see that my email server is
    > reporting that its comepletely full. Look a little deeper into it and I
    > see that people have uploaded tons of MP3's, Warez, etc.. Wondering how
    > they got in I start to do a virus scan and bam... Nimda was found...
    > Unfortunately now I have tons of files on my system that cannot
    > seemingly be removed... 2000 thinks they dont exist, yet they do and
    > they are taking up disk space.. I have managed to get one of the
    > directories removed but the other ones contained tons of locked files,
    > weird directory structures that make the system think that the files nor
    > directory dont exist, plus permission problems... Anyone got a tool that
    > will allow me to just delete the directory and all the subdirectories
    > this stuff is in? Or any advice.. I have tried using the ASCII
    > characters, etc.. but I just cant seem to get them to delete.. I can
    > access the folders via FTP, but when i try to delete them the OS cannot,
    > not can I download anything in the folder.
    >
    > --Drew Gilkey
    > Dgilkeylibenn.com
    >

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management
    and tracking system please see: http://aris.securityfocus.com