Virus w2k server cleaning
Results 1 to 4 of 4

Thread: Virus w2k server cleaning

  1. #1
    Senior Member
    Join Date
    Jul 2001
    Posts
    420

    Virus w2k server cleaning

    Hi All,

    On my personal pc I run w2k server sp2 with IE 6.0 and Norton Antivirus. Recently I contracted Nawbi (not sure of spelling sorry). I have the latest updates from Symantec. If I disable IIS 5 (I am aware of security issues) and run Norton the system comes up clean. If I then re-enable IIS I receive Norton tells me that scripts xxxftp in inetpub\scripts is infected (no files in that directory not even hidden files).

    I reinstalled 2000 and the problem persists. I am planing on switching to Apache but it bugs me that I can't fully remove this virus.

    Going Linux on this system is not an option -I use too many m$ products for work.

    Thanks for all your suggestions.
    -D
    Share on Google+

  2. #2
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Norton gives you the option to delete an infected file when it discovers one. Have you tried to delete the file that way?
    Share on Google+

  3. #3
    Senior Member
    Join Date
    Jul 2001
    Posts
    420
    Norton gives me a 2 pop-ups first:

    File xyz on Homer infected with virus abc could not repair (only option is okay) next pop-up

    File xyz on Homer infected with virus abc could not repair Access is denied

    there is nothing in Quaritine

    Thanks for your suggestions
    Share on Google+

  4. #4
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Do you get these 'pop-ups' from the 'real-time' protection feature or during a scan. If it's 'real-time', I recommend you do a full system scan (all files) this should give you more options when the virus is encountered. Did you get the name of the virus? Is it "NIMDA", if so, Symantec has removal tools for two variants of this virus. Go to http://securityresponse.symantec.com/ to check them out.
    Let me know if you need more info.

    DjM
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •