I have just discovered that I picked up the W32/Nimda.gen@MM virus.
When I went to McAfee to information on it they said that it could have potentially affected my IIS by creating "backdoors".
I went through the cleanup process that they recommended, and it detected and removed all infected files (mostly Inetpub/scripts files). But I am wondering if there might be some "left behinds" which may or may not have been taken care of.
I must admit my naivety with IIS and its associated configurations. When I go into my Internet Services Manager I see my IIS "Server". BUT I also see, as part of that same server, a Default FTP site and a Default SMTP Virtual Server and they are all Running.
This may be a normal configuration, but I would welcome your input as to if this is OK or if the FTP and SMTP services are left-behind "backdoors" from the virus.
Thanks,
jrbbldr
jrbbldr@yahoo.com
When I went to McAfee to information on it they said that it could have potentially affected my IIS by creating "backdoors".
I went through the cleanup process that they recommended, and it detected and removed all infected files (mostly Inetpub/scripts files). But I am wondering if there might be some "left behinds" which may or may not have been taken care of.
I must admit my naivety with IIS and its associated configurations. When I go into my Internet Services Manager I see my IIS "Server". BUT I also see, as part of that same server, a Default FTP site and a Default SMTP Virtual Server and they are all Running.
This may be a normal configuration, but I would welcome your input as to if this is OK or if the FTP and SMTP services are left-behind "backdoors" from the virus.
Thanks,
jrbbldr
jrbbldr@yahoo.com
