Hey folks, Isn't this fun? (har..) So what are people doing to clean out IIS servers hit by CRv2? So far I've been doing the following: 1. Patch the server. 2. Remove root.exe from the web directories. 3. Remove explorer.exe from c: and/or d: 4. reboot. My main question is do you need to mess with the registry keys that it alters? Are these reset on reboot or do you need to set them to some value? If so what values? Or delete them all together? Thanks, dmuz ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 11:30:06 PDT