Could you clarify what you mean by a Search and destroy? I have scanned the entire server for viruses and I have not found any. What other methods do you propose? Take care, -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Thursday, September 20, 2001 12:56 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: IIS - inetpub\adminscripts directory has 2 htm files http://www.ISAserver.org You've been hacked, buddy! It's not Nimda or Code Red, but you've been hit by someone. Time to start a "search and destroy" misson on your web servers. Jim Harrison MCP(2K), A+, Network+, PCG ----- Original Message ----- From: "Christian Villeneuve" <Christian.Villeneuve@xxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, September 20, 2001 09:34 Subject: [isalist] IIS - inetpub\adminscripts directory has 2 htm files http://www.ISAserver.org I was wondering if someone can help on this. I found these 2 htm files in my Inetpub\adminscripts directory that displays "F*** USA Government F*** PoisonBOx, contact: sysadmen@xxxxxxxxxxxx <mailto:sysadmen@xxxxxxxxxxxx> ". I have scanned the directory and my entire drive for viruses but none were found. What should these 2 htm files display and/or can I delete them? Best regards, Christian Villeneuve ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Christian.Villeneuve@xxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')