livpipe
asked on
M: drive missing, Netsky attack, E00.log sent to quarantine
I received virus alert that E00.log file has been sent to qurantine folder, then I found M: drive missing and exchange server not available. I also did not notice this had happened and did a defrag on the c: drive which now I am thinking was bad. I tried to reload the file from Norton Antivirus but it fails to replace file. I tried the exchange command-line parameters for the Isinteg.exe tool but this did not run and refered to log file. I don't know where to find this log file to tell results. I am a novice with the exchange server so detailed instructions are needed.
UC
UC
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
well type netstart exifs so that the M drive apeears then remane the old E00.log to differnet name and restart the Information store agin.it will automatically rebuild the file
CHEERS
Shahnaz
CHEERS
Shahnaz
c:\program files\exchsrvr\bin>isinteg
Warning though, you need as much free space as you current information store takes up.
Or sinply disable Norton and take the log file out of quarantine and put it back where it was. Norton and any other virus checker shouldn't check the exchange mdbdata folders, you can disable it from checking the directories where the log files and the .EDB files are since the mailbox virus checker (if you've got one) will scan the contents of these database files through the antivirus hooks into Exchange.