Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Kill that Klez!

Posted on 2002-05-31
13
Medium Priority
?
188 Views
Last Modified: 2010-03-05
I have an Exchange server v 5.5
Lately I been getting allot of Klez viruses, about 1000 in the past two weeks.
Obviously my TVD has failed miserably.
I would like recommendations on virus software well suited for this job.
0
Comment
Question by:jwc02026
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +3
13 Comments
 
LVL 3

Accepted Solution

by:
jpmarten earned 400 total points
ID: 7047280
Norton for Exchange and Trend ScanMail have worked for me exceptionally well.
0
 
LVL 9

Expert Comment

by:rjcpjc
ID: 7048023
I have had great luck with Trend ScanMail.
0
 
LVL 23

Expert Comment

by:slink9
ID: 7048551
Trend products are what I implemented on a client's system after he contracted Klez.  Have you been able to eradicate it from the local computers yet?  If they are XP it is not so easy.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 2

Author Comment

by:jwc02026
ID: 7048650
Unfortunately this client is cost sensitive in the extreme.
I believe they are now ready to implement a new/updated company wide a/v solution however, most of the systems are PI or PII with NT4.
I believe I would need a 'light' solution for these.

There are few XP systems however I they believe they are fine as they had Norton and Pccillin out of the box.
0
 
LVL 23

Expert Comment

by:slink9
ID: 7048655
You may be able to scan and clean these by using http://housecall.antivirus.com
0
 
LVL 2

Author Comment

by:jwc02026
ID: 7048728
Yes I have sent this as
a temporary solution, unfortunately there is no enforcement mechanism, in any capacity
0
 
LVL 23

Expert Comment

by:slink9
ID: 7048797
Kind of that "You can lead a horse to water ..." thing?  If you make recomendations but they are not followed, maybe you just need to blow them off.  But hey, they don't follow your recommendations!!  That is more money for you when they do have to call you.  Sounds good to me.
0
 
LVL 2

Author Comment

by:jwc02026
ID: 7048803
Exactly!:)
Penny wise and pound foolish!
0
 
LVL 1

Expert Comment

by:monsterrick
ID: 7050249
I'm using Sybari's Antigen which protects Exchange quite well.

Ricky
0
 
LVL 56

Expert Comment

by:andyalder
ID: 7050961
We have TVD since it protects the mailboxes themselves from a user sending another user a virus plus a seperate virus checker on the SMTP feed running on mailsweeper on a seperate box.

Can you confirm that you have set TVD up correctly, Groupshield running on the information store with the Exchange directories excluded from the filesystem scan.

Also confirm, the users are receiving emails with Klez in them that the local virus checker on their PC detects? Not that they are receiving virus removed emails from groupshield.

You have set groupshield to update/upgrade it's engine and pattern as well as setting up the filesystem scanner to update itself have you?

Do you have a grant number? I know it takes ages to get though to support but I'm sure they would be interested.
0
 
LVL 2

Author Comment

by:jwc02026
ID: 7051005
The client let the subscription end on Goupshield as it was continually getting errors.
Uninstalling it from the workstations has been somewhat difficult.
Given the pat experience of TVD, I am inclined to look elsewhere for a solution.
0
 
LVL 56

Expert Comment

by:andyalder
ID: 7051177
>The client let the subscription end on Groupshield as it was continually getting errors.

That's believable, if you keep updating the signature file but not the engine it tends to crash the server.

No wonder it doesn't catch Klez, the 2 year old virus checker on my home PC doesn't catch it either! ScanMail (as others have suggested) might be the best solution although I like to have a different checker on the servers than on the workstations and a 3rd one on the mail. (actually mailsweeper lets you run half a dozen independant virus checkers on inbound mail but it ain't cheap and uses much CPU).
0
 
LVL 2

Author Comment

by:jwc02026
ID: 7188111
Thanks for the quick response jp!
I have downloaded and installed the Trend scanmail
It works very well.
What really sold me on them was the support.
I sent a simple message to support and they will not let it go!
They contact me constantly asking how it’s going!
I've never encountered such a strong support structure!
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question