Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 193
  • Last Modified:

Netsky viruses in Exchange log files - what to do?

I ran Trend's C/S/M Suite on our SBS2000 server, it found two viruses in c:\program files\exchsrvr\mdbdata\e00001047.log (worm_netsky.dam)  and  e00001054.log  (html_netsky.p).

Yes, I know I'm not supposed to run AV software on the exchsrvr folder, oops.

When I look in the mdbdata folder, I do not see those two log files!

Yesterday I did a backup of the Exchange databases.

Please give me some advice.  Why don't I see the log files?  Should I delete them?  Can they infect my network if they are in log files?

Thanks for sage wisdom and hard-won advice.


0
SydD
Asked:
SydD
  • 4
  • 2
2 Solutions
 
Pete LongConsultantCommented:
Hi enoch,
Access security settings in Internet Explorer by clicking Tools ("View" in earlier versions of IE) > Internet Options > Security (tab) > click the "Custom Level" button

Allow META REFRESH: set to disable

Cheers!
0
 
Pete LongConsultantCommented:
oops sorry wrong Q :(

Pete
0
 
SydDAuthor Commented:
ok, Pete, but now you owe me an answer!
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
Pete LongConsultantCommented:
mmmm its not good policy to have AV scanning various Exchange files cause it thinks thay are virus'd
have you tried running stinger?
0
 
marc_nivensCommented:
First off, stop scanning the mdbdata folder immediately.  It will eventually quarantine the e00.log and crash the store.  If file level AV found netsky in a log file, it means that someone sent an email to the server with the netsky virus.  Any Exchange aware AV application should be able to catch and delete these.
0
 
SydDAuthor Commented:
Thank you.  I will stop it.  
Should I attempt to recreat the missing log files?

0
 
Pete LongConsultantCommented:
ThanQ
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now