Netsky viruses in Exchange log files - what to do?

I ran Trend's C/S/M Suite on our SBS2000 server, it found two viruses in c:\program files\exchsrvr\mdbdata\e00001047.log (worm_netsky.dam)  and  e00001054.log  (html_netsky.p).

Yes, I know I'm not supposed to run AV software on the exchsrvr folder, oops.

When I look in the mdbdata folder, I do not see those two log files!

Yesterday I did a backup of the Exchange databases.

Please give me some advice.  Why don't I see the log files?  Should I delete them?  Can they infect my network if they are in log files?

Thanks for sage wisdom and hard-won advice.


SydDAsked:
Who is Participating?
 
marc_nivensConnect With a Mentor Commented:
First off, stop scanning the mdbdata folder immediately.  It will eventually quarantine the e00.log and crash the store.  If file level AV found netsky in a log file, it means that someone sent an email to the server with the netsky virus.  Any Exchange aware AV application should be able to catch and delete these.
0
 
Pete LongTechnical ConsultantCommented:
Hi enoch,
Access security settings in Internet Explorer by clicking Tools ("View" in earlier versions of IE) > Internet Options > Security (tab) > click the "Custom Level" button

Allow META REFRESH: set to disable

Cheers!
0
 
Pete LongTechnical ConsultantCommented:
oops sorry wrong Q :(

Pete
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
SydDAuthor Commented:
ok, Pete, but now you owe me an answer!
0
 
Pete LongConnect With a Mentor Technical ConsultantCommented:
mmmm its not good policy to have AV scanning various Exchange files cause it thinks thay are virus'd
have you tried running stinger?
0
 
SydDAuthor Commented:
Thank you.  I will stop it.  
Should I attempt to recreat the missing log files?

0
 
Pete LongTechnical ConsultantCommented:
ThanQ
0
All Courses

From novice to tech pro — start learning today.