SolverSurfer
asked on
Virus in Exchange Server
Hi,
Just curious to wonder if virus has been contained on our Exchange Server. Before I have installed the Symantec Mail Security for Exchange we have Symantec Antivirus Corporate Edition running on the server. The Corporate edition was useless in detecting viruses in the Exchange Server. Even I did a full system scan excluding the M-drive, the corporate edition still shows the system is clean. Now after installing the Antivirus for the Exchange our server when crazy; detecting all kind of viruses like different variant of Netsky and Beagle viruses. The Antivirus for the Exchange seems to delete the files fine for what every viruses that was generating the alerts. I have tried to do a manual scan on the Exchange Server using the Antivirus for the Exchange a day after now it too is not detecting any virus. Should I say it is safe that our server is now virus free? I have sanned all of the client's computers using the corporate edition and show no sign of virus infection. Is it safe to say that the network is now free of viruses? What can I do to ensure this if I am using both the corporate edition and the antivirus for the exchange to scan and show no sign of infection. What other step do I need to take to gurantee that the server is virus free?
Nicolas
Just curious to wonder if virus has been contained on our Exchange Server. Before I have installed the Symantec Mail Security for Exchange we have Symantec Antivirus Corporate Edition running on the server. The Corporate edition was useless in detecting viruses in the Exchange Server. Even I did a full system scan excluding the M-drive, the corporate edition still shows the system is clean. Now after installing the Antivirus for the Exchange our server when crazy; detecting all kind of viruses like different variant of Netsky and Beagle viruses. The Antivirus for the Exchange seems to delete the files fine for what every viruses that was generating the alerts. I have tried to do a manual scan on the Exchange Server using the Antivirus for the Exchange a day after now it too is not detecting any virus. Should I say it is safe that our server is now virus free? I have sanned all of the client's computers using the corporate edition and show no sign of virus infection. Is it safe to say that the network is now free of viruses? What can I do to ensure this if I am using both the corporate edition and the antivirus for the exchange to scan and show no sign of infection. What other step do I need to take to gurantee that the server is virus free?
Nicolas
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi!
Just to add a note to nedvis' good advice above:
before you run "Rootkit Revealer"; change it's name to something random and
then run it - something like -domqklyuosde.exe
Some of these rootkits are being configured to block "Rootkit Revealer"! :(
"HackerDefender" in particular.
Good luck!
RF
Just to add a note to nedvis' good advice above:
before you run "Rootkit Revealer"; change it's name to something random and
then run it - something like -domqklyuosde.exe
Some of these rootkits are being configured to block "Rootkit Revealer"! :(
"HackerDefender" in particular.
Good luck!
RF
Hi!
Well, you don't have to worry about changing "Rootkit Revealer's" name -
Sysinternals has already fixed that:
http://blogs.msdn.com/robert_hensing/archive/2005/03/23/400934.aspx
Cheers!
RF
Well, you don't have to worry about changing "Rootkit Revealer's" name -
Sysinternals has already fixed that:
http://blogs.msdn.com/robert_hensing/archive/2005/03/23/400934.aspx
Cheers!
RF
-Si.