We have a Win 2000 domain controller that is also the exchange server that for the last 2 weeks has shown virus activity in the wekly scans. The scan reports it as mydoom 2 weeks ago there were 128 items in quarantine, this week there were 10. One example of the quarantined file is: 003a85229190112200600000008.BAD and it is found in: D:\Program Files\Exchsrvr\Mailroot\vsi 1\BadMail\
There are also some netsky files found. We have run the removal tool for mydoom and it says none found. Users continue to get spam like emails, is there anything we can try? They are running SAVCE server on the machine.