Anti Virus Solution to remove Conficker from Exchange 2003 machine

Hi,
For any of you that might have seen my other post today, I have an  Windows Exchange Server that has been infected with the Conficker Virus.  Because of the infection type that is it, I will likely be rebuilding the box from scratch. On this new box I want to have an Anti Virus program that plays nice with Exchange and won't corrupt my stores and will detect and stop Conficker from infecting it.  
Any suggestions on such a product?
I already will be using GFI Mail Security to keep by users boxes clean, but I need something that will keep the server clean as well.

Suggestions?
Thanks,
Mike
LVL 1
michaelshavelAsked:
Who is Participating?
 
jazzIIIloveCommented:
Hi there;

A group policy will protect you with the help of a good AV...Personally, I am using Kaspersky in my 2008 server...

http://en.wikipedia.org/wiki/Conficker

Please examine the following page:

http://support.microsoft.com/kb/962007

Best regards...
0
 
mrbignCommented:
Trend Micro OfficeScan 8 has an option "Exclude Microsoft Exchange server folders from scanning".  I don't run antivirus on the exchange server preferring regular updates and a good firewall so I don't know how well or if it works.
0
 
michaelshavelAuthor Commented:
mrbign

Thanks.
I too thought it was best to not run an antivirus program on the exchange server.  I've heard of others doing this but some look at me like this is a crazy idea.  Is it a best practice to run it or not to run it?  Do you know?
0
 
mrbignCommented:
I ran AV (Symantec) for a while but a misconfiguration following a server rebuild annoyed me enough to not reinstall it next time. 3 years later I've not regretted that decision (yet, LOL).  I should also note that I admin for a school and not a megacorp so potential loss is on a different scale.

Conficker like most viruses exploits known weaknesses in Windows / IE.  I find firewalls much more effective than AV.  If you firewall Exchange aggressively it should be pretty secure.  That's not to say it'll be completely secure - nothing is.  Most important though is to keep it updated.  Also don't use it as a workstation, IE is locked down for a reason.
0
 
mrbignCommented:
As a follow up - we had an outbreak occur and it managed to infect the exchange server.  It was easily cleaned and no data was lost but I run with AV again now (Trend Micro OFSC 10).  I didn't want to leave my advice out there without people seeing the risks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.