Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Exchange 2000 virus recovery HELP

Posted on 2009-05-13
4
Medium Priority
?
325 Views
Last Modified: 2013-11-22
I have Exchange 2000 installed which was recently hit with some virus's.  Kaspersky found email -worm Win32.Klez and many trojans in Exchsrvr\Mailroot\Vsi\Badmail.  Kaspersky reorts that the threats have been nuetralized, but upon reboot, detects the threats over again.  I have tried to delete all files in the badmail folder, but can not access it.  Also, I can not start the information store service because I can not start the system attendant service.  I keep getting a 1053 error:The service did not respond to the start or control request in a timely fashion.

I have run another Kaspersky virus program targeted for the Win32.Klez  virus which was command based.  It found the virus and instructed me to rebott to nuetralize.  Yet on reboot, Kaspersky again finds the threat.

Can anyone offer any advice as to how I should proceed?
0
Comment
Question by:Cicio1412
  • 2
4 Comments
 
LVL 65

Accepted Solution

by:
Mestha earned 2000 total points
ID: 24377110
Stop all of the Exchange services.
Stop all of the AV services.
HARD DELETE the badmail directory (SHIFT DEL).

Then restart the Exchange services. Exchange will recreate the directory if it is required.

If you cannot stop the AV then exclude the directory from the realtime scan.

Simon.
0
 

Author Comment

by:Cicio1412
ID: 24377929
I was able to finally delete the Badmail folder contents via a command line.  So now the folder is empty.  However, I still can not start any of my exchange services.  I still get the 1053 error:The service did not respond to the start or control request in a timely fashion whe I try to start the system attendant.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24378942
That may well be something completely unrelated.
Something should be logged when the service tries to start.

Simon.
0
 
LVL 15

Expert Comment

by:xmachine
ID: 24379246
Hi,

Check this:

http://support.microsoft.com/kb/886695



Experts-Exchange Certified Anti-Virus Master
Experts-Exchange Certified Symantec Anti-Virus Master
Symantec Certified Specialist
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question