Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 545
  • Last Modified:

Free antivirus scanner for exchange server?

We are getting calls from our ISP that we have a virus. We have scanned each and every computer using Panda Activescan Pro online and one PC had 15 virus infections but they appeared to be dormant. The ISP cant tell us what computer it is. The only thing I can think of is that it is our server running exchange. We ran Panda on this and it didn't find a virus. Could there possibly be a virus embedded in our exchange? If so, is there a free way to remove and scan? We have a spam filter that is supposed to scan for viruses and spyware before the mail is passed to our server so I doubt something got through but it is possible.
0
FASTECHS
Asked:
FASTECHS
2 Solutions
 
debuggerauCommented:
I think your question subject might be stumping experts since there is no free AntiVirus for Exchange, and even the ones that are, have issues at times..

Any free Antivirus, if set correctly will give you alarms for queued items, but after that, what is it going to do with them?
If it removed them, exchange errors out..

The only free way i know, is to take it offline and run any of a variety of scanners over ALL files and still it will be with limited success as the database store will not be read.
0
 
Alan HardistyCommented:
If your ISP is telling you that you have a virus, then you probably are sending out spam messages and thus will get blacklisted.  It is very unlikely that your server is sending out spam, more likely to be an infected machine.  Spammers tend to use their own SMTP engine to send out mail, rather than hoping that there will be one on the infected machine.
Have you downloaded and installed MalwareBytes on all machines (www.malwarebytes.org) - it is a free tool and discovers all sorts of unwanted items.
Lock down your firewall to only send out SMTP traffic on port 25 from your exchange server.
Follow Xmachine's advise in the following EE question - especially to download WireShark and sniff for port 25 traffic from all machines:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24463550.html?cid=238#a24606079  

Once all machines are checked and clean and no port 25 traffic is detected with WireShark (other than the server), check your reputation on http://www.mxtoolbox.com/blacklists.aspx to see if you are listed (you probably will be).
You will eventually drop off these listings once no more spam is received but it may take a week or so to get clean.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now