We run Exchange 2000 on Windows 2000 Server. Groupshield 6.0 and VirusScan Enterprise 7.1 also run on this server. I get several daily virus alerts from this server looking like this:
[The file C:\WINNT\Temp\MMMB6D8.tmp is infected with the Exploit-MIME.gen.c Program. Undetermined clean error, quarantine failed. Detected using Scan engine version 4.3.20 DAT version 4381.(from XXXX IP 192.168.1.3 user NT AUTHORITY\SYSTEM running VirusScan EntSv 7.1.0 OAS)]
The file names change. I have run full scans on the server and come up clean... is this a worm? Is the winnt\temp folder where GroupShield is placing temp files and VSE is snatching them up? The NAI kbase talks about the MIME exploit from HTML email- but we never read email on this server. Any ideas?
[The file C:\WINNT\Temp\MMMB6D8.tmp is infected with the Exploit-MIME.gen.c Program. Undetermined clean error, quarantine failed. Detected using Scan engine version 4.3.20 DAT version 4381.(from XXXX IP 192.168.1.3 user NT AUTHORITY\SYSTEM running VirusScan EntSv 7.1.0 OAS)]
The file names change. I have run full scans on the server and come up clean... is this a worm? Is the winnt\temp folder where GroupShield is placing temp files and VSE is snatching them up? The NAI kbase talks about the MIME exploit from HTML email- but we never read email on this server. Any ideas?