I have discovered that my anti-virus program was not doing its job and now I have a virus that shows up as W32/Netsky.p.eml!exe. I am currently using Trend Micro's Office Scan Corp edition. I am evaluating other AV options and have a trial version of Symantec Mail Security for Exchange running as well as McAfee. I have a trial version of Symantec AV corp. on the way. All of these programs are picking up the viruses, but are not getting rid of it. Most of the uncleanable, undeletable, etc files show up in the Exchange Que. How do I get rid of this and stop it. It is driving me nuts! Thanks!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Netsky.p.eml!exe 1
- Thread starter ms7212
- Start date
-
1
- #2
On my own network, I'm runnning Symantec AV for Exchange (on the exchange server, obviously), and also Symantec client security on all of the workstations, which fetch definitions from another central server.
I've also noticed a lot of virus variants now confuse the scanning engine of the Exchange AV, and don't get detected until a user opens up their mail client, at which point the secondary AV picks them up right away.
My only advice is to perhaps consider a layered approach to detection, kind of a safety net. That can also be an expensive approach as well.
deletion mistake
no I can't recover that
you didn't save it
-Shrubble
I've also noticed a lot of virus variants now confuse the scanning engine of the Exchange AV, and don't get detected until a user opens up their mail client, at which point the secondary AV picks them up right away.
My only advice is to perhaps consider a layered approach to detection, kind of a safety net. That can also be an expensive approach as well.
deletion mistake
no I can't recover that
you didn't save it
-Shrubble
- Thread starter
- #3
I was actually talking to our Symantec rep a couple of days ago, and he said they were starting to bundle both of the products together in the new release (I think it was just called Symantec Corporate Security or something?).
As far as that variant, ever since the sobigs, netskys, etc... have been out, our antivirus intercepts so many damn viruses on a daily basis, that I would have to searched the logs to see if its hit us or not.
OH- (you may already know this) If you install the corporate security client on your Exchange server (in addition to the Exchange AV), make sure you don't scan the virtual Exchange drive (M
with it, well, because it's virtual!
deletion mistake
no I can't recover that
you didn't save it
-Shrubble
As far as that variant, ever since the sobigs, netskys, etc... have been out, our antivirus intercepts so many damn viruses on a daily basis, that I would have to searched the logs to see if its hit us or not.
OH- (you may already know this) If you install the corporate security client on your Exchange server (in addition to the Exchange AV), make sure you don't scan the virtual Exchange drive (M
with it, well, because it's virtual! deletion mistake
no I can't recover that
you didn't save it
-Shrubble
- Status
Similar threads
- Locked
- Question
- Locked
- Question