Malware and Virus RemovalProblems removing malware/viruses? Get help from our Malware removal experts.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
During a routine deep virus scan we discovered two trojans in Exchange log files and we are not sure how to handle it. The virus report displays the following:
HTML ZEROLIN C C:\Program Files\Exchngsvr\mdbdata\E00000593.log 8/27/2004
JS ZEROLIN A C:\Program Files\Exchngsvr\mdbdata\E00006f1.log 9/27/2004
It is my understanding that neither of these is "cleanable." The general recommendation is to delete the files containing these trojans, however, I am under the impression that to delete these two log files could wreck havoc in my Excahnge Server.
Some advice would be appreciated.
Didn't find the information you thought to find? Check out these Similar Threads
Not sure about the criticality of those exchange log files but if your exchange server is any where near up to date on security patches, you should be safe enough. Pretty good discussion of this critter Here but basically it appears that if you have applied MS03-040, MS04-013, MS04-025 you will be OK.
I'm also unsure what deleting the logs would do, but the JS ZEROLIN A C:\Program Files\Exchngsvr\mdbdata\E00006f1.log 9/27/2004 file is very suspicious looking for sure. Notice it's dated for the 27th of this month, yet it's only the 17th? I personally would open them and try to locate the infection. No doubt some scripting, and should be able to spot it and edit it out.
