文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
首页
学习
活动
专区
圈层
工具
MCP广场
返回腾讯云官网
社区首页 >问答首页 >Exchange队列

Exchange队列
EN

Server Fault用户
提问于 2010-07-08 13:59:45
回答 1查看 900关注 0票数 2

我最近把公司升级为AVG业务。它工作的很好,对垃圾邮件有很大的帮助。我注意到,我们的交换服务器队列大约每十分钟就会感染一次。两个问题:

  1. 我无法清除感染,除非重新启动,这将占用电子邮件约30分钟。(不可接受)我理解这是因为文件无法访问,但它们都来自哪里?
  2. 这是我们网络上的机器人还是收到的邮件?

最后,我是否应该关心这件事?我觉得这可能是我们网络上的垃圾邮件机器人。

代码语言:javascript
运行
复制
Scanned object                                                                          Infection                           State                           Detection time           Object type              Process 

c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\e0312449-cd97-45ea-8274-1b9f9a44e1eb  Virus found JS/Obfuscated   Moved to Virus Vault    2010-07-07 13:21:20     file    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\e0312449-cd97-45ea-8274-1b9f9a44e1eb  Virus found JS/Obfuscated   Object is inaccessible.     2010-07-07 13:38:19     file    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\e0312449-cd97-45ea-8274-1b9f9a44e1eb  Virus found JS/Obfuscated   Object is inaccessible.     2010-07-07 13:38:12     file    C:\WINDOWS\Explorer.EXE
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\e59d5870-81b2-4c56-b330-ec4e9ebbe9bc  Virus found JS/Obfuscated   Moved to Virus Vault    2010-07-07 13:21:20     file    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\ebfafd55-5a91-4786-9827-9a8dfe3b8884  Virus found JS/Obfuscated   Moved to Virus Vault    2010-07-07 13:21:20     file    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\ed35ea91-f4b3-4139-8c82-81cdc14ab6ca  Virus found JS/Dropper  Moved to Virus Vault    2010-07-07 13:21:21     file    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\ef25b8d0-c327-458f-a7db-39e0579c0398  Virus found JS/Dropper  Moved to Virus Vault    2010-07-07 13:21:21     file    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\fc76582c-f1d1-483d-8a62-910e2a10e054  Virus found JS/Obfuscated   Moved to Virus Vault    2010-07-07 13:21:21     file    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_02fe480101cb1dee00000a3b.EML     Virus found JS/Obfuscated   Reboot is required to finish the action     2010-07-07 13:21:28     file    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_02fe480101cb1dee00000a3b.EML     Virus found JS/Obfuscated   Reboot is required to finish the action     2010-07-07 12:42:31     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_02fe480101cb1dee00000a3b.EML     Virus found JS/Obfuscated   Reboot is required to finish the action     2010-07-07 13:02:46     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_02fe480101cb1dee00000a3b.EML     Virus found JS/Obfuscated   Reboot is required to finish the action     2010-07-07 12:28:30     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_02fe480101cb1dee00000a3b.EML     Virus found JS/Obfuscated   Reboot is required to finish the action     2010-07-07 13:11:20     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_02fe480101cb1dee00000a3b.EML     Virus found JS/Obfuscated   Reboot is required to finish the action     2010-07-07 13:23:44     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e3ae89401cb1ddd00006f44.EML     Virus found JS/Dropper  Reboot is required to finish the action     2010-07-07 10:04:38     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e3ae89401cb1ddd00006f44.EML     Virus found JS/Dropper  Reboot is required to finish the action     2010-07-07 10:03:33     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e3ae89401cb1ddd00006f44.EML     Virus found JS/Dropper  Infected    2010-07-07 11:44:34     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 06:56:59     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 06:25:44     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:09:52     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 07:24:49     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:45:53     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:08:35     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:32:58     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 06:16:11     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 07:15:49     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 05:06:17     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 06:06:30     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:31:44     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 05:58:31     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 07:06:32     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:30:30     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 06:07:36     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:07:13     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 07:05:25     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:05:59     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 09:42:03     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 05:48:29     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 03:14:49     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 06:47:24     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:04:39     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 02:03:15     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-07 18:03:21     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 05:28:25     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 02:11:11     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 06:36:12     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 05:37:59     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 02:21:40     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 09:52:02     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 02:32:04     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 05:16:18     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 02:53:37     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 03:33:01     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 03:03:47     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 03:24:54     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 04:26:40     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 09:43:13     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 09:31:32     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 09:00:37     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 08:51:02     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 08:31:28     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 08:23:08     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 08:22:00     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 08:12:26     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 08:03:57     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 07:54:22     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 07:45:51     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_0e50580e01cb1e20000033eb.EML     Virus found JS/Dropper  Infected    2010-07-08 07:35:51     file    C:\WINDOWS\system32\inetsrv\inetinfo.exe

更新:我还没有在Windows 2003与Exchange2003的R2上正确安装AVGBusinessInternetSecurity9.0。它似乎需要添加/安装到管理控制台中的应用服务器部分。有人能说明一下如何做到这一点吗?

**最后更新

这是AVG的回复:)

亲爱的客户,您所引用的文件avg_ipw_stf_all_90_839a2960.exe是用于工作站和文件服务器的安装文件。

您应该在Exchange上安装的文件是Edition (文件名avg_msw_stf_all_90_839a2960.exe,它附带用于扫描Exchange和反垃圾邮件插件的插件)。请下载以下文件并将其部署到您的Exchange中,以便在Application组中正确显示:http://download.avg.com/filedir/inst/avg_生活垃圾_stf_全_90_839a2960.exe**

windows
EN

回答 1

Server Fault用户

回答已采纳

发布于 2010-07-08 14:16:23

你看到的是带有病毒的邮件。这些还没有传染给交易所,他们的目的是侵扰客户。听起来,AVG业务并没有以应有的方式来处理它。它将每个文件作为一个真正的感染活动有效负载,而不是一个被动有效载荷。这在很大程度上与Exchange不兼容(而且,您也没有提到Exchange版本)。

就AVG而言,应该与Exchange一起工作的产品是AVG Internet Security Business Edition 9.0。如果这是实际运行的内容,则需要重新配置它以使用VSAPI扫描,而不是文件级扫描(方便手册第177页)。或者,如果您在Exchange 2007/2010,则使用路由传输扫描程序。

票数 3
EN
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://serverfault.com/questions/158554

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2025 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 深公网安备号 44030502008569

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号 | 京公网安备号11010802020287

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档