Hello Kelly..... I am using the Antigen Product version 6.2 running on Windows 2000 Advanced Server with Exchange 5.5 Service Pack 4.
I am using the Mcafee 4x and Sophos scanning engines. Updated this morning at 5am. I am running Norton Antivirus on the local machine (also updated this morning). I received an email today from "Paul Brunton" at this address <[EMAIL PROTECTED]> from this server: Received: from e1h2p64.scotland.net ([148.176.234.65] helo=aol.com) by smtp.scotland.net with smtp (Exim 3.33 #1) The email appears to be infected with the Badtrans virus: "Norton AntiVirus removed the attachment: Unknown0289.data. The attachment was infected with the W32.Badtrans.B@mm virus." It was coded to take advantage of a Mime vunerability because it attempted to download a file after simply clicking on the mail. I have two questions. First, Do I have something configured incorrectly on my Exchange Server that kept it from detecting this virus? Second, Does anyone know how I can dissect this infected message further to determine exactly what the message is trying to do? Thanks. Murphy _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
