Is it a real outbreak? Everything I can find about that name is really old. Bad defs from Sophos resulting in false positives?
On Sep 4, 2016 7:34 AM, "Beard, Julius" <[email protected]> wrote: > Yep, we’re seeing the same on a number of machines running Sophos. I see > they updated their KB article in Threat Center last night, but now it goes > to a 404 page. > > > > You get any response from them? > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Kelsey, John > *Sent:* Sunday, September 4, 2016 12:16 AM > *To:* '[email protected]' <[email protected]> > *Subject:* [NTSysADM] Outbreak > > > > We’re seeing a massive outbreak of Troj-FarFli-CT tonight, affecting > winlogon.exe. Sophos doing a poor job of stopping it so far. Anyone else > seeing similar? > > Tons of our VMs are getting infected. On hold for over 30 minutes waiting > for Sophos support right now. > > > > *************************************** > *John C. Kelsey* > > Penn Highlands Healthcare > (: 814.375.3073 > 2 : 814.375.4005 > *: [email protected] > *************************************** > > [image: PHH ESig Logo 150dpi] > > > > This email and any attached files are sensitive in nature and intended solely > for the intended recipient(s). If you are not the named recipient you should > not read, distribute, copy or alter this email. Any views or opinions > expressed in this email are those of the author and do not represent those of > Penn Highlands Healthcare or its affiliates.. Warning: Although precautions > have been taken to make sure no viruses are present in this email, the > company cannot accept responsibility for any loss or damage that arise from > the use of this email or attachments. > >
