For what it's worth, this sort of false-negative isn't just an ETrust issue. Over the past few months I've observed a new style of virus emerge that easily evades Norton, AVG and Trend products. Typically the payloads are keyloggers or browser hijackers, but there is something about how they emerge that seems to be a few steps ahead of the AV products. I've been able to combat this by turning off embedded pictures within our company email and using the firewall to restrict image searches. My suspicion is that they are being passed around with porn photos ( automotive dealer staff scoping out porn? Who would have thought? ). In any event, this approach seems to have worked as I haven't seen a new outbreak since.
David Smith Systems Administrator Doan Family of Dealerships (585) 352-6600 ext.1730 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stephen Weeks Sent: Tuesday, January 29, 2008 4:34 AM To: [EMAIL PROTECTED] Subject: [NF] Nice Virus Story Hi All, Its been a while since ive posted, but I have been lurking diligently :). The Group I work for has recently purchased ANOTHER company making 5 I have to develop for. Just 2 weeks ago we discovered that we were the proud owners of the Sality virus, or should I say viruses, we had more that one strain. The entire groups network had to be taken down and each server,desktop and laptop had to be scanned individualy, GRRREEAAAT FUN. Some of them had to have the hard disk reformatted and Windows re-installed as the virus was found to be re-spawning. I thought this would be worth a mention as Im sure some of you are saying "hummpphh, obviously didnt have virus protection"...WRONG...We did in fact deploy CA's Etrust virus scanner, which told me that for example my laptop was clean, we donwloaded a trial of Sophos and it happily told me I had 1400 infected files...hooorah. The moral of the story is If any of you are using ETrust, get rid of it. We are almost fully back up and running now, the doctor has reduced my medication and put me on a nerve tonic :) -- Stephen Weeks [EMAIL PROTECTED] -- http://www.fastmail.fm - The way an email service should be [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[EMAIL PROTECTED] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
