• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

New Virus?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Originally posted by: Shaotai
Symantec's phone system is now down!!! 😀
Too many callers??

BTW: 2/28/05 defs for Symantec won't catch it... I'm betting that about 11:30PM PST some new liveupdate and production defs should be out...
Click to expand...

Did you get a copy of the file also Shaotai? If you want it for testing let me know.

 
Originally posted by: Dean
Originally posted by: Shaotai
Symantec's phone system is now down!!! 😀
Too many callers??

BTW: 2/28/05 defs for Symantec won't catch it... I'm betting that about 11:30PM PST some new liveupdate and production defs should be out...
Click to expand...

Did you get a copy of the file also Shaotai? If you want it for testing let me know.
Click to expand...


Yup, got 3 copies, all the same... 🙂
 
Originally posted by: Shaotai
Originally posted by: Dean
Originally posted by: Shaotai
Symantec's phone system is now down!!! 😀
Too many callers??

BTW: 2/28/05 defs for Symantec won't catch it... I'm betting that about 11:30PM PST some new liveupdate and production defs should be out...
Click to expand...

Did you get a copy of the file also Shaotai? If you want it for testing let me know.
Click to expand...


Yup, got 3 copies, all the same... 🙂
Click to expand...

I'm just glad I saw the e-mail come in and not my wife. She opens everything, totally oblivious, thinking the machine cannot get infected as it is running AV.

 
Originally posted by: Dean
I sent the file to two people. Waiting to see if their AV detects it still. This should cause some unwanted fun for me tomorrow morning as I'm a techie for a University.
Click to expand...

I don't know why email worms continue to cause this kind of problem. There are some very simple practices to follow to considerably reduce this stuff.

With an email gateway and internal mail system:
- block (or quarantine/moderate) every Executable attachment
- setup a content filter to block known virus attachment names for worm zip files at time of outbreak
- block all emails coming from your own domain (internal email should never come from the outside!)
- do not reject virus found notices to sender
 
Originally posted by: SagaLore
Originally posted by: Dean
I sent the file to two people. Waiting to see if their AV detects it still. This should cause some unwanted fun for me tomorrow morning as I'm a techie for a University.
Click to expand...

I don't know why email worms continue to cause this kind of problem. There are some very simple practices to follow to considerably reduce this stuff.

With an email gateway and internal mail system:
- block (or quarantine/moderate) every Executable attachment
- setup a content filter to block known virus attachment names for worm zip files at time of outbreak
- block all emails coming from your own domain (internal email should never come from the outside!)
- do not reject virus found notices to sender
Click to expand...

We know how to prevent them, infact all machines on campus are enforced via a Mcafee Epo policy. Students though use alot of web based e-mail and love attachments. We then spend the day quarantining machines and cleaning up the mess as our servers get slammed.

 
Originally posted by: Iron Woode
Originally posted by: Dean
Anyone out there with Mcafee or Nortons want to test this out?
Click to expand...
I am willing to play guinea pig.

Let me know and I will PM you one of my email addys.
Click to expand...
I'm a NAI VirusScan Enterprise user. PM me for my email address.
 
Originally posted by: SagaLore
Originally posted by: Dean
I sent the file to two people. Waiting to see if their AV detects it still. This should cause some unwanted fun for me tomorrow morning as I'm a techie for a University.
Click to expand...

I don't know why email worms continue to cause this kind of problem. There are some very simple practices to follow to considerably reduce this stuff.

With an email gateway and internal mail system:
- block (or quarantine/moderate) every Executable attachment
- setup a content filter to block known virus attachment names for worm zip files at time of outbreak
- block all emails coming from your own domain (internal email should never come from the outside!)
- do not reject virus found notices to sender
Click to expand...

My thoughts exactly... We already have the file blocked at the gateway and now on our mail servers... Only one recorded infection out of a possible 20,000 desktops/laptops is not too shabby... Of course, most of the infected mail is now coming after normal work hours so that is helping us out too...

 
Trend Micro will be calling this TROJ_BAGLE.A and should have control patterns in place in about 30 mins... Pattern file is 2.455.02. Here's their link to the virus.
Trend Link

Symantec does has some Rapid Release definitions available, and they do catch it, but it will only work on Corp Edition. Production definitions and LiveUpdate are pending...
 
Originally posted by: Shaotai
Trend Micro will be calling this TROJ_BAGLE.A and should have control patterns in place in about 30 mins... Pattern file is 2.455.02. Here's their link to the virus.
Trend Link

Symantec does has some Rapid Release definitions available, and they do catch it, but it will only work on Corp Edition. Production definitions and LiveUpdate are pending...
Click to expand...

I use that at work... intelligent updater service for Corporate 8 NAV. :thumbsup:
 
Originally posted by: CraigRT
Originally posted by: Shaotai
Trend Micro will be calling this TROJ_BAGLE.A and should have control patterns in place in about 30 mins... Pattern file is 2.455.02. Here's their link to the virus.
Trend Link

Symantec does has some Rapid Release definitions available, and they do catch it, but it will only work on Corp Edition. Production definitions and LiveUpdate are pending...
Click to expand...

I use that at work... intelligent updater service for Corporate 8 NAV. :thumbsup:
Click to expand...
I like Norton Corp edition.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top