16 Jul 01 16:52
I am the system administrator of a small company with 20 PCs on the network. One of our PCs was infected with the W32/magistr@MM virus. Here are my comments/questions surrounding this virus:
1) This computer's virus engine and definition files were updated with superdat4141.exe on June 6, 2001. This upgraded the scan engine to 4.1.40 and the most recent definition files.
2) The user opened up his email
3) McAfee detected and cleaned the virus.
4) The user opened up the SULFNBK.exe attachment after the virus was cleaned
5) The system locked and the PC was rebooted.
6) I noticed that 17 directories had been moved from C:\ or C:\Windows. One of them was C:\Program Files, which lead to several messages upon booting that files were missing.
7) After these directories were moved back, all was fine.
My question is.......what good is virus scan software if it doesn't protect your PC? And what good is it to keep the .dat files up to date?
A somewhat unrelated question is.....I try to tell all of our users not to open up any .exe files attached to their emails. But when an email is opened and the attached file is at the bottom, the entire file name does not show, so how are users supposed to tell if it is an .exe or not? We are using Outlook.