Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

McAfee Virus Scan

Status
Not open for further replies.
shunter40

shunter40

IS-IT--Management
Jan 30, 2001
33
US
I am the system administrator of a small company with 20 PCs on the network. One of our PCs was infected with the W32/magistr@MM virus. Here are my comments/questions surrounding this virus:
1) This computer's virus engine and definition files were updated with superdat4141.exe on June 6, 2001. This upgraded the scan engine to 4.1.40 and the most recent definition files.
2) The user opened up his email
3) McAfee detected and cleaned the virus.
4) The user opened up the SULFNBK.exe attachment after the virus was cleaned
5) The system locked and the PC was rebooted.
6) I noticed that 17 directories had been moved from C:\ or C:\Windows. One of them was C:\Program Files, which lead to several messages upon booting that files were missing.
7) After these directories were moved back, all was fine.

My question is.......what good is virus scan software if it doesn't protect your PC? And what good is it to keep the .dat files up to date?

A somewhat unrelated question is.....I try to tell all of our users not to open up any .exe files attached to their emails. But when an email is opened and the attached file is at the bottom, the entire file name does not show, so how are users supposed to tell if it is an .exe or not? We are using Outlook.
 
Sort by date Sort by votes
The user could have bypassed the virus scan (I have seen it happen, always amazes me why they would want to)

As for the second half of your post, If you are running exchange server, I would look into software like Antigen ( with this type software you can strip off certain file types before they reach the end user.


hth
Rob

p.s.
There are a few differnt makers of this type software, I used Antigen as the example (just because that is what I use)
 
Upvote 0 Downvote
Thanks for the response. The user did not bypass the scan, as I saw the scan in the scanlog. And we do NOT have Exchange.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

RodneyMcSnow
  • Locked
  • Question
Hardware firewall bypassed access to the lan network. Please Help! No it's not a root kit or virus
Replies
1
Views
134
ChrisHirst
ChrisHirst
intel233
  • Locked
  • Question
Mcafee EPO 4.5
Replies
2
Views
126
intel233
intel233
diembi
  • Locked
  • Question
McAfee can stop my not virus process?
Replies
0
Views
92
diembi
diembi
Newtt
  • Locked
  • Question
Installing 3rd party software via McAfee EPO server
Replies
0
Views
89
Newtt
Newtt
Enkrypted
  • Locked
  • Question
SBS 2003 Exchange Virus Scan registry setting
Replies
0
Views
83
Enkrypted
Enkrypted

Part and Inventory Search

Sponsor

Back
Top