eTrust - Lagging Virus Definitions
Stefan Zauchenberger
stefanzman at yahoo.com
Fri Mar 5 02:56:56 GMT 2004
Have a look at this article:
http://itmanagement.earthweb.com/columns/executive_tech/article.php/3316511
--- Nathan Johanson <nathan at TCPNETWORKS.NET> wrote:
> Just a heads up for eTrust users... While this is
> indicative of other
> AntiVirus vendors recently, they finally got around
> to releasing
> definitions for W32/Beagle.J and variants). These
> things were blowing
> right past my system. I finally blocked zip files
> altogether until I've
> had a chance to upgrade to the latest release.
>
> Maybe my expectations are too high, but this is
> inexcusable. I saw the
> first virus of this type enter my system on Mon
> 03/01/04. It took
> Computer Associates just about four days to release
> definitions that
> would detect it. A sorry state of affairs.
>
> ====
>
>
> This is to notify you of the results of your
> submission, issue number
> 298013.
>
> With regards to the file "Mandy.zip" submitted by
> you on 04 Mar
> 18:21:00 (Australian Eastern Standard Time), we have
> added cure
> instructions for Win32/Bagle.ZIP.Worm to the
> signature files for the
> InoculateIT engine.
>
> The PkWare Zip Archive file "Mandy.zip" has been
> determined to be
> malicious. The file has been identified as ZIP.Bagle
> worm.
>
> Aliases reported by other AV products are listed
> here:
> (Win32/Bagle.gen.zip) (W32/Bagle.h!pwdzip)
> (W32.Beagle.F at mm)
>
> CA antivirus products address this malware as
> follows:
>
------------------------------------------------------
>
> eTrust Antivirus 6.x/v7 (Vet Engine)
> Engine Update version Last
> Update
> 11.4.0 11.4.8187 04
> Mar
>
> eTrust Antivirus 6.x/v7 (InoculateIT Engine)
> Engine Update version Last
> Update
> 23.64.0 23.64.29 05
> Mar
>
> Inoculan/InoculateIT 4.x
> Engine Update version Last
> Update
> 46.0* 46.29* 05
> Mar
> * Limited ability to cure infections, i.e.
> cleaning Windows
> registry. CA will be dropping support for this
> product, please read
>
> http://support.ca.com/techbases/ilnt/ino_drop.html
>
>
> This automated scanning service "Virtue" complements
> our regular
> technical support service. It is not a replacement
> for it. If the
> automatic responses you receive are incomplete or
> irrelevant to your
> query, a technician will contact you. If you have
> further queries,
> please submit them with reference number 298013 in
> "Plain Text" email
> format to virus at ca.com.
> Users of Microsoft Outlook/Outlook Express can
> configure the outgoing
> email format in the
> Tools|Options...|Send|Mail Sending Format...
> menu. To improve your security we recommend sending
> email in "Plain
> Text" format only. .
>
> If you would like to comment on the quality of this
> automated service,
> please send email to virtue.feedback at ca.com.
>
> eTrust Global Antivirus Research Team
> Computer Associates
>
> This is to notify you of the results of your
> submission, issue number
> 298013.
>
> With regards to the file "Mandy.zip" submitted by
> you on 04 Mar
> 18:21:00 (Australian Eastern Standard Time), we have
> added cure
> instructions for Win32/Bagle.ZIP.Worm to the
> signature files for the
> InoculateIT engine.
>
> The PkWare Zip Archive file "Mandy.zip" has been
> determined to be
> malicious. The file has been identified as ZIP.Bagle
> worm.
>
> Aliases reported by other AV products are listed
> here:
> (Win32/Bagle.gen.zip) (W32/Bagle.h!pwdzip)
> (W32.Beagle.F at mm)
>
> CA antivirus products address this malware as
> follows:
>
------------------------------------------------------
>
> eTrust Antivirus 6.x/v7 (Vet Engine)
> Engine Update version Last
> Update
> 11.4.0 11.4.8187 04
> Mar
>
> eTrust Antivirus 6.x/v7 (InoculateIT Engine)
> Engine Update version Last
> Update
> 23.64.0 23.64.29 05
> Mar
>
> Inoculan/InoculateIT 4.x
> Engine Update version Last
> Update
> 46.0* 46.29* 05
> Mar
> * Limited ability to cure infections, i.e.
> cleaning Windows
> registry. CA will be dropping support for this
> product, please read
>
> http://support.ca.com/techbases/ilnt/ino_drop.html
>
>
> This automated scanning service "Virtue" complements
> our regular
> technical support service. It is not a replacement
> for it. If the
> automatic responses you receive are incomplete or
> irrelevant to your
> query, a technician will contact you. If you have
> further queries,
> please submit them with reference number 298013 in
> "Plain Text" email
> format to virus at ca.com.
> Users of Microsoft Outlook/Outlook Express can
> configure the outgoing
> email format in the
> Tools|Options...|Send|Mail Sending Format...
> menu. To improve your security we recommend sending
> email in "Plain
> Text" format only. .
>
> If you would like to comment on the quality of this
> automated service,
> please send email to virtue.feedback at ca.com.
>
> eTrust Global Antivirus Research Team
> Computer Associates This is to notify you of the
> results of your
> submission, issue number
> 298013.
>
> With regards to the file "Mandy.zip" submitted by
> you on 04 Mar
> 18:21:00 (Australian Eastern Standard Time), we have
> added cure
> instructions for Win32/Bagle.ZIP.Worm to the
> signature files for the
> InoculateIT engine.
>
> The PkWare Zip Archive file "Mandy.zip" has been
> determined to be
> malicious. The file has been identified as ZIP.Bagle
> worm.
>
> Aliases reported by other AV products are listed
> here:
> (Win32/Bagle.gen.zip) (W32/Bagle.h!pwdzip)
> (W32.Beagle.F at mm)
>
> CA antivirus products address this malware as
> follows:
>
------------------------------------------------------
>
> eTrust Antivirus 6.x/v7 (Vet Engine)
>
=== message truncated ===
__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you’re looking for faster
http://search.yahoo.com
More information about the MailScanner
mailing list