As there's been some discussion of FS2004 & anti-virus apps here recently, let me share this recent experience:Yesterday one of my business clients was hit by MyDoom.F. It was a disaster--the virus randomly deleted hundreds of Word, Excel, Access, and graphics files from their network and connected desktops and laptops. As they hadn't backed up their network since last December, they're really SOL. Once the virus was contained, the best I could do was help them recover the deleted files via a file restore utility, but that only recovered about 75% of their deleted files. They're left to recreate everything else (much weeping, wailing, and gnashing of teeth).I also received several e-mails with MyDoom.F as a zipped attachment. McAfee Pro didn't catch it, even though my virus definitions were less than a week old. A quick update and McAfee immediately identified the virus.Nasty. Don't let this happen to you.-- Walt

Hi Walt,there's definitely some nasty stuff making the rounds. Since last night I received some e-mails containing infected attachments. Some were disuised as a 'delivery failed' notification, one contained the message 'Your name is wrong', another was 'you try to steal'. The infected attachments had the extensions '.eml', '.dat', '.com', but in all cases contained an executable of about 22KB size.I added the senders' ISPs to my banned list, they were 'easynet.be' and 'tiscali.dk.com'. So, the best advice to anyone is to keep your virus definitions up-to-date, and don't open any attachments you don't expect. What also works for me, I have a separate free e-mail address that I use if I need to register an e-mail address with a website etc. I have it set to automatically delete all attachments. This keeps my 'real' address clean and makes dodgy e-mails very easy to spot.Cheers,Gosta. http://www.hifisim.com/images/as2betateam.jpg

One of the best anti-virus programs out there is free--it is simply "education".My WAN users (approx. 1500 strong) have not seen data loss from a virus during the four years I've been with my current company. Anti-virus software is only so good--it will inevitably be behind the "virus of the week" for a few hours or even a few days. That's often the window when the most damage gets done.Prior to my current position, I was a field client/server app instructor. I got sent to many clients that lost a ton of data from virus attacks, and I had a lot of sympathy for them. Many had no local LAN support and sadly I was not allowed to interfere with their local IT policy (or lack thereof) unless I was contracted to set up their LAN. Most of our clients were too cheap to seek that help, which came at a fee far below cost... I'd usually tack on $100 to the final bill for every ten nodes I was asked to install--pretty cheap if you're familiar with setting up LAN's.... But few accepted that offer, wanting to pinch every penny. So quite often, I piggybacked our client/server system on a LAN that had been set up by whoever happened to be the most computer savvy person on my client's staff--often a young school age employee who was more concerned with warez site access than business needs. I made up my mind then that if I ever had control of a LAN or WAN, I would make education part of my role. Many of the things I mention below are discussed in a monthly newsletter I prepare, as well as kept 24/7 at our intranet site.Simple rules will reduce the risk of losing data (or our FS2004 setups) manyfold, to the point where you'd be more likely to get struck by lightning.... These include:~Immediately deleting attachments, regardless of the source, that were not expected or solicited before hand. No one in my company is allowed to send any type of unsolicited attachment. And we strip all attachments from outside email. ~Staying current with all service packs and patches from Microsoft. One local company wanted to wait a month or so to see if one patch introduced problems--they didn't want to be the "first kid on the block" to try it out. Bad call--they got hit and I picked up some extra money being outsourced to help them out. ~Watching where you surf, and not giving the Internet a "blank check". Many don't realize that you can enable some of IE's more advanced scripting features by site. We keep our default IE permissions locked down tight. Sites that we trust and which require advanced IE features are placed in our trusted sites list. In all cases, automatic installation of applications/applets is disabled. Websense is used to block many sites (including some MSFS related ones) that are known to have malicious pop-ups...What's a malicious pop-up? Anything which tempts you to click a button that has script embedded behind it which loads trojans/spyware/etc... on a system. An example might be something like "Do you want to make this page your home page - Yes/No".... You can rest assured that clicking either button will have negative consequences. We can't catch all of these, so we've warned our users the best thing to do is to kill their IE session when such garbage appears.In tandem with these suggestions, we keep our virus definitions updated. However, the in last three attacks there was a period of several hours where they did not detect the infected attachments in our "bait" lab. Education saved us--keeping people informed so they don't place all their eggs in one basket and rely on software alone to save the day.-John

The only time I turn off Norton A/V is when I have to, such as for a program install. Even when off line I still want it running. It's possible for a virus to slip by undected but get spotted and quarteened when it tries to do something nasty to your system, plus I don't see any performance hit from running it. I also have Norton System Works, which includes an app (forget it's name) that monitors your system and supposedly helps prevent problems/crashes. With this running I get like a 40% performance hit in FS, so I don't even install it. When someone says their Anti virus slows down their system I have to wonder if this app is running along with A/V and causing the problem.David

Some good words there John!I also find that using a seperate email reciever; "Mail Washer", is excellent for preventing viral attacks. It allows you to see the mail you get from the server, BEFORE you recieve it on your PC. Not only is it great for seeing all the spam crap that's there but if there's a virus, or even a potential virus, it flags it. Mail Washer allows you to delete all the stuff you don't want from the server, and even 'bounces' it right back to where it came from! In this way, only the emails you want and trust actualy get to your PC...the rest stays at your ISP's server and is deleted.It's a freeware download from any of the reputable download sites, or just do a Google search.

Thanks, John. That's some really good information.-- Walt

...and even 'bounces' it right back to where it came from!... <http://www.stickworks.com