seagate.backup.exec.vb.txt

`Date: Tue, 16 Feb 1999 11:59:30 -0800  
From: Jeffrey Monroe <[email protected]>  
To: [email protected]  
Subject: Backup Exec/McAfee Virus  
  
  
We have found that the Seagate Backup Exec virus scanning software (McAfee)  
can delete "non-infected" Visual Basic class files. Anyone creating custom  
software could find that they have lost all their work.  
  
In the Seagate Backup Exec backup log, the "VBA.CLASS.GEN.EXPORT" virus  
signature (by mistake) is found in ALL Visual Basic class files. The virus  
data files from McAfee incorrectly identify, attempt to clean, fail to  
clean, then delete the files. Anyone who has downloaded the Jan. 31st data  
files will have this problem.  
  
Seagate Software claimed their responsibility as such:  
  
"This virus protect is a McAfee product, we just us it in the backup exec  
product. Any more then helping you update the files, and basic trouble  
shooting, the rest is up to McAfee's."  
  
Seagate has replaced their downloadable files with a Jan 15th version.  
  
Here is McAfee's response:  
  
There was an error where we were detecting this in some visual basic files.  
Try getting the current datfiles to see if this corrects it.  
Get the datfiles from: http://beta.nai.com.  
  
As you can see, this one, while protecting you, can cause a lot of damage.  
  
  
Jeffrey Monroe  
MOB Media, Inc.  
  
---------------------------------------------------------------------------------  
  
Date: Tue, 16 Feb 1999 22:08:57 -0600  
From: "Houser, John" <[email protected]>  
To: [email protected]  
Subject: Backup Exec/McAfee Virus  
  
This Technical Advisory just came out from Seagate Software.  
  
  
-----Original Message-----  
>From: BackupExec-WindowsNT  
[mailto:[email protected]]  
<mailto:[mailto:[email protected]]>  
Sent: Tuesday, February 16, 1999 3:25 PM  
To: BackupExec-WindowsNT  
Subject: Seagate Software ** Technical Advisory **  
  
  
Seagate Software ** Technical Advisory **  
TO: Seagate Backup Exec for Windows NT, v7.2 users  
Subject: Virus Scan Option  
  
Dear Valued Customer,  
  
Seagate Software has uncovered a potential data protection issue with one  
specific version of the Network Associates' VirusScan signature file  
incorporated within the virus protection feature of Seagate Backup Exec for  
Windows NT, v7.2. Because product quality and customer responsiveness are  
consistent Seagate Software hallmarks, we take any and all issues very  
seriously and have quickly moved to address them.  
Seagate Software has determined that users who specifically updated their  
virus protection signature files between January 23, 1999 and February 9,  
1999, may experience detection of "phantom" viruses when using the "Clean  
Infected Files" option of the integrated virus protection, within Seagate  
Backup Exec for Windows NT, v7.2. Thus far, testing by Seagate Software has  
shown only Visual Basic "class" files (with .cls extensions) susceptible to  
this "phantom" virus issue.  
The standard operation for the Network Associates' VirusScan API, integrated  
within Seagate Backup Exec for Windows NT v7.2, is to first attempt to clean  
an infected file. Then, files that cannot be cleaned prior to backup are  
logged in the Seagate Backup Exec for Windows NT log file and, as a  
safeguard, removed from the system to prevent further contamination.  
Consequently, when using the specific virus signature files downloaded  
between January 23, 1999 and February 9, 1999, certain Visual Basic "class"  
files are reported as infected and are being removed from the system. These  
files, detailed in the Seagate Backup Exec for Windows NT log file, should  
be restored from a previous backup set.  
It is highly recommended that every customer who uses this integrated virus  
protection option, update to a new release of this file by pressing the  
"update virus protection" button, on the tool bar, from within Seagate  
Backup Exec for Windows NT v7.2.  
By pressing the "update virus protection" button from within Seagate Backup  
Exec for Windows NT, the software will connect, via Internet connection, to  
our technical support Web site and download a new version of the virus  
protection DAT file. In the event that an Internet connection is not  
available where Seagate Backup Exec for Windows NT is installed, you will  
need to follow the instructions on the following link to update the files  
manually:  
http://seer.seagatesoftware.com/tnotes/bewnt/010--100703.htm  
<http://seer.seagatesoftware.com/tnotes/bewnt/010--100703.htm>  
If you specifically updated your virus protection signature files between  
January 23, 1999 and February 9, 1999 and choose not to update the virus  
protection files as documented, it is highly recommended that you disable  
the "virus scanning," "cleaning" and "backup of infected files" functions.  
The procedure for disabling this option is on page 83 of the Seagate Backup  
Exec for Windows NT Administrator's guide. In addition to the manual, a  
detailed explanation of how to disable this option can be found at the  
following link:  
http://seer.seagatesoftware.com/tnotes/bewnt/010--101286.htm  
<http://seer.seagatesoftware.com/tnotes/bewnt/010--101286.htm>  
If you are unsure as to when you downloaded the update, you can check the  
dates of the virus protection files installed on your system to determine if  
they need to be updated. If the files listed below are installed on your  
system, and fall within the modified date specified below, you should update  
virus protection files IMMEDIATLEY.  
File Name Modified Date Bytes  
============================================  
Clean.dat 1-15-99 208,112  
Mcalyze.dat 1-30-98 857,750  
Names.dat 1-15-99 438,224  
Scan.dat 1-15-99 409,513  
  
  
It is important to note that in order for this issue to arise, ALL of the  
following conditions must be met:  
1. Seagate Backup Exec for Windows NT, v7.2 ONLY is installed.  
2. You must have updated your virus signature files between January 23,  
1999 and February 9, 1999.  
3. The 'scan for viruses' option is enabled on your backup jobs.  
4. You must have selected the 'clean infected files' option.  
5. According to our testing, you have Visual Basic 'class' (.CLS) files  
that the virus scanning engine has shown to have the 'phantom' virus.  
  
Restating the conditions in another way, the issue WILL NOT be present if:  
1. You are NOT using Seagate Backup Exec for Windows NT, v7.2.  
2. You did NOT update your signature files between January 23, 1999 and  
February 9, 1999.  
3. You have NOT selected to scan for viruses during backup.  
4. You did NOT select the 'clean infected files' option.  
5. Again, according to our testing, you do NOT have Visual Basic  
'class' (.CLS) files on your system.  
  
In these cases, you will be unaffected by this issue.  
In our effort to contact our customers we are using several communications  
vehicles, thus you may receive multiple forms of this notification. We  
regret any inconvenience this issue and subsequent communications may cause,  
but, like you, we believe that it is better to err on the side of safety,  
than take unnecessary risks when it comes to protecting your valuable data.  
Sincerely,  
Seagate Software  
  
  
  
How to use this mailing list..  
------------------------------------------------------------------  
  
You received this e-mail newsletter as a result of your registration on the  
Seagate Software Information Distribution Center. To unsubscribe, please  
send a reply to this e-mail with the word "unsubscribe" as the first line in  
the body of the message.  
To further define your communication preferences with Seagate Software,  
please  
visit:  
http://maillist.seagatesoftware.com <http://maillist.seagatesoftware.com>  
  
THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY. The information  
contained in this document represents the current view of Seagate Software  
on the issues discussed as of the date of publication. Because Seagate  
Software must respond to change in market conditions, it should not be  
interpreted to be a commitment on the part of Seagate Software and Seagate  
Software cannot guarantee the accuracy of any information presented after  
the date of publication. INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED  
'AS IS' WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING  
BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A  
PARTICULAR PURPOSE AND FREEDOM FROM INFRINGEMENT. The user assumes the  
entire risk as to the accuracy and the use of this document. This document  
may be copied and distributed subject to the following conditions:  
1. All text must be copied without modification and all pages must be  
included.  
2. All copies must contain Seagate Software's copyright notice and any  
other notices provided therein.  
3. This document may not be distributed for profit.  
  
Sincerely,  
Seagate Software Technical Support Team  
  
`