Antivirus software

Discussion in 'Virus Information' started by 2Sweet, Oct 25, 2009.

  1. 2Sweet

    2Sweet Guest

    I am looking for antivirus software for my company servers and workstations.
    Any recommendation which antivirus to use? (Except Symantec Endpoint
    Protection)
     
    2Sweet, Oct 25, 2009
    #1
    1. Advertisements

  2. 2Sweet

    Leythos Guest

    SEPP is a great product if you install it properly, low overhead,
    running on thousands of machines and servers without any issues.

    You should try to keep updated with the latest versions instead of just
    doing definition updates. You get version updates if you bought
    maintenance.
     
    Leythos, Oct 25, 2009
    #2
    1. Advertisements

  3. What exactly is the problem with SEP?
     
    The Central Scrutinizer, Oct 26, 2009
    #3
  4. 2Sweet

    MEB Guest

    It might be beneficial to provide some information like number of
    seats, types of protections needed [full web/private web, FTP servers,
    public/private NNTP, web mail, online purchasing, etc.], the extent of
    user usability/access within the network and for the Internet, and
    similar; and of course whether you have only Microsoft products or
    whether there is a mixed environment to work with [particularly
    server-wise]. Also whether you would like a full suite/enterprise
    package [firewall, etc.] or have other intentions.

    Not the whole detailed setup of course, but an indication for someone
    to work from.
     
    MEB, Oct 26, 2009
    #4
  5. 2Sweet

    2Sweet Guest

    It cannot detect viruses/worms. Whille other antivirus product can detect.

    Eg.
    Users scan external drives using company SEP, no virus found. When used
    plug-in to their home PC, it detects virus.
     
    2Sweet, Oct 26, 2009
    #5
  6. 2Sweet

    2Sweet Guest

    Mainly to protect servers and workstations files from infected. No need
    firewall, email,ftp etc.


     
    2Sweet, Oct 26, 2009
    #6
  7. 2Sweet

    Leythos Guest

    LOL - There isn't a single Anti-Virus/Malware product that will detect
    everything, but SEPP 11.4 and 11.5 are about as good as it gets from any
    vendor.

    Since you didn't give specifics of "what plug-in" or "what virus" we
    can't tell if it was a false detection or if you were being scammed by
    fake anti-malware tools.

    In more than 2 decades of using Symantec Corporate AV products, we've
    never had a virus on any computer we managed (thousands) - and that's
    due to Symantec combined with standard security practices.

    When testing on unmanaged computers - Symantec was the only product that
    protected computers 99.9% of the time vs all other products.
     
    Leythos, Oct 26, 2009
    #7
  8. From: "2Sweet" <>

    | It cannot detect viruses/worms. Whille other antivirus product can detect.

    | Eg.
    | Users scan external drives using company SEP, no virus found. When used
    | plug-in to their home PC, it detects virus.


    OK, what EXACTLY is detected (malware name) and what is the fully qualified name and path
    of the file(s) deemed to be infected ?
     
    David H. Lipman, Oct 26, 2009
    #8
  9. 2Sweet

    2Sweet Guest

    Sophos antivirus software detected an infected file "backupuser.exe" as
    Mal/Behav-285.
     
    2Sweet, Oct 26, 2009
    #9
  10. 2Sweet

    2Sweet Guest

    Currently using SEP version 11.0.2010.25.
    These have been many times already that users reported that our SEP cannot
    detect while their antivirus can detected virus.
     
    2Sweet, Oct 26, 2009
    #10
  11. If you had said it still does not detect malware in autorun.inf
    files on USB drives or similar, I may have gone alone with it.

    Or if you had said other products (like avast) will find java
    scripts left over when symantec claims to clean Fake AV stuff
    I also may have gone with you.

    But frankly what you wrote is just crazy looney stuff!
     
    The Central Scrutinizer, Oct 26, 2009
    #11
  12. 2Sweet

    Leythos Guest

    Why have you not installed 11.0.4 or 11.0.5?

    I have yet to see something that wasn't detected by SEPP that was caught
    by one of the other vendors that was real malware.

    Did you properly install SEPP and have it updating every day?
     
    Leythos, Oct 26, 2009
    #12
  13. From: "2Sweet" <>

    | Sophos antivirus software detected an infected file "backupuser.exe" as
    | Mal/Behav-285.


    You did NOT fuully answer my question.

    "What is the fully qualified name and path of the file(s) deemed to be infected ?"

    Off hand, I say that you have an AutoRun Worm.

    If Sophos is cathing this then you can use my Multi AV Scanning Too to scan the system and
    all removable Read/Write media.


    Download MULTI_AV.EXE from the URL --
    http://www.pctip.ch/ds/28400/28470/Multi_AV.exe
    or
    http://212.98.39.7/ds/28400/28470/Multi_AV.exe

    http://www.pctip.ch/downloads/dl/35905.asp
    or
    http://212.98.39.7/downloads/dl/35905.asp

    English:
    http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/


    To use this utility, perform the following...
    Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
    Choose; Unzip
    Choose; Close

    Execute; C:\AV-CLS\StartMenu.BAT
    { or Double-click on 'Start Menu' in C:\AV-CLS }

    NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
    FireWall to allow it to download the needed AV vendor related files.

    C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
    This will bring up the initial menu of choices and should be executed in Normal Mode.
    This way all the components can be downloaded from each AV vendor's web site.
    The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

    You can choose to go to each menu item and just download the needed files or you can
    download the files and perform a scan in Normal Mode. Once you have downloaded the files
    needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
    during boot] and re-run the menu again and choose which scanner you want to run in Safe
    Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

    When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
    file.



    * * * Please report back your results * * *
     
    David H. Lipman, Oct 26, 2009
    #13
  14. 2Sweet

    2Sweet Guest

    The file is located in the root of C or D drive.
    Thank for the tool. I will try it out.
     
    2Sweet, Oct 27, 2009
    #14
  15. 2Sweet

    2Sweet Guest

    Now the lastest SEP definition files (dtd 2 Nov)can detect and capture the
    virus "backupuser.exe" after i have submitted the infected file to Symantec.
    Symantec is few weeks "late" in updating the definition files compared to
    other antivirus s/w.

    That is the reason why i wanted to change antivirus s/w.
     
    2Sweet, Nov 4, 2009
    #15
  16. From: "2Sweet" <>

    | Now the lastest SEP definition files (dtd 2 Nov)can detect and capture the
    | virus "backupuser.exe" after i have submitted the infected file to Symantec.
    | Symantec is few weeks "late" in updating the definition files compared to
    | other antivirus s/w.

    | That is the reason why i wanted to change antivirus s/w.


    Please submit that file to UploadMalware.com

    http://www.uploadmalware.com/
     
    David H. Lipman, Nov 4, 2009
    #16
  17. 2Sweet

    2Sweet Guest

    ok. submitted to http://www.uploadmalware.com/
     
    2Sweet, Nov 5, 2009
    #17
  18. From: "2Sweet" <>

    | ok. submitted to http://www.uploadmalware.com/


    Yes, got it. Thanx !

    It is an AutoRun Worm packed by Themida
     
    David H. Lipman, Nov 5, 2009
    #18
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.