Solved

Symantec Corporate Edition

Posted on 2004-08-17
9
1,947 Views
Last Modified: 2012-05-05
Got a question for everyone...
Currently we have Symantec Antivirus Corporate Edition for workstations and servers.  All computers are set up to be Managed.  All virus definitions are schedualed to be downloaded by the server daily, then pushed to all clients.  Real-time scanning is enabled with the in-ability for users to disable real-time scanning.  now my problem is...

I scan with Norton the whole drive, and nothing gets picked up
I then try a online scan with Trendmicro's house call.  And it picks up a Trojan.

For instance I tried it today same steps, and housecall found TROJ_IMISERV.C. & TROJ_AGENT-1 now both of these by Trend have come out late last month.

Does anyone know why the heck Norton doesn't scan properly?  Is it just a poor application? Did I throw the company's money away to a costly yet inaddiquate (spelling i know) virus protection?

Thanks, Cheeba

0
Comment
Question by:cheeba12
  • 5
  • 3
9 Comments
 
LVL 3

Expert Comment

by:4ceReconSniper
Comment Utility
inadequate
0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi
According to symantec this  should be picked up - verify that you are scanning all files with no exclusions, and that you are fully up to date with virus defs (smack me hard but I need to suggest that anyway - maybe I am in denial;)) - Also what CE version are you on?Then maybe log a call to the symantec bods and see what on earth is going on - I am worried by this too and will be starting scans through other providers again in the not too distant future (although have had no obvious problems related to this to date) - Can you tell that I use Symantec Enterprise?

Backdoor.Imiserv
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.imiserv.html

Deb :))
0
 

Author Comment

by:cheeba12
Comment Utility
Thanks, deb  

Norton doesn't understand why it doesn't work (on hold for just over an hour!!!) But apparantly there is a new version of Corporate Edition out (9.0) but I have yet to receive my letter with my login, so i'll probably have to be on hold with them tomorrow to get my "serial #" to download new file.

Hopefully that it helps out.

What are your views on Symantec? As well as other products out there? Cause I'm defiantly thinking about dropping Symantec as a virus protection when my subscription runs out.

cheeba
0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi

We've deployed it across the whole enterprise and so far it seems to be quite adept at catching the nasty little blighters that turn up in their 100's via email - but that's AVF for Exchange - and we've had very little detected and quarantined via CE. Scans are in progress now, so I'll let you know how it goes. It does cause me a lot of concern though that you are upgrading to 9.0 in order to (hopefully) adequately protect your system (almost like a microsoft trick - "if you want to do it right - upgrade!"). I have found it extremely easy to deploy, manage and monitor - although my experience of other solutions is zilch so I'd wait for other comments on comparisons. I believe that intelligent updater is updated daily, but the ordinary live-update defs less frequently, which is well behind other vendors and as symantec are pretty big I wonder what their excuse is?

Deb :))
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Hi
You may find this worth a look as it's supposedly independent - you can sign up for a free pdf mag!
Virus Bulletin
https://www.virusbtn.com/

Deb :))

0
 

Author Comment

by:cheeba12
Comment Utility
I check that out...

Currently I'm running "surprise" online scans of random computers to verify that they don't have virus either, I'll let you know if find any other.  but I totally agree that CE doesn't find anything.  And that Symantec is atleast 3 days behind everyone else with their definitions.  

Oh, by the way, Symantec has added a new feature called Expanded Threat Protection which is suppose to pick up everything better.  YAH RIGHT!

But other wise just a side note...I use Trend Micro at home at I've never had an issue.

cheeba
0
 
LVL 20

Accepted Solution

by:
Debsyl99 earned 500 total points
Comment Utility
Hi

Just an added update for you - My home fully updated symantec 2004 failed to detect 9 trojans that my partner picked up during some carefree surfing and clicking. I've helped with two very unhappy cases recently where network capability has been practically wiped out by trojan activity again that fully updated CE has failed to detect - Server not configured for transaction, loss of shares etc. Trend detected the trojans, symantec didn't. I for one will not be renewing my organisation's symantec subscription next time round, nor my home one as I have no faith in it Fortunately my network has come up clean after random scans to date, but I feel that's more to do with the company restrictions on internet surfing, very pedantic url filtering and practically all my users being restricted users on the domain,

Deb :))
0
 

Author Comment

by:cheeba12
Comment Utility
Lucky you, I'm trying despertly to add more restrictions for our current users...but when the've had free rain on the internet and their computer it gets hard trying to remove their rights! But I have found a few virus' not many, but a few here and there.  I've just updated the CE to 9.01 I guess we'll see how it goes.  But I agree, and suggest whole heartly not to support Symantec products as they are a company that falls behind in their field.

Deb, I was also pointed to e-trust as a virus solution, (computer associates).

Here are your points since you were helpful

Stu
0
 
LVL 20

Expert Comment

by:Debsyl99
Comment Utility
Thanks Stu,

Please though, let me know how you go with CE 9.01, as I've a new site to bring online soon and I'd be ineterested to know how it goes, although I have absolutely no intention of using symantec there. I am now on the look out for other options.  My users think I am a network nazi, and they are probably mostly right ;-). A really good tactic is to get management on-side, and impose the heaviest restrictions ever (but not on management!). They'll moan and complain like hell, but will be more content when you compromise somewhat than if you had just tightened up in the first place! - I know - I should've been a politician ;-)

Thanks and Best Wishes

Deb :))
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

So you got the Conficker. You could go to each machine and run the eye chart test (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html), but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now