Avatar of metamatic
metamatic
 asked on

Mcafee not picking up malware such as antivirus antispyware 2011

We are running Virus Scan 8.7 (patch 2) with the anti spyware plugin. We haven't really deviated from the default install settings. All clients are running XP SP3.

We have found that we are getting around 1 PC per month infected with fake anti virus software. The latest one is called "Antivirus Antispware 2011". The source of infection is generally compromised web sites.

The mcafee does not seem very good at picking these up and preventing infection. Once the machine is infected i generally have to use tools such as malwarebytes and combofix to clean the machine.

Can aybody advise how i can tweak virus scan so that it prevents these infections? Also, are there any MS patches available or other tools i should be using?
Anti-Virus AppsAnti-Spyware

Avatar of undefined
Last Comment
Simon Earl

8/22/2022 - Mon
Simon Earl

OK, we can certainly do this.....

Have you got the Potentially Unwanted Programs tick box set in ePO ?

How many clients do you have ?

Why haven't you kicked your reseller in to configuring it properly for you ?

Cheers
Si
Simon Earl


VSE 8.7i & AntiSpyware IS a antimalware solution....

In VSE 8.8i, it's further improved with the combination of the two products in to one with a faster scan engine, and 98% accuracy

It's like having a car, and only staying in first gear......if you don't learn to drive ePO, then you're not getting the best out of it....

All Professional Services engagements I've done to properly configure ePO results in a pretty much zero infection rate for the organisation......
younghv

@synetron,
Let me try it this way.

Anyone posting in the Anti-malware Zones needs to be thoroughly familiar with the information being discussed.

Casual comments can seriously disrupt a qualified Expert from assisting.

Corporate/Enterprise security is a much different animal from personal use/suggestions and many of us have spent several years learning the specifics of this field.

If there are Zones here on EE in which you have some expertise, then please feel free to offer some thoughts.

This question is about a very specific load of McAfee ePO and should be left to those trained and certified with the product.
Your help has saved me hundreds of hours of internet surfing.
fblack61
Simon Earl

Thanks Vee_Mod

@metamatic - if you come back with the answers, I'll help you to sort out your ePO and configure it....

There are plenty of changes to make to a default installation of ePO to manage VSE directly, and we can make your world a brighter place

Cheers
Si
metamatic

ASKER
Thanks for the replies. Looks like i've missed an interesting debate as a few comments had been deleted before i got chance to check back!

In answer to your queries...

I have got the unwanted programs box ticked.

I have 80 clients

I have tried to talking to mcafee for help with config but they are more interested in selling me a place on a training course. I've donwloaded various knowledge base articles but really want some real world examples as to what other virusscan users have done.
tpl415

We have the same problem where I work (bout 200 workstations) and we have monitoring system tha notifies us when computers get infected and then we use combofix and malwarebytes to remove them.  I believe that it comes down to mcafee being ineffective unfortunately due to licensing we have to use it.  Anyways what I has done is set up windows defender to monitor email, and removable drives, but if you can get away from mcafee I recommend security essentials (they also have an enterprise version), I feel in my own personal use that it does better job then mcafee.  
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
younghv

@tpl415,
I suggest that you actually learn how to use McAfee/ePO - it is a pretty amazing product (for those who learn how to use it).

In a cross-domain (Forest) environment it used to give my a consistent 99.99% protection on systems deployed in anywhere from 15-20 countries on a regular basis.

I am fully confident in stating that there is no better product on the market - for those who learn to use it.
tpl415

@younghy
You are more then welcome to your opinion and if McAfee works for you then great, but don't assume that I don't know how to use it and that is why I dislike it.  If you were to do a simple google search on opinions of McAfee or McAfee vs. Security Essentials then you would see many more people agree with me.  I am glad that it works for you.  I have used it for a long time and have played with all of the features and what not and I think it is ok, not a bad option, but I personally prefer Security Essentials because it requires less tinkering, takes up less system resources (McAfee can slow older or lower powered computers significantly), and I have found that it detects more malware,spyware and viruses that McAfee in my experience.  
ASKER CERTIFIED SOLUTION
Simon Earl

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.