Link to home
Start Free TrialLog in
Avatar of metamatic

asked on

Mcafee not picking up malware such as antivirus antispyware 2011

We are running Virus Scan 8.7 (patch 2) with the anti spyware plugin. We haven't really deviated from the default install settings. All clients are running XP SP3.

We have found that we are getting around 1 PC per month infected with fake anti virus software. The latest one is called "Antivirus Antispware 2011". The source of infection is generally compromised web sites.

The mcafee does not seem very good at picking these up and preventing infection. Once the machine is infected i generally have to use tools such as malwarebytes and combofix to clean the machine.

Can aybody advise how i can tweak virus scan so that it prevents these infections? Also, are there any MS patches available or other tools i should be using?
Avatar of Simon Earl
Simon Earl
Flag of United Kingdom of Great Britain and Northern Ireland image

OK, we can certainly do this.....

Have you got the Potentially Unwanted Programs tick box set in ePO ?

How many clients do you have ?

Why haven't you kicked your reseller in to configuring it properly for you ?


VSE 8.7i & AntiSpyware IS a antimalware solution....

In VSE 8.8i, it's further improved with the combination of the two products in to one with a faster scan engine, and 98% accuracy

It's like having a car, and only staying in first gear......if you don't learn to drive ePO, then you're not getting the best out of it....

All Professional Services engagements I've done to properly configure ePO results in a pretty much zero infection rate for the organisation......
Let me try it this way.

Anyone posting in the Anti-malware Zones needs to be thoroughly familiar with the information being discussed.

Casual comments can seriously disrupt a qualified Expert from assisting.

Corporate/Enterprise security is a much different animal from personal use/suggestions and many of us have spent several years learning the specifics of this field.

If there are Zones here on EE in which you have some expertise, then please feel free to offer some thoughts.

This question is about a very specific load of McAfee ePO and should be left to those trained and certified with the product.
Thanks Vee_Mod

@metamatic - if you come back with the answers, I'll help you to sort out your ePO and configure it....

There are plenty of changes to make to a default installation of ePO to manage VSE directly, and we can make your world a brighter place

Avatar of metamatic


Thanks for the replies. Looks like i've missed an interesting debate as a few comments had been deleted before i got chance to check back!

In answer to your queries...

I have got the unwanted programs box ticked.

I have 80 clients

I have tried to talking to mcafee for help with config but they are more interested in selling me a place on a training course. I've donwloaded various knowledge base articles but really want some real world examples as to what other virusscan users have done.
We have the same problem where I work (bout 200 workstations) and we have monitoring system tha notifies us when computers get infected and then we use combofix and malwarebytes to remove them.  I believe that it comes down to mcafee being ineffective unfortunately due to licensing we have to use it.  Anyways what I has done is set up windows defender to monitor email, and removable drives, but if you can get away from mcafee I recommend security essentials (they also have an enterprise version), I feel in my own personal use that it does better job then mcafee.  
I suggest that you actually learn how to use McAfee/ePO - it is a pretty amazing product (for those who learn how to use it).

In a cross-domain (Forest) environment it used to give my a consistent 99.99% protection on systems deployed in anywhere from 15-20 countries on a regular basis.

I am fully confident in stating that there is no better product on the market - for those who learn to use it.
You are more then welcome to your opinion and if McAfee works for you then great, but don't assume that I don't know how to use it and that is why I dislike it.  If you were to do a simple google search on opinions of McAfee or McAfee vs. Security Essentials then you would see many more people agree with me.  I am glad that it works for you.  I have used it for a long time and have played with all of the features and what not and I think it is ok, not a bad option, but I personally prefer Security Essentials because it requires less tinkering, takes up less system resources (McAfee can slow older or lower powered computers significantly), and I have found that it detects more malware,spyware and viruses that McAfee in my experience.  
Avatar of Simon Earl
Simon Earl
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial