Jump to content
Compatible Support Forums
Sign in to follow this  
Ant -|- One

Let's talk about VIRUSES, for once !?

  

  1. 1. Sharepoint migration 2010

    • Migrating to Sharepoint 2010
      0


Recommended Posts

I'm asking this to everyone who come accross this thread:

 

> What do you think of Viruses ?

> Who create them ?

> Is it really the truth: "Viruses are made by those who sell Anti-Virus programs and other security tools!" ???? To which extent ???

> According to questions above, what is the best parade against Viruses, or, what is the best Anti-Virus ?

 

I'm waiting for as many objective responses as possible !

Share this post


Link to post
Quote:

> What do you think of Viruses ?

They are annoying.
Quote:

> Who create them ?

Losers, and losers with too much time on their hands.
Quote:

> Is it really the truth: "Viruses are made by those who sell Anti-Virus programs and other security tools!" ???? To which extent ???

No, I don't find that to be the truth at all. But it does keep them in business, now doesn't it?
Quote:

> According to questions above, what is the best parade against Viruses, or, what is the best Anti-Virus ?

Common sense is the absolute best, but it isn't listed. I prefer McAfee not only for its local client, but for its ePolicy Orchestrator management tool for networks of workstations and servers.

Share this post


Link to post

I agree with everything that clutch said except for Mcafee. I prefer Norton Antivirus Corporate. MUCH BETTER.

Share this post


Link to post
Quote:

I agree with everything that clutch said except for Mcafee. I prefer Norton Antivirus Corporate. MUCH BETTER.


LOL, I won't mess with anything from Symantec. Too many bad experiences for me...

Share this post


Link to post

Another vote for those boys over at Symantec.

I adore their corporate edition, sits on a server at work and takes out any administration I'd have to do.

 

Wont touch Mcafee ever since their first "Win2k Compatible" virus scanner resulted in it taking 30 seconds to open COntrol Panel and a massive performance hit.

When we spoke to Mcafee their fix for us - remove e-mail scanning!!

Nice one boys smile

 

I'm sure it's a lot better now, but once bitten.....

Share this post


Link to post

Depends on your definition of a virus really ! Some quite useful programs could be classed as them.

Share this post


Link to post

For me, it's always been a major pain dealing with any OS upgrade and using a Symantec product. When Win98 first came out, WinFax Pro kept hanging the system. I used a couple of versions of Norton Utilities, and they both had differing issues but the same conclusion: removal. What's that? PCAnywhere 9.1 is shown to be Win2K compliant? That's what the CD package reads, yet it crashed a system and would go into an endless loop at logon time because of a certain modification it would do to use NT account authentication. Of course, these are just the highlights of the many dealings I have had with their products. smile

 

As for McAfee, network administration is awesome. I can either push custom installs from Installation Designer to the network using ePolicy Orchestrator, or use their premade SMS scripts for use with our Systems Management Server 2.0 system. Also, I control all other options and behaviors across varying versions of the application. But hey, that's just my experience with them...

 

wink

Share this post


Link to post

Mcafee IS a virus! Worst POS software I've ever encountered.

 

The college I work at uses Mcafee for some god-awful reason.

 

Reasons I hate Mcafee:

 

1. Does nothing to stop 99% of viruses out of the box (scans only .exe, .com, and .dll files)

2. Some Mcafee superdats tend to randomly break AV installations

3. Requires users to go to the web page, download, and install (which they of course never do)... which only worsens #1

4. Older versions (4.x) DO NOT uninstall properly. They leave registry keys and cues to start files that it deletes. Have to manually delete these before installing 5.x

5. System hog

6. My work bought a $60,000 license so we'll be dealing w/ this crap for a LONG time

 

Norton AV corporate is by far the best AV software! It scans aggressively out of the box, can easily be configured for automatic updates, automatic scanning, can be rolled out via the web, uses very little memory and resources, etc.

Share this post


Link to post

hey what about trend???? i have had excelent luck w/ trend av software. i use there neate suite (server scan, interscan virus wall on my internet gateway, exchange scan, officescan corprate, and thier master management console)on about 200 pc's at work and use pc-cillin at home. they tend to get definitions out faster than norton and also thier auto update system actually works automatically like it is suppose to (norton has problems where it doesn't always auto update).

mcafee sucks. :-p (sorry but they are one of the slowest getting new defs out and thier scans are notorious for missing things). any corprate ppl should look at trend for sure. it is nice to look at your whole av suite in action in 1 web managed panel and it scans agressively. also the remote nt workstation installs and remote server installs are nice.

 

Ws-6

Share this post


Link to post

Thanx everyone ! Clutch, I personally do agree with your sayings:

 

Quote:
No, I don't find that to be the truth at all. But it does keep them in business, now doesn't it?

 

I find some who doubts this.

BTW, I didn't mention my choice for AV, it is Kaspersky APV Pro 3.5.x because it sees viruses that Norton, McAfee, Panda and others don't. Its emergency floppies based on a Linux engine are a killing thing, see it working for yourself, it's really amazing ! It lets you get rid of any virus, in the end. It tells you where lies the virus, its name, then you can disinfect or delete the virus body (infected file) and if disinfect or delete don't work, at least you can delete the file in safe mode. This AV is the very best in my opinion.

 

Many more opinions welcome on the subject !!!

Share this post


Link to post

It sounds like some of the nay-sayers here haven't actually configured or worked with a properly configured McAfee VirusScan/NetShield setup on a network. So, let's try addressing some of these seemingly valid points on this post:

 

Quote:

Reasons I hate Mcafee:

 

1. Does nothing to stop 99% of viruses out of the box (scans only .exe, .com, and .dll files)

Hence the reason for this to be configured to begin with. This is done to limit the amount of scanning overhead when using "System Scan" which runs 24/7 in the background and scans everything the OS touches (including its own system files as it needs them). As I mentioned before, I use ePolicy Orchestrator, which was free with our 00 license on a 50 node network, and it will push installations and updates to anything I ask it to along with any configuration info as well.

Quote:

2. Some Mcafee superdats tend to randomly break AV installations

The first time this happened, it was a shock to everyone (including McAfee). What happened was the older engines were no longer compatible with the issued DATs (not SuperDATs) and required them to be updated by SuperDATs since they include engine updates. Since then, McAfee has posted clearly as to what the cutoff is for their engine version support. I will usually push out a SuperDAT once every 6 months while my regular DAT files update about once a week auto-magically. smile

Quote:

3. Requires users to go to the web page, download, and install (which they of course never do)... which only worsens #1

So does Norton, not to mention that it uses this stupid wizard that prompts anybody that's logged on that it needs to be updated even though it's been told to get the damn updates on its own (I have 2 stations on a separate AD network here using it, and this is driving me nuts). Not to mention that the users can get tired of it, and just click cancel to make it go away. On the other hand, my McAfee setup works quietly in the background, and gets updates from a central server on my network. Also, if a machine is offline for some reason during a scheduled update, it will run the update task once it does come back online and will pick up the latest information so it's up to date as well.

Quote:

4. Older versions (4.x) DO NOT uninstall properly. They leave registry keys and cues to start files that it deletes. Have to manually delete these before installing 5.x

This relates more to the setup routines than anything else. And I would have to say that ANYONE here can point to many Symantec products that have screwed up systems by leaving registry keys and DLLs behind. By using MSI installers, this has been rendered a moot point anyway. Also, just so you know the commercial version of McAfee VirusScan is currently 4.5.1 for workstations while the consumer version is 6.x (I believe). They run on similar underpinnings, but the 5.x and 6.x versions are similar to the $hitty freebies (like the ones I have been fiddling with) with their awful GUIs and 5,000 wizards to get the most mundane task accomplished.

Quote:

5. System hog

The last Win9x system I setup using McAfee 4.5.1 with System Scan enabled still yielded 94-95% system resources free upon bootup. Not exactly a system hog, I would say. This goes back to configuration.

Quote:

6. My work bought a ,000 license so we'll be dealing w/ this crap for a LONG time

My condolences. wink

Quote:

Norton AV corporate is by far the best AV software! It scans aggressively out of the box, can easily be configured for automatic updates, automatic scanning, can be rolled out via the web, uses very little memory and resources, etc.

Ditto all of that using the proper McAfee version for corporate usage (which I suspect that some of you have not). If Norton/Symantec stuff is your bag, then cool. I wanted to correct some of the statements that were made as I see them.

 

cool

Share this post


Link to post

Well, if we are in the mood of correcting incorrect statements:

 

"So does Norton, not to mention that it uses this stupid wizard that prompts anybody that's logged on that it needs to be updated even though it's been told to get the damn updates on its own (I have 2 stations on a separate AD network here using it, and this is driving me nuts). Not to mention that the users can get tired of it, and just click cancel to make it go away. On the other hand, my McAfee setup works quietly in the background, and gets updates from a central server on my network. Also, if a machine is offline for some reason during a scheduled update, it will run the update task once it does come back online and will pick up the latest information so it's up to date as well."

 

Not true.

My Symantec AV Server silently rolls out all definitions to all workstations.

The users neither see this happen nor do they have any choice in the matter.

Users can also not stop Norton from running on their workstations, something configured at the server.

Share this post


Link to post

If you would look down a little further, you would also note that I mentioned I was using one of the freebie ones and got the hassles from it. I only brought up the consumer level ones because of the McAfee 5.x references from a previous post.

 

Quote:
They run on similar underpinnings, but the 5.x and 6.x versions are similar to the $hitty freebies (like the ones I have been fiddling with) with their awful GUIs and 5,000 wizards to get the most mundane task accomplished.

 

But it was a nice try. wink

 

As for the other comments, users can be either allowed or disallowed from disabled VirusScan as well. This is configured at installation (which can be done with a modified MSI file from McAfee Installation designer, or a template).

Share this post


Link to post

Personally i like Norton anti Virus and have had great experience with Trend. If i had the choice between any Anti Virus software, then Trend is the way to go.

Share this post


Link to post

I like Trend too - I use PC-Cillin, due to the fact that my building society gives it away to anyone who signs up for their online banking service [also free]. The only things I don't like about it are:

 

1. That I have to turn off realtime file scanning because otherwise it dramatically increases the time taken for file operations, such as doing searches & waiting for the right-click menu to appear when you click on a file in Explorer.

 

2. If it can't connect to it's update server when it's scheduled to do so [usually because the server is momentarily busy] it insists on popping a dialog box saying so - I think it ought to have an option to retry it X number of times before displaying the little fault box, because usually if you check manually straight after it has done that then it works just fine.

 

Aside from those things I think it's great. As for the real time thing being disabled, it's no biggie - I check EVERYTHING I download manually anyway.

Share this post


Link to post

The McAfee Corp edition is halfway decent. It is configured to scan everything out of the box. The problem w/ the 4.x and 5.x is that ppl that don't know what they're doing roll out the software w/ just the bare minimum scanning and heuristics disabled. The corp edition is going on all the new machines, but there are still literally hundreds of desktops with effectively 0 virus protection (and users that see the shield and think they are).

 

5.0 does a decent job detecting and catching stuff IF it's set up right. It's a system hog though... I have a 486-66 20mb ram win95 POS computer at home. W/ mcafee 5.0, it didn't have enough free RAM to start IE 4.0 and bogged the system. Uninstalled it and put trusty Norton AV Corp 7.5, and runs just as fast as w/o a virus shield.

Share this post


Link to post
Quote:

The problem w/ the 4.x and 5.x is that ppl that don't know what they're doing roll out the software w/ just the bare minimum scanning and heuristics disabled.

Well, when people don't know what they are doing try to install software (or do anything for that matter), it isn't the fault of the software for not being able to catch everything the idiot does or does not do. As for rolling out that many machines, if you don't have any sort of management software already (like SMS, Tivoli, etc) and your license permits, then install ePolicy Orchestrator and push the monitoring clients out on a test domain. I think you'll change your mind about the mgmt functionality of McAfee products. You will also be able to run out-of-the-box reports on engine and dat versions and get graphical listings as to percentages affected by your current rollout. It can also track the virus definition levels of any Norton clients you may still have on your network and report on them as well, along with configure update tasks for them in the same manner that it can configure VirusScan/NetShield clients.

Quote:

It's a system hog though... I have a 486-66 20mb ram win95 POS computer at home. W/ mcafee 5.0, it didn't have enough free RAM to start IE 4.0 and bogged the system. Uninstalled it and put trusty Norton AV Corp 7.5, and runs just as fast as w/o a virus shield.


The slowest machine we have running here is a P-133 w/32MB, and using the same config on it as I do the dual 1.5GHz Xeons w/1GB of RAM I just got in it runs fine. Of course, I managed to get the old 486s off of our asset list 2 years ago so I have none to test with...

:P

Share this post


Link to post

Thank you all !

I take special attention to what is told.

 

You protect the AV your using, mostly.

McAfee/Norton/Trend on equal terms, mostly.

 

Good thing ! But, has anyone encountered a virus issue even though they thought they were protected by AV mentionned above ? I'm sure you have, at leats one of you, once !

 

I notice that nobody seem to use Kaspersky AVP Pro. I wonder why ?

 

As I already said, in my business, I more and more come accross clients who've been infected by a virus, since 2-3 months most by I-WORM.Magistr.b and variants. Many had Norton or McAfee installed (and many a time not updated, but often it was !) and running, of no avail ! Each time, I came and used K.'s AVP Pro emergency floppies and washed out those damn viruses.

 

It is my experience. Dealing with viruses is not my main occupation at work (I'm a hardware tech employed to deal with clients' hw problems by phone, at their place, and of course in my work room), but I must say that viruses are becoming more and more my real job and it really becomes annoying, I hate it !

 

Up to now, AVP is the sole AV that didn't fail me.

 

What do you guys think about this ?

Share this post


Link to post

Viruses shouldn't be a problem for you at all in today's world.

 

If you are using a Norton Antivirus Gateway to scan all incoming/outgoing email to strip all extensions that have to do with viruses. That stops almost all the viruses right there.

 

Install AV for Exchange on all exchange servers as a second line of defense to the gateway. This is especially handy if your Exchange servers have NEVER had any virus scanner programs installed on them before. Before I took control there was pretty much NO AV protection on this base. When I started implementation I discovered THOUSANDS of virus hits on my Exchange Server's email and throughout the base. It was a mess.

 

The other 1% are users bringing floppies from home into work onto their desktops. That's HIGHLY discouraged in the military workplace and should be discouraged in yours as well. Make sure an AV client is installed on the clients computers.

 

Now my network is tight as far as AV is concerned. Haven't had a virus come through here at all....wait a sec..there was once...before I tightneded the gateway. The extensions came unblocked due to some idiots messing around and some viruses were able to get through. That is the ONLY time in the last 2yrs of this base having a virus hit. Even then the Exchange AV/AV clients caught it before it could cause any harm.

laugh

Share this post


Link to post
Quote:

I notice that nobody seem to use Kaspersky AVP Pro. I wonder why ?


Ignorance, pure ignorance, AVP rocks !!!


BTW, I don't see the big problem with viruses, in fact I don't even have the scanner running (eats resources), I mostly just scan manually. The only precautions you have to take are:

1. scan all doubtful downloads

2. Scan e-mail attatchements & follow the scene a bit

3. have a reasonably recent backup if sh1t happens (you should anyhow...)

With this I've spotted 5 or 6 incoming viruses this year alone, none made it through.

H.

Share this post


Link to post
Quote:
You protect the AV your using, mostly.


Actually, I've got access to every virus scanner in this thread. Tried em out on the comps at work, and Norton AV corp came away the winner smile

Share this post


Link to post

Thanx Dirty Harry !

At least you know AVP ! I have it running all the time with no consequences on resources available.

Once again, everyone, AVP Pro 3.5.x (and 4.0 I guess) finds real (!)viruses that other AV scanners don't ! The choice is simple, isn't it !

_____________________________

 

Originally posted by GTwannabe:

 

Quote:
Actually, I've got access to every virus scanner in this thread. Tried em out on the comps at work, and Norton AV corp came away the winner

 

You don't mention AVP Pro, once again. Did you try it ? Norton hasn't seen files infected by I-WORM.Magistr.b (a nasty one, believe me !), but AVP did and cured the 'puter !

What do you think of this ? Something to think about, I guess ?!

Share this post


Link to post

Actually, I have used AVP. My last boss was a huge fan of it. We had it running on a few machines in the office. Did a decent job, but the interface was kinda clunky IMO.

 

25% of the computer problems we deal with at work have to do w/ Mcafee in some form...

Share this post


Link to post
Quote:

25% of the computer problems we deal with at work have to do w/ Mcafee in some form...


Such as...?

I have 4 networks running it, and none of them are having any issues with it. I am just interested in hearing what type of network you have and what these problems are. Are you running Novell, WinNT4 Domain, AD Domain, or some hybrid? Are you deploying prefab images that are old and then up[censored] them one at a time? How are you managing these installations? If you were ever using 5.x, then you were mixing the consumer level product with the commercial level one, and that's a major mistake with any product.

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×