Its always easier to be reactive rather than proactive and no one software will stop everything.
We too get quite a few infections and we use a separate anti-spyware product- which has the same problems.
Basically we are fighting a losing battle
Have a read at this blog:
....that comes out to an average of 200,000 unique pieces monthly or more
than 6,000 daily. Yep–that was over 6,000 on a daily basis. Bear in mind
these are malware we consider unique (something we had to write a
driver for) and does not count all the other malware we detect
generically or heuristically.
I agree, its a juggling act between functionality and usability- but basically we need to educate users into being intelligent in the sites they browse and actions they take.
Its no longer acceptable to "just click on a link or popup"
I'm about to test SiteAdvisor in our environment.
Maybe that is another tool that can help you.
Message was edited by: jmcleish on 21/04/10 04:04:15 CDT
Sadly, I find the "AntiSpyware" portion useless. It doesn't clean anything when it comes to spyware. I can run McAfee, and after that, I need to use MalwareBytes, Spybot, SuperAntiSpyware, or Microsoft Security Essentials to clean everything it missed. You will NEVER find a case where you cleaned a system with these and then McAfee found something you missed, but you will also never be able to clean an infected system with McAfee. That's sad as we're licensed for 8.7i enterprise and antispyware. I don't care if you jack artemis up to it's highest level, it's not going to do the job.
it is very simple and clear there is a problem with Mcafee anti-spyware and they should solve it ASAP.
it is not related to the user settings or patch level or updates ...etc.
The problem is not only how the system is getting affected the other problem is
Mcafee is NOT DETECTING Malewares on those affected systems!!
We have Webroot as our Anti-Spyware and I'm less than impressed with it not detecting fake av programs.
Go also look in the Sunbelt Vipre forums. There's many posts there about threats not being detected- they suggest you go and get Malwarebytes and run that!!!!
Also here's a post you should read.
(apologies about the link to another site- but I'm trying to put forward the point)
i'm sure most sw sites have similar posts in their forums.
As i said previously, we need to educate the users to stop clicking on links and going to site sthey shouldn't.
Yes the Site Advisor does play its role in stopping the fakealert programs from running or saving themselves to the files.
However, It aso boils down to what security setting the network admin has deployed. If the setting is set to prompt then the Site Advisor will warn the user that this download is malicious. If it is et to protect, It will outrightly delete the setup file before it can do any damage.
Hi. I'm new on this community. I have the same problem: McAfee don't detect some malware, even with Artemis on a high Level.
On the other hand, I have some virus samples than OAS can detect a time ago. Now, the same samples aren't detect by OAS with the latest DAT and Artemis at High level. To be honest, the OAS detect the virus sometimes as Artemis threat, sometimes no detect it (this test been realized in a half hour). I know the OAS saves on his cache the analyzed files, but I need the OAS to detect any virus at any time, don't you think?. I think the problem is with Artemis technology: some time the Internet connection to Artemis' servers is not available, then, OAS don't know that file is infected.
Anyone can help me? Maybe are some configuration that I missed up.
I attached two images that probes my tests.