I am using Mcafee VirusScan Enterprise + Antispyware Enterprise 8.8 with the latest (7138) DATs loaded on a few Windows 7 PCs.
However, I scanned the PCs with another AV product, Comodo Cleaning Essentials and Avast separately and found a number of infections. In particular Comodo found a trojan with the name Trojwar.win32.Kryptik.VARA.
All PCs have the VSE On Access scanner running at all times and all are updated with the latest DATs and as far as I can see Kryptik isn't particularly new. The Mcafee Stinger also didn't detect these files.
I guess they could be false positives but a couple of other AV products have seen and cleansed them.
Is there anything I can do in the VSE console that would improve the detection of these kinds of infections? Perhaps the Artemis control which is at the default of Very Low could be used at a higher level?
What does anyone think?
I would set artemis to medium to start with, that probably accounts for about 20-30% of our detections and we have not seen any false positives (although I would spot check it!).
Also there is a best practice guide for VSE that I followed that may help, for example using the high/low risk and default groups. So you can spend more time scanning internet explorer than some internal program.
hope that helps!
Please go read and implement that set of Minimum Requirements. The DAT file itself is one of the least important things you can do. There are several policy settings that are absolutely crucial.