Symantec saves the day.

Discussion in 'other anti-virus software' started by Sputnik, Nov 27, 2005.

Thread Status:
Not open for further replies.
  1. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    Hello all at wilders',

    I really had to make up this little report. I fixed a friends computer today, and had a very interesting experience. Too bad I couldn't take any logs or screenshots with me, so I'm sorry about that.

    Case:
    Heavy infected system, bootup problems ect. ect.

    Solution:
    First solution: McAfee, found several worms and trojans (Netsky, Mytob and SDbot).
    Second solution: F-Secure, found one trojan (SDbot) McAfee left behind.
    Thirt solution: Symantec found 218 (!) infected files the left behind. A couple of them were in the Windows folder, others in his Mozilla Mail archive.

    Conclusion:
    Was very suprised by this. And it made me think of the quality of the other two products, 218 is a lot. And it were all quite old variants of Netsky, Mytob and some SDbots.
    So at the end I've to admit, Symantec really has good detection, and for some reason also good unpacking (considering the viruses it found in the mail archive). I've submitted the missed samples to both F-Secure and McAfee.
     
  2. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Thanks for the info on your experience. Which version of Symantec did you use?
     
  3. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    I used the following programs:

    • McAfee VirusScan Enterprise v8.0i
    • F-Secure Anti-Virus Client Security v6.01.11441
    • Symantec Antivirus Corporate Edition v10.0.2.2000
    All with the latest updates ofcource :)
     
  4. Ned Slider

    Ned Slider Registered Member

    Joined:
    Mar 24, 2005
    Posts:
    169
    Many AV programs don't scan mail archives by default during on demand or scheduled scans. They rely on the fact any infected mail will be caught in real time as it's sent/received. This would explain why McAfee and F-Secure missed viruses in the Mozilla mail archive.

    I regularly use Kaspersky (same engine as F-Secure), McAfee and BitDefender to clean infected machines - they all catch some that the others miss. You simply can't rely on a single product to 100% clean a badly infected machine.

    Ned
     
  5. Farbod

    Farbod Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    88
    It is good if you try NOD32 also in the next time. ;)
     
Loading...
Thread Status:
Not open for further replies.