what's good with McAfee enterprise?

Discussion in 'other anti-virus software' started by no13, Mar 4, 2005.

Thread Status:
Not open for further replies.
  1. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    So one of those [supposedly] friends of mine was bugging me for a free AV...
    that's when I turned to WSF...

    Now the bugger tells me that he has 1 year's license of VSE from his Dad's office... So the foolish one now needs to know some things... I'm not a VSE guy, so I turn to you

    He needs to know 2 things...

    1. what does VSE lack?
    2. how do I compensate [minimum money, minimum RAM, minimum hassle]?

    He's already obtained AntiSpyware Enterprise...
    He's willing to shed some $$ for AVs [off the shelf only... he doesn't like eCommerce much yet]... but he distrusts ATs....

    I know what you're thinking... ~weird kid and his weird friends~
    Well.... we're all weird down here ;)

    So... err... any advice?
     
  2. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
    1. Well before it use to be it only had weekly definition releases, but that is now basically gone with the daily weekday updates. Can't really complain about anything else.

    2. I don't quite understand what you mean by "compensate." (minimum money? Isn't he getting it for free?)

    In any case, the RAM usage isn't the lowest, but it's only one of three AVs I can run where it seems like it isn't even there. (others being NOD32 and F-Prot)
    The detection is excellent, in the upper echelon of AV detection.
    Very intuitive interface (unlike the consumer version).
    Basically, good detection, solid interface, and low system impact.

    I would pay for it if it wasn't free from the university. For me, it's the best thing I can actually run on my system without being annoyed. (anything KAV based is just too slow)
     
    Last edited: Mar 4, 2005
  3. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    All AV's have strengths and weaknesses and compared to most others, IMHO, McAfee Enterprise AV is amongst the very top performers.

    The only feature, which some people may prefer to see in VSE is a more specific email scanner, as it checks only Lotus Notes or Outlook. This is not a weakness in my view.

    Although it places a number of processes in memory, with a RAM footprint of about 25-30MB, it has no perceivable slow-down on my laptop's performance. The RTM is very 'light' even though it scans archive files.

    VikingStorm has noted the main advantages of this AV and with the newly released Spyware plugin, it continues to improve. Excellent protection against all malware and at the present time, my favorite AV.
     
  4. sick0

    sick0 Registered Member

    Joined:
    Feb 12, 2004
    Posts:
    143
    as for the processes, you can safely disable some of them from starting automatically when windows starts....

    tbmon.exe - for error reporting (i think)
    updaterui.exe - just the GUI for manual updater (not needed when using auto update)
    vstskmgr.exe - put to manual in services
     
  5. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
    My god... i will try to use it again. Does any one know how to disable the IDS in it?
     
  6. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    VSE does not scan pop3/smtp mail. If your ISP scans the mail, then no problem. Otherwise, try to use an email client like Eudora that saves attachments by default so the on access scanning will pick it up. Actually, dumping Outlook Express is always a good move.
     
  7. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    VikingStorm...
    by "compensate" I meant "What additional AV should he purchase to suplement VSE?"
    There have been a few [not many, but still a handful] of horror stories of VSE being unable to protect some people, and I guess he's looking at detection and removal rates. He'll buy a second AV if it fits the purpose [real time scanner that supplememnts VSE]
     
  8. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I use VSE 8.0i on access with nod as a back up scanner, the work well together.

    bigc
     
  9. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    If VSE isn't good enough, I'm not sure what is...
    VirusScan is a proven technology and the only AV that I can think of that might have a slight edge in detection would be a KAV based scanner.

    If your friend just wants an on-demand scanner to use along with McAfee, Bitdefender has a free version that works nicely. For paid software, F-prot or NOD32 would be nice choices for on-demand only.
     
  10. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    hmm...
    The thing is... there was some talk of VSE being slightly behind KAV on sig-based detection, and behind NOD/DrWeb in heuristics. So he wants to add another layer of protection [on access and on-demand] that can take care of what VSE is expected to miss.
    But right now, he has happily installed a trial version [or two?] of some AVs he won't tell me about... some friend, huh?
    Thanks for all your help guys.

    [But now I want to know what VSE isn't good at catching... worms, trojans, script based virii, zoo samples, new ITW, or is it polymorphicso_O too many buzzwords for one day... head spinny!]
     
  11. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Some friend!

    Well McAfee's heuristics are actually just as good as KAV, but KAV's is not very stellar anyway, but its not bad either.

    Both McAfee and KAV are able to catch many virii because they rely more on generic signatures than heuristics, which seems to help them well enough.

    But AVs with a newer and stronger heuristics engine like ArcaVir and NOD32 do not need many generic signatures because the heuristics engine is able to catch most new ITW malware.

    Have a great day! :)

    Regards,
    Firecat
     
  12. sick0

    sick0 Registered Member

    Joined:
    Feb 12, 2004
    Posts:
    143
    dont tell me he's trying to run two AV in real time? (on-access) very bad idea...

    VSE is very good especially with the new anti-spyware module...

    if money is no object, i suggest he install KAV5 as primary on-access then custom install VSE as on-demand only... that way he'll have the best of both worlds...
     
  13. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Maybe he should just get a double-engine AV and get the issue done with!
     
  14. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    He has observed an issue with KAV/KAH and VSE installed on the same XP machine... lsass.exe, svchost.exe and explorer.exe are terminated somehow causing a windows shutdown.

    If anyone else has experienced this issue I can start a new thread. This is a pretty weird way these two have of hating each other.
     
  15. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    Ah! the memory drag on a 256M Ram system would be waay too much. I tried FSIS 2005 [not the Microsoft.com version] and it was waay too much.
    So I started thinking...
    Suitable dietary supplements to VSE...
    On access/On demand AT : A-squared, BoClean, Ewido
    On Demand AT : TrojanHunter, Trojan remover
    On Access (Heuristics) AV : ArcaVir, Dr. Web, Avast Pro, NOD32, AntiVir
    On Demand AV : BitDefender Free, MWAV utility (old verrsion), Avast! Home, AntiVir
     
  16. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    That seems good enough...
     
  17. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    These are simply choices in front of me... If ever I get VSE [And I may never]... what do you think is the ideal choice?

    Firefighter's tests say that VSE+Ewido is the best of the lot....
    But can heuristics compensate??
     
  18. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    No. While heuristics can make up a large part of that, there is no replacement for a dedicated AT scanner.
     
  19. Nitrox

    Nitrox Registered Member

    Joined:
    Aug 11, 2003
    Posts:
    64
    Location:
    Ontario, Canada
    If you have VSE 8 as a backup scanner along with KAV as on access, you must disable Mcafee Shield or you will have one heck of a time booting up or even using the computer.
    You have to disable the shield service even if you are not running the on access monitor.
     
Loading...
Thread Status:
Not open for further replies.