Prev: Get protection from prying eyes
Next: What exactly is "The Metasploit Project" ?
From: BadBoy House on 22 Dec 2009 10:53
We use Panda Managed Office Protection on our network. Yesterday one
of our workstations became infected with a mass-mailer worm. We
quickly identified the infected computer and took it off the network.

First of all we ran 2 full Panda scans. All that Panda found was a
handful of tracking cookies. Nothing else.

We then ran a full MalwareBytes Anti-Malware scan. This found 2
trojans and 1 rootkit.

Obviously we're concerned that the security software we use as a
business (and pay a great deal of money for) didn't detect the trojans
or the rootkit.

It seems that perhaps we're not using the best business anti-virus
software.


Has anyone else encountered similar issues?
From: David H. Lipman on 22 Dec 2009 16:10
From: "BadBoy House" <mrchrishouse(a)googlemail.com>

| We use Panda Managed Office Protection on our network. Yesterday one
| of our workstations became infected with a mass-mailer worm. We
| quickly identified the infected computer and took it off the network.

| First of all we ran 2 full Panda scans. All that Panda found was a
| handful of tracking cookies. Nothing else.

| We then ran a full MalwareBytes Anti-Malware scan. This found 2
| trojans and 1 rootkit.

| Obviously we're concerned that the security software we use as a
| business (and pay a great deal of money for) didn't detect the trojans
| or the rootkit.

| It seems that perhaps we're not using the best business anti-virus
| software.


| Has anyone else encountered similar issues?

All the time.

Many times you'll find one anti malware scanner will catch what another may miss.

Maybe you might want to switch to Avira AntiVir. While no anti virus application is 100%,
Avira tends to do better than most others.

You indicated MBAM found "2 trojans and 1 rootkit.".

Please post an extract of that log showing the above.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


From: FromTheRafters on 22 Dec 2009 20:54
"BadBoy House" <mrchrishouse(a)googlemail.com> wrote in message
news:aa83e87c-3a1e-4c7a-86e9-da2f1e109c51(a)b32g2000yqd.googlegroups.com...
> We use Panda Managed Office Protection on our network. Yesterday one
> of our workstations became infected with a mass-mailer worm. We
> quickly identified the infected computer and took it off the network.
>
> First of all we ran 2 full Panda scans. All that Panda found was a
> handful of tracking cookies. Nothing else.
>
> We then ran a full MalwareBytes Anti-Malware scan. This found 2
> trojans and 1 rootkit.
>
> Obviously we're concerned that the security software we use as a
> business (and pay a great deal of money for) didn't detect the trojans
> or the rootkit.
>
> It seems that perhaps we're not using the best business anti-virus
> software.
>
>
> Has anyone else encountered similar issues?

Most antivirus programs have added some ability to detect trojans and
rootkits, but IMO you are better off using what I consider "best of
class" scanners. That is to say that a good AV should be complemented by
a good AM (Malwarebytes' Anti-Malware (MBAM)) and AS (Super Anti-Spyware
(SAS)) - there is much overlap, but these two together seem to be pretty
comprehensive, and a good AR (GMER Anti-rootkit) in addition to whatever
of these categories the AV you chose attempts to cover.

Even so, expect to still miss detecting some malware - none of these are
perfect and these being the best often gets them targeted by
anti-anti-malware malware (appkillers).


 | 
Pages: 1
Prev: Get protection from prying eyes
Next: What exactly is "The Metasploit Project" ?