Corporate Anti-Virus suggestions.

[charleh]

Hi,

We're using Symantec Corporate 9.03 here but I get the feeling that
it's not performing as well as it could be.

We've had 2 Trojans fly around the network here bought in by laptop
users and on both occasions the network has degraded to a halt.
YPager.EXE and ntsf.exe / explorer1.exe have both been the culprits
(no we don't allow messaging of any kind on company equipment) but SAV
hasn't found anything.

Only after long investigation have we managed to find the cause and
get rid of these processes manually.

Can anyone suggest another product that would be considered the best
(well, as good as it gets). I'm thinking Sophos or EZ Trust.

TIA for any suggestions.

 

[Morgan Pugh]

Hi,

We're using Symantec Corporate 9.03 here but I get the feeling that
it's not performing as well as it could be.

We've had 2 Trojans fly around the network here bought in by laptop
users and on both occasions the network has degraded to a halt.
YPager.EXE and ntsf.exe / explorer1.exe have both been the culprits
(no we don't allow messaging of any kind on company equipment) but SAV
hasn't found anything.

Virus names would be more helpful than filenames. Also how is SAV
updating? Laptops are the worst systems for staying up to date with AV
defs as they can go for several days/weeks/months without being
connected to update. I am assuming you have an internal repository, if
so is the laptop connecting to it correctly to get the updates?

Only after long investigation have we managed to find the cause and
get rid of these processes manually.

How did you detect them? Did you use any other AV software? If so
which software? Also how did you get rid of the processes manually?
Have you scanned the system with another AV product (I recommend NOD32
as it is fast and has excellent detection). For a corporation I always
recommend they purchase a couple of licenses of another AV product to
double check, after all no product is perfect.

Can anyone suggest another product that would be considered the best
(well, as good as it gets). I'm thinking Sophos or EZ Trust.

NOD32 and McAfee VirusScan Enterprise 8.0i are very good antivirus
solutions for corporations.

TIA for any suggestions.

No problem.

 

[lee]

Hi,

We're using Symantec Corporate 9.03 here but I get the feeling that
it's not performing as well as it could be.

We've had 2 Trojans fly around the network here bought in by laptop
users and on both occasions the network has degraded to a halt.
YPager.EXE and ntsf.exe / explorer1.exe have both been the culprits
(no we don't allow messaging of any kind on company equipment) but SAV
hasn't found anything.

The problem you describe isn't going to disappear just because you
switch software. You need to have some policies that address how to keep
employees from bringing infected media onto a network. Trojans aren't
always easily detected, even with updated signature files. Neither
Sophos nor EZ Trust are going to guarantee you a Trojan free network.
I'd work on stopping infected media from having access to your network,
first. If you just can't solve that problem, then I'd look at both a
network virus defense strategy (e.g.,Trend Micro) and possibly desktop
protection (application/component control, e.g., ISS).

Only after long investigation have we managed to find the cause and
get rid of these processes manually.

Sometimes that's the only way to get rid of a trojan, once it's in memory.