In non-corporate high-exposure environments: I've come across quite a few new variant malware that weren't being detected by any AV installed or at my disposal (I typically offline clean with ESET and Kaspersky, followed-up with Malwarebytes) - but when I uploaded the new suspect files to Virus Total, the *only* positive response from all the AV vendors checked came from Sunbelt/Vipre.
So, in these cases, the only *two* products detecting and cleaning the new malware were Malwarebytes and Sunbelt. Sunbelt being the only *AV* vendor detecting anywhere near the same malware as Malwarebytes. Of course, YMMV. -- ME2 On Mon, Mar 14, 2011 at 9:45 AM, Dave Mattingly < [email protected]> wrote: > Good Afternoon, > > > > We recently changed from eSet NOD32 to Shavlik Netch Protect. It uses the > Sunbelt Vipre AV engine. Solved my patch/AV/Malware issues (majority) all > through one app. I agree with supplementing with Malware Bytes or another > malware scanner just to be safe. I understand GFI is incorporating the Vipre > engine in their upcoming patch management product release . These sites are > pretty good for measuring month to month performance of the different > products. Personally I like virusbtn.com. > > > > http://www.virusbtn.com/index > > > > http://www.av-test.org/ > > > > http://www.av-comparatives.org/ > > > > Best Regards, > > Dave > > > > > > > > Dave Mattingly > MIS Director > > Phenix Research Products > > TEL 800.767.0665 ext 187 > > [email protected] > > www.PhenixResearch.com <http://www.phenixresearch.com/> > > > > *Save a Tree & Keep up on New Products!* > > Check out our eco-friendly electronic Research > Quarterly<https://www.phenixresearch.us/catalogs/CurrentCatalog/index.html> > ** > > *It reads like a magazine, has search functionality and a very brief load > time.* > > > > > > > > > > *From:* Kramer, Jack [mailto:[email protected]] > *Sent:* Monday, March 14, 2011 10:54 AM > > *To:* NT System Admin Issues > *Subject:* Re: Antivirus Vendor Replacement > > > > VIPRE catches a lot of infection attempts too, either through known > malicious EXEs or through infected PDFs. It definitely doesn't get all of > them but I've been happy with the performance. > > > > ---- > Jack Kramer > Computer Systems Specialist > University Relations, Michigan State University > w: 517-884-1231 / c: 248-635-4955 > > > > *From: *Jim Holmgren <[email protected]> > *Reply-To: *NT System Admin Issues <[email protected]> > *Date: *Mon, 14 Mar 2011 08:42:10 -0400 > *To: *NT System Admin Issues <[email protected]> > *Subject: *RE: Antivirus Vendor Replacement > > > > Sophos is constantly catching variants of “Fake AVs” in our environment. > Not saying it catches all of them, but I definitely see it catching a lot of > them. > > > > > > Jim Holmgren > > Senior Manager, Infrastructure Services > > XLHealth Corporation > > The Warehouse at Camden Yards > > 351 West Camden Street, Suite 100 > > Baltimore, MD 21201 > > 410.625.2200 (main) > > 443.524.8573 (direct) > > 443-506.2400 (cell) > > www.xlhealth.com > > > > > > > > > > *From:* HELP_PC [mailto:[email protected] <[email protected]>] > *Sent:* Monday, March 14, 2011 1:19 AM > *To:* NT System Admin Issues > *Subject:* R: Antivirus Vendor Replacement > > > > I really didn't find any AV that catches in advance Fake AVs. (And I didn't > really try if Malwarebytes catches them besides cleaning) > > > > *GuidoElia* > > *HELPPC* > > > > > ------------------------------ > > *Da:* James Hill [mailto:[email protected]<[email protected]>] > > *Inviato:* domenica 13 marzo 2011 23.30 > *A:* NT System Admin Issues > *Oggetto:* RE: Antivirus Vendor Replacement > > How I wish that was always the case. I really like MSE but I’ve seen it > get hosed plenty of times by “Personal Antivirus” and its many other forms. > Malwarebytes seems to always clean them up though. > > > > *From:* Rod Trent [mailto:[email protected] <[email protected]>] > > *Sent:* Saturday, 12 March 2011 4:34 AM > *To:* NT System Admin Issues > *Subject:* RE: Antivirus Vendor Replacement > > > > Wow…it’s been a long time since I’ve had to use Malwarebytes – even when > supporting friends’ or family PCs these days. > > > > Anymore, someone calls with some crazy Trojan or virus, I tell them to > download and install Microsoft Security Essentials on their own and it takes > care of it, and keeps them safe. > > > > *From:* Micheal Espinola Jr > [mailto:[email protected]<[email protected]>] > > *Sent:* Friday, March 11, 2011 1:15 PM > *To:* NT System Admin Issues > *Subject:* Re: Antivirus Vendor Replacement > > > > Whatever you get/use, suppliment it with registered Malwarebytes. > > -- > ME2 > > > > > > > > On Fri, Mar 11, 2011 at 7:59 AM, Weatherford, Chad <[email protected]> > wrote: > > We are looking to replace our current AV (McCrappy Total Protection for > Endpoint) with something that is more light weight AND catches all of the > bugs. I was pretty excited about Trend and LANDesk’s Kaspersky engine…until > either testing or listening to SE’s describe the product. > > > > I would appreciate any and all feedback on the AV vendor you use and if you > recommend them. > > > > > > > > *Chad Weatherford* | Network/Security Administrator | *Shoe Carnival, > Inc. **| *(:812.867.8314 | 7: 812.471.9866 | *: *[email protected]* > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > > CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole > use of the intended recipient(s) and may contain confidential and/or > protected health information. Under the Federal Law (HIPAA), the intended > recipient is obligated to keep this information secure and confidential. Any > disclosure to third parties without authorization from the member of as > permitted by law is prohibited and punishable under Federal Law. If you are > not the intended recipient, please contact the sender by reply e-mail and > destroy all copies of the original message. > > NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para > uso exclusivo del (los) destinatario (s) y puede incluir informaci?n > confidencial y/o informaci?n de salud protegida. La Ley Federal (HIPAA) > establece que el destinatario est? obligado a mantener la informaci?n > confidencial y sequra. HIPAA proh?be y castiga cualquier divulgaci?n a > terceras personas sin autorizaci?n del afiliado o permitido por ley. Si > usted no es el destinatario, redirija esta mensaje al remitente, y destruye > cualquier copia existente del mensaje original. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
