Not sure if Defender would have caught this but I have an
observation:
A client who has NOD32 ver 3.0 with the latest updates was infected by
an old Bagle variant which was easy to spot in the registry. Manual
scanning of the infectious file with NOD32 did not show anything.
The [always useful] F-secure online scanner at:
http://support.f-secure.com/enu/home/ols.shtml
picked it up as:
http://www.f-secure.com/v-descs/bagle.shtml
The worm is old and even though it wasn't sending out copies, was
listening on port 6777. I have seen this behaviour with NOD32 against
far more dangerous malware in the past few months.
-----Original Message----- From: Micheal Espinola Jr
[mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>]
Sent: Thursday, August 14, 2008 12:00 PM To: NT System Admin Issues
Subject: Re: Windows Defender or some other antivirus/anti spyware
solution?
I have to disagree. The price of free is not worth the suckfest that
you operate under the false-sense of security with.
I've repaired enough compromised systems to validate the "free" price
tag of anything. NOD32 and Spybot Search and Destroy (with TeaTimer
running) FTW.
If you are only going to run free stuff, dont use IE. Use Firefox
with AdblockPlus and NoScript addons installed.
On Wed, Aug 13, 2008 at 4:08 PM, Troy Meyer
<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
wrote:
OK I realize we all hate Microsoft and that their products are
the worst thing since losing the Gymnastics gold medal, but for the
price of *FREE* Defender does a good job at finding and removing some
malware.
-- ME2
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
