| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 18258 | 2002-04-21 09:03:00 | McAfee Viruscan 6 Support : HELL : See Transcript | Guest (0) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 44943 | 2002-04-21 09:03:00 | Well, what a wasted weekend with McAfee support. Check out this transcript and put McAfee to the bottom of your list for Anti-Virus software! What a pile of steaming %^&*. POP3 scanner component fails to trap EICAR.... here goes.. This is the transcript from the 4th support call.. You have been connected to Ross D.. Roy Tempero: hello Ross Ross D.: Thank you for holding, my name is Ross. I am the escalations supervisor. I am happy to assist you with your issue at this time. Ross D.: Could you please tell me what your issue is? Roy Tempero: EMAIL/DOWNLOAD SCANNER Component Fails to trap EICAR Ross D.: Roy, I apologize for the inconvenience you have been experiencing. Ross D.: Using your mouse, please right click on the Vshield icon located on the bottom of the screen by the clock. Then select 'about' from the menu. What version is listed at the top next to the OK button? Also, what is the Virus definition number and Scan engine? Roy Tempero: Well its the original as came with the CD now..standby Roy Tempero: V6.01.1008, Defs:4.0.4163, 4.1.40 Engine Ross D.: Have you installed any previous versions or other virus scan software on this system? Roy Tempero: Yes, when i originally reported this problem the machine had been reinstalled clean from the Compaq Quickrestore CD and the Windows patches applied, then the V6 installed and all patches applied. Roy Tempero: Then I was instructed to REPAIR, then after that to UNINSTALL/REINSTALL Roy Tempero: I have been going round in circles with this thing and it clearly will never work. Roy Tempero: I believe u need to patch the product Roy Tempero: Has this been QAed with OE6 on W98SE with all Microsoft patches? Ross D.: No, there is no known issue in that regard. Ross D.: What eicar file did you download? Roy Tempero: I created the EICAR.COM and stopped VIRUSCAN, sent it then started VIRUSCAN and received it Roy Tempero: that is my benchtest Roy Tempero: it is detected by the On-Access scanner on Open/Save but it should be trapped by the Email/downkoad scanner on POP3 incoimg Roy Tempero: It shouldnt hit the message store should it! Ross D.: Based on the information you have provided, I can now provide the steps that should resolve your issue. If at any time there is something you do not understand, will you please stop me and let me know? Roy Tempero: please dont tell me to reinstall or repair tho ok? Ross D.: Roy, the on access system scan is functioning and has detected this test virus, therefore VirusScan is at full functioning. Roy Tempero: Sorry, I cant see how this should be so.. the doc does not reflect this at all. Roy Tempero: When I disable the email/download scan the results are the same, it is trapped by the on-access scanner Roy Tempero: what is the point of having a email/dowload scanner id it doesnt work ? Roy Tempero: the customer haspaid for this functionality Ross D.: The system scan is the core scanning facility of virusscan and is functioning to resolve virus issues. Roy Tempero: yes, I agree but that is the last defence isnt it Roy Tempero: the email scanner is supposed to stop it even getting intoth email store Roy Tempero: this product is supposed to scan at many levels Ross D.: Email scan only scans the emails, it does not scan the attachments, system scan does that when you open or save the attachments. Roy Tempero: including SMTP & POP3.. POP3 scanning in this case doesnt work Roy Tempero: It is my understanding that from reading the product doc that it does do POP3 ..thats what it says ! Roy Tempero: please see pg26 Roy Tempero: under EMAIL SCAN... its says ATTACHMENTS Roy Tempero: Dowload Scan says this too! Roy Tempero: This is lies Roy Tempero: False advertising Ross D.: This is when the System scan feature comes into affect, Roy. Ross D.: Do you have any further questions regaring this specific issue? Roy Tempero: I want a transcript please Roy Tempero: how do i escalate this further Ross D.: You will get the option to save this chat when you end session, Roy. Roy Tempero: and escalation ? Ross D.: I will need to tranfer you to someone who has the resources to take this issue further. Lucian S. has entered the session. Roy Tempero: Yes, I would suggest that this should be taken further.. Lucian S.: Thank you for holding, my name is Lucian. I am the escalations supervisor. I am happy to assist you with your issue at this time. Roy Tempero: Hello Ross D. has left the session. Roy Tempero: Are you familiar with this product V6 and its scanner functions? Lucian S.: Yes Roy Tempero: Why then does the email scanner not trap POP3 traffic as per the doc Roy Tempero: pg .26 Getting Started Lucian S.: infected POP3 traffic ? Roy Tempero: yes, EICAR for example Lucian S.: the traffic would get trapped if there were files that were infected Roy Tempero: yes, it should but it doesnt withthis OE6 install Lucian S.: Which Eicar file did you use to test your software ? Roy Tempero: EICAR.COM as per the instructions Roy Tempero: it gets trapped by the ON-ACCESS scanner as I have explained many times but it should get trapped by the email/download scanner Lucian S.: Did you email the file ? Lucian S.: or download it ? Roy Tempero: email Lucian S.: And when did the on-access scanner detect the file ? Roy Tempero: Also I have noticed that the EMAIL stats TAB are greyed out when checking the STATUS Roy Tempero: ON-ACCESS detects on OPEN/SAVE Lucian S.: Then it is doing its job Roy Tempero: Download Scanner stats are there however. Lucian S.: Please double click the Vshield icon Lucian S.: Click on Pick a task Lucian S.: Click on Change my Virusscan settings Roy Tempero: no its not. its supposed to trap it before it hits the message store isnt it? Lucian S.: Click on Configure Vshield background scanning Lucian S.: No, in your email inbox, it will not alo you to open or save the file if it is infected Lucian S.: allow Roy Tempero: sorry ? Roy Tempero: I can opoen the email and try to open/save the attachment Lucian S.: Virusscan would be scanning when you do that Roy Tempero: why does the product not behave any differntly with email/dowload scanning disabled Roy Tempero: it still traps the atachement on open/save via the On-Access Scanner Roy Tempero: so whats the point of the email scanner ! Lucian S.: Because most of the scanning is done by System scan Roy Tempero: well it doesnt do pop3 does it. Lucian S.: Download and email scans the downloads and emails Lucian S.: When you Open or save the downloads and emails, system scan scans Roy Tempero: well what is supposed to happen when Download & email scans the downloads and emails then ? Roy Tempero: answer:nothing Lucian S.: It scans the emails and downloads Roy Tempero: there is no difference in using this product with it enabled or disabled Roy Tempero: scans them and does what ? Roy Tempero: answer:nothing Lucian S.: When you try to open or save them, system scan does the scanning Roy Tempero: so what use is the email scanner if it doesnt trap pop3? Roy Tempero: so far, HAWK doesnt work, EMAIL doesnt work...you mean only the base scanner works. Lucian S.: Hawk only works with Microsoft Outlook Lucian S.: It doesn't scan Roy Tempero: yes, I've gathered that. Lucian S.: it only monitors the program Roy Tempero: i know its an outbreak manager Roy Tempero: sort of thing Roy Tempero: i think i know this product real well now.. if only it worked properly. Roy Tempero: how do we escalate this call to someone who check this ? Lucian S.: The program does work so why do you need your issue escalated ? Roy Tempero: because the POP3 scanner DOES NOT TRAP THE INFECTION Lucian S.: As long as the system scan does not allow you to save or open the infected file it's ok Roy Tempero: Because the customer paid for a POP3 scanner that should work! Roy Tempero: ITS NOT OK...CUSTOMER PAID FOR A POP3 SCANNER! Roy Tempero: Please give me a CASE ID and escalation. Lucian S.: 890873 Roy Tempero: Thanks Lucian Roy Tempero: I will pass this on if you dont mind Lucian S.: No problem Roy Tempero: I want to exit and save this transcript .. please email to me Lucian S.: Is roy.pat@paradise.net.nz the correct email address ? Roy Tempero: yes, thats fine Roy Tempero: thank you for your time. Lucian S.: My pleasure Lucian S.: Goodbye and thank you for using Chat |
Guest (0) | ||
| 44944 | 2002-04-21 11:13:00 | I have mcafee virusscan 6.0 Looks like to me that the reason that it is not detecting the virus is because that definition is old '4.0.4163'. Mcafee is up to 4.0.4197 now and they relese defs about every week or so. so that def is atleast 6 months old and ALOT of viruses get created in that time --- try updating the definition file- virus scan should do this automaticly when you are connected to the net. |
Guest (0) | ||
| 44945 | 2002-04-21 20:45:00 | Umm.. Nope.. The Virus Scan Defs WERE up-to-date until they asked me to UNISTALL/REINSTALL. I couldnt be ars** updating them before I opened a new call (for the 4th time) because the results were the same updated/not updated. Stephan. |
Guest (0) | ||
| 44946 | 2002-04-21 21:00:00 | Tim, Can u do a simple test for me ? Do you know what EICAR is ? What OS, Outlook, IE do u have ? Let me know and I'll give u instructions for the test! Stephan |
Guest (0) | ||
| 1 | |||||