11-27-2014 05:31 AM
Dears,
I found that McAfee AV doesn't scan RAR files for viruses, even test virus cant clean it, however sophos can clean it, below is an example
7 Nov 2014 15:00:06 (GMT +02:00) | Message 329833 scanned by Anti-Virus engine McAfee. Interim verdict: CLEAN |
---|---|
27 Nov 2014 15:00:06 (GMT +02:00) | Message 329833 scanned by Anti-Virus engine Sophos. Interim verdict: REPAIRED |
27 Nov 2014 15:00:06 (GMT +02:00) | Message 329833 scanned by Anti-Virus engine. Repaired message parts: 'EICAR-AV-Test' |
27 Nov 2014 15:00:06 (GMT +02:00) | Message ID 329833 rewritten to new message ID 329834 by antivirus. |
12-05-2014 07:31 AM
Can someone from cisco Help,
this is a critical bug for all the customers that are running IronPort with Mcafee AV
12-05-2014 11:54 AM
Bechara, from memory not all anti-virus vendors detect Eicar as it's a virus only by convention. Leaving aside the RAR compression and the question of whether the IronPort McAfee module can handle Eicar, can an ordinary desktop installation of McAfee spot it?
If your end-users don't need RAR-compressed archives, simply block or drop RAR attachments. We do.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide