locked
Forefront Client vs Antivirus XP 2008 RRS feed

  • Question

  • Hi,

    In my company we use Forefront Client as the main anti-virus/anti-malware tool for our windows xp clients.

    Unfortunately, some of these clients got infected by the Antivirus XP 2008 spy/malware even though they had the Forefront client installed and updated.

    Does anyone else have this problem that Forefront does not protect the client from being infected by this specific virus or are we doing something wrong in our security policy?

    Regards,

    Mark
    Wednesday, October 8, 2008 6:24 AM

All replies

  • Call microsoft support and tell them. They will help you right away. This could be an alterd/custom version of the malware which no antimalware would have detected.
    Have you executed a full scan on these computers?

    If you have a sample of the malware you can also submit it ta their portal:
    https://www.microsoft.com/security/portal/submit.aspx

    /johan

    Forefront MVP, MCSE | www.msforefront.com
    Wednesday, October 8, 2008 2:48 PM
  • I've noticed that only a few antivirus suites will catch Vundo, which is what xp av2008 is, that and many other rogue antiviruses.  Malwarebytes catches it, but what really does a good job at killing Vundo and av360 is Combofix.  How good is Forefront at killing these now?  And what about Gen.Zlob? I haven't found anything that really does a good job at killing Zlob yet. 
    Thursday, March 19, 2009 9:30 PM
  • If Virus , get in it might related to many things, you should investigate more by view log files or create investigate.

    The user might turn off Forefront for a while or some other reason, you have to review those clients and see what went wrong.

    Contacting support is a good option to help you with that.

    About unknown or new virus, you also could contact support and also submit sample to:

    https://www.microsoft.com/security/portal/Submission/Submit.aspx

    For more analyze.

    Friday, July 16, 2010 8:14 AM