McAfee® VirusScan® Enterprise protects your desktop and file servers from a wide range of threats, including viruses, worms, Trojan horses, and potentially unwanted code and programs. McAfee® VirusScan® 8 takes anti-virus protection to the next level, integrating elements of intrusion prevention and firewall technology into a single solution for PCs and file servers. This powerful combination delivers truly proactive protection from the newest of today’s threats-including buffer - overflow exploits and blended attacks - and features advanced outbreak management responses to reduce the damage and costs of outbreaks. Everything is managed by McAfee ePolicy Orchestrator® or ProtectionPilot™ for scalable security policy compliance and graphical reporting.

Key Benefits :
• Integrated firewall and IPS technology - Addition of firewall and intrusion prevention technology delivers maximum proactive protection in a single, integrated package
• Enhanced coverage for emerging threats - VirusScan provides protection from the newest potentially unwanted program security threats (e.g., spyware), application-specific buffer overflow attacks, and blended attacks
• Lowered TCO during outbreak response – Advanced outbreak functionality closes the window of vulnerability before DAT files are available, limiting damage by blocking the entrance and spread of the outbreak
• McAfee scanning technology – Award-winning McAfee scan engine performs in-memory scanning to block threats such as Netsky and CodeRed, which don’t write their code to disk
• Centralized management and reporting – Integration with McAfee ePolicy Orchestrator and ProtectionPilot provides a complete security management solution, including detailed graphical reporting, from a single console

Product Features:
• Comprehensive McAfee anti-virus protection
• Potentially unwanted program security
• Buffer overflow prevention (IPS feature)
• Complete outbreak response
• Port blocking/lockdown (firewall feature)
• Application monitoring: email engines (firewall feature)
• File blocking, directory lockdown, folder/share blocking (IPS feature)
• Infection trace and block
• Powerful memory scanning
• Centralized management and reporting
• Enhanced email scanning
• Protection from threats that use scripts
• Optimized for mobile users

Beta product testing: The beta version of this product is available for use until the beta product license expires on November 30, 2008.

New features:
- Support for Microsoft Windows Server 2008
This release provides support for Windows Server 2008 (Longhorn).
- Architectural changes
VirusScan Enterprise incorporates some significant architectural changes that affect the manner in which the VirusScan Enterprise 8.7i core components work. These changes result in greater security benefits to customers, including:
* Better rootkit detection and cleaning without system restart — Safe memory patching, better IRP repair support at the system core, and the ability to read locked files at the kernal level provide better rootkit detection and the ability to clean detections without restarting the system.
* On-access scan performance improvements during system startup — A new boot cache process improves on-access scan performance during system startup.
* Greater self-protection — The self-protection feature has been enhanced to protect against a wider range of mal-processes that can terminate McAfee processes. This provides greater VirusScan Enterprise self-protection and product stability.

- Real-time malware protection
A new feature, Heuristic network check for suspicious files, provides customers with real-time detections for malware.
* This feature uses sensitivity levels that can be configured, based on your risk tolerance, to look for suspicious files on your endpoints that are running VirusScan Enterprise 8.7i.
* When enabled, this feature detects a suspicious program and sends a DNS request containing a fingerprint of the suspicious file to McAfee Avert Labs, which then communicates the appropriate action back to VirusScan Enterprise 8.7i.
* The real-time defense feature also provides protection for classes of malware for which signatures might not be available.
* This protection is in addition to the world-class DAT-based detection VirusScan Enterprise has always provided. The user experience remains the same and no additional client software is required.
* In this release, this feature is available only for on-demand scans and email scanning and is disabled by default. You must select a sensitivity level to enable the feature.

- Performance improvements
* New scan deferral options improve local control of on-demand scans, including the ability to defer scans when using battery power or during presentations. One option can be configured to allow end users to defer scheduled on-demand scans for the increment of time you specify. You can specify hourly increments up to twenty-four hours, or forever.
* Enhanced system throttling now includes registry and memory scanning in addition to file scanning.

- Improved email scanner
The email scanner now supports double-byte and multi-byte languages. This improves detection reliability.
- Buffer overflow protection exclusions by API
The ability to specify buffer overflow exclusions by API was removed from VirusScan Enterprise 8.5i, but has been reinstated for the VirusScan Enterprise 8.7i release. The API exclusion name is case-sensitive.
- On-access scanner — Scan processes on enable
A new feature, Scan processes on enable, scans processes that are already running when the McShield service becomes enabled. This means that when the McShield service starts, the scanner examines any process that is already running and any process as it is launched.
- On-demand scan usability improvements
When initiating an on-demand right-click scan, you can now choose an action to take on items detected by the scan. These options are available:
* Clean — Report and clean the detection.
* Continue — Report the detection and continue scanning.

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.
New releases of Stinger contain all families, and associated families, of threats that have achieved a Medium of higher Risk Asssessment. This Stinger is only updated upon the discovery of a new Medium or higher threat.

This version of Stinger includes specific detection and repair for W32/Polip only. At this time, because of the nature of the infection algorithm, repair of files infected with W32/Polip may not return the files to their pristine, pre-infected state, and can cause problems with self-checking applications.

Stinger includes detection for all known variants:
-W32/Anig.worm, -W32/Bagle, -Exploit-DcomRpc, -Exploit-Lsass,
-IRC/Flood.ap, -IRC/Flood.bi, -IRC/Flood.cd, -PWS-Narod,
-W32/Sdbot.worm.gen, -BackDoor-JZ, -BackDoor-AQJ,
-BackDoor-CFB, -Backdoor-CEB, -Bat/Mumu.worm; -IPCScan;
-NTServiceLoader; -PWS-Sincom.dll; -W32/SQLSlammer.worm;
-W32/Bagle.bf - .bg@MM; -W32/Bagle.bl@MM; -W32/Bagle.bj - .bk@MM;
-W32/Bagle.bi - bn@MM; -W32/Bagle.dldr; -W32/Bagle.bo - bt@MM;
-W32/Bagle.cc - .dd; -W32/Blaster.worm; -W32/Bropia.worm.a - .p;
-W32/Bropia.worm.bx/by; -W32/Bropia.worm.q - .u;
-W32/Bropia.worm.q - aj; -W32/Bugbear@MM; -W32/Bugbear.j@MM;
-W32/Deborm.worm.gen; -W32/Dumaru; -W32/Dumaru.bd - bg@MM;
-W32/Elkern.cav; -W32/Fizzer.gen@MM; -W32/FunLove;
-W32/IRCBot.worm; -W32/Klez; -W32/Lirva; -W32/Lovgate;
-W32/Lovgate.aq@MM; -W32/Lovgate.ar@MM; -W32/Korgo.worm;
-W32/Korgo.worm.aa.dam; -W32/Korgo.ag - .ai; -W32/Korgo.worm.ae;
-W32/Korgo.worm.aj; -W32/Mimail; -W32/MoFei.worm; -W32/Mumu.b.worm;
-W32/Doomjuice.worm; -W32/Mydoom; -W32/Mydoom.ad - .ah@MM;
-W32/Mydoom.an@MM; -W32/Mydoom.ao - bb@MM; -W32/Mydoom.bc - bd@MM;
-W32/Mydoom.be@MM; -W32/Mydoom.bf - bi@MM; W32/Mydoom.bw@MM;
-W32/Nachi.worm; -W32/Netsky; -W32/Netsky.ag@MM; -W32/Nimda;
-W32/Nimda.u@MM;-W32/Bagle.ba - .bd@MM, -W32/Bagle.bh - bm@MM;
-W32/Netsky.ah - .ai@MM, -W32/Pate; -W32/Pate.d; -W32/Sasser.worm;
-W32/Sasser.worm.g; -W32/SirCam@MM, -W32/Sobig; -W32/Sober;
-W32/Sober.j@MM, -W32/Sober.k@MM, W32/Sober.l@MM;
-W32/Sober.m - .p@MM; W32/Sober.r@MM; -W32/Swen@MM; -W32/Yaha@MM;
-W32/Zafi; -W32/Zafi.c@MM; -W32/Zafi.d@MM; -W32/Zafi.e@MM;
-W32/Zindos.worm; - W32/Zobot.worm

Windows ME and XP utilize a restore utility that backs up selected files automatically to the C:\_Restore folder. This means that an infected file could be stored there as a backup file, and VirusScan will be unable to delete these files. You must disable the System Restore Utility to remove the infected files from the C:\_Restore folder.

Enforce and monitor your system's security. Coordinate your defense against malicious threats and attacks with McAfee® ePolicy Orchestrator®. As your central security management hub, it helps you keep protection up to date; configure and enforce protection policies; and monitor security status. Do it all from one centralized console.

McAfee ePolicy Orchestrator is the industry leading system security management solution, delivering a coordinated, proactive defense against malicious threats and attacks for the enterprise. As the central hub of McAfee System Protection Solutions, administrators can mitigate the risk of rogue, non-compliant systems, keep protection up-to-date, configure and enforce protection policies, and monitor security status, 24/7, from one centralized, enterprise-scalable console.
ePolicy Orchestrator make it easier for your IT staff to enforces compliance and updates. Manage your enterprise-wide protection using anti-virus, anti-spyware, system firewalls, host IPS, and content filtering. ePolicy Orchestrator also checks for critical Microsoft® patches, pinpoints virus sources, and remediates security problems quickly.

Benefits:
- Enforce compliance and updates. Manage policy compliance and updates and lower the risk of noncompliant systems compromising your security
- Comprehensive security management. Handle all your enterprise-wide system protection with this centralized management infrastructure. It covers anti-virus, anti-spyware, host IPS, content filtering, and Microsoft® patch assessment
- Find noncompliant systems. Identify noncompliant systems that increase your risk of vulnerability and infection
- Assess Microsoft patch compliance. Audit your current patch rollout processes and make sure you've applied the latest patches; ePolicy Orchestrator informs you about your exposure to new exploits and vulnerabilities
- Monitor security all day, every day. Stay on top of your security status 24/7, evaluate your policy status, and find your network's vulnerabilities from one centralized console

Product Features:
- Noncompliant system detection. Lower your risks due to noncompliant systems; ePolicy Orchestrator alerts you when such systems are connected to your network
- Patch compliance and reporting. Search for a file, service, registry key, or specific Microsoft patch; monitor compliance by viewing detailed graphical reports
- Virus tracking and notification. Track new anti-virus security updates every hour and deploy them to appropriate systems; ePolicy Orchestrator does it all without anyone's intervention
- Automatic and fast global updating. Distribute updates efficiently and quickly, so that you can respond

McAfee.ePolicy.Orchestrator.v4.0.0.Patch3.Only-DVT

hey man...it worked...thanks a ton....

All my thanks Nawainruk, really *gives a cookie*.

I hope i can make the request here: can you upload in this topic Mcaffe Total Protection 2009? This would be a great gift! If not, don't worry and thanks anyway. Take care

McAfee AVERT Stinger Conficker 10.0.1.551

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

In the run up to April 1st, McAfee is offering a special build of its stand-alone cleaning tool christened Stinger which will be updated on a daily basis to include any undetected Conficker variants from the wild. Please ensure that your copy of Microsoft Windows is patched and security software is fully up to date to ensure that April 1st 2009, is a day like any other day!

W32/Conficker.worm attacks port 445, Microsoft Directory Service, exploiting MS08 - 067.
MS08 - 067 is an exploit similar to MS06 - 040, which we first saw a couple of years ago.

W32/Conficker .worm attack symptoms:
• Blocks access to security - related sites
• User lockouts
• Trafic on port 445 on non - Directory Service (DS) servers
• No access to admin shares
• Autorun.inf files in recycled directory

Thanks for posting.

thanks !

thanks

thanks