. i need to run a series of anti-virus scans (different vendors) on my computer network to *ensure* that there is no malware. this is essential because we handle a lot of proprietary information, and any leakage is "unacceptable". is there a way to do this automatically?
ok you dont say but im gonna assume your running XP. in Windows XP ( not sure about other versions) there is a "task scheduler" in assessories-system tools. You can set up the scans there and it will run automatically. Now that starts the anti virus program ( or whatever program you want) now the thing I dont know is if it would start the actual ANTIVIRUS SCAN you may have to actually press "scan" to get it started?
The most obvious method is to use the AV vendor's sheduling utility (they all have them these days). Make sure that you allow sufficient time between each run as it is not a good idea to have two running at once.
Also remember that AVs are not particularly good at spyware and trojans so I would also use:
3. Spybot Search & Destroy
As a general principle scanning in safe mode is recommended, although this may not be possible in your situation.
Nihil makes a neccessary point about AV apps not being particularly good at picking up spyware and trojans. You might also try Panda's online scan. Panda's scan, as well as others, will pick up spyware, keyloggers, and trojans. It might also behoove you to physically check individual PCs for keylogging devices like KeyKatcher.
How big is your computernetwork?
How about a content scanner that accepts email and scans it with vendor A, if it's ok it sends it to your mailserver. On the mailserver there's a scanner vendor B. On the clients you install vendor C.
The content scanner could also be configured to not allow word documents, PDFs etc.. from leaving the company by email.
Another content scanner could filter your web traffic, preventing the malware from being downloaded. A good privilege system on the clients should ensure any malware that slipped through from being able to install.
Regarding the Panda AV scanner- I can attest that their online scanner DOES pick up things that others don't... however- when I was sufficiently impressed with their scanner enough to actually buy their "Titanium" product, I was disappointed to find that their product didn't detect the very item their scanner did! I had to manually crawl around, override permissions and kill the thing myself- Panda's software (and in their defense, NO ONE else's software) was able to see or eradicate it. Only their online scanner. Anyone have a clue as to why this might be?
thanks for the quick response people!
the email solution is a good idea to check for email worms; but i can't use an email only solution. implementing it will definitely help.
i am currently using only symantec, but want to increase the gamut of tools i use to make sure everything is proper, because i've heard that symantec is not the best.. and i need to use a large number of a/v tools to make sure there is no breach..
i do not know the time it will take for each scan, so i can not schedule based on time alone.. is there any way of scheduling in series?
most a/v tools can be run from command line with a scan option to immediately start the scan..