tag:blogger.com,1999:blog-9518042.post4732565563223959687..comments2024-03-19T07:46:20.437-05:00Comments on Windows Incident Response: Issues with AVUnknownnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-9518042.post-87194970126712892432008-12-09T22:47:00.000-05:002008-12-09T22:47:00.000-05:00I've commented here and elsewhere about this issue...I've commented here and elsewhere about this issue. I think that I cited VirusList, too, particularly the Vgrep feature. From my side of the fence, it's difficult to exhaust defenses when documentation is so lacking. McAfee does a pretty good job of providing indications of infection, at least for its versions of a threat. One thing I'm doing is running suspect machines in a VM and launching the AV tool to see exactly what's been done historically. It's also easier to examine other defenses in a virtual environment.Anonymousnoreply@blogger.com