Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What AV did you change to is you were using Symantec AV?

Status
Not open for further replies.

Ceez

MIS
Oct 30, 2008
101
US
Hello everyone.

I know that this is a popular question, which is the best/better AV out there and the main response is to check out the av comparative website.

I looked at the website but I also would like to know what you use and does it work for you. And if you got fed up with the low quality detection/prevention of symantec; what did you change to?

I for one is tired of AV allowing spy/junk/fakeware on our systems by our trusty smart end users. We keep our defs up to date but it just means nothing to sav. Example, the owner of the company got infected with trojan.fakeavalert; sav spits out warning notifications (430) of the them along with quarantined successfull notifications but it's too late, the junkware is in there, sav wont run, no other spyware sw will run and the windows shell is just all screwed up. Not to mention that not even the sav console displayed that his computer was infected!!!

Now i am stuck in rebuilding his laptop because the sw that we push to renew every year for a premium lets us down and makes IT look like fools.

sorry for the rant, but what do you use and how good does it work for you?

thanks for your input.
 
Well, what you could do is take a multi-faceted approach to protection.

At home, I use these:

AVG primiarily, though I am leaning more towards Antivir since it has such amazingly high detection rates for antivirus. The false positives with Antivir are the only things keeping me from making a full shift move from AVG.
(In a business, you might want to actually look to Eset Nod32 for the antivirus portion, and then suplement with the others, below). Also, Khaspersky's all-in-one setup seems to be a good product.

Online Armor Firewall - It also has a built-in program guard. So this deal is that even if a virus gets onto the computer, Online Armor will often stop it in its tracks, and let you know it's there, by asking if you want to allow the process to run. I've seen it stop a few big annoying viruses (the fake AV products, like Antivirus 2009 Pro as an example) on at least 4 or 5 computers that I'm aware of.
(An alternative would be Comodo Internet Security)

Malwarebytes AntiMalware - good extra program to have for scanning.

SuperAntiSpyware - has active protection and scanning.

SpywareBlaster - provides protection only. But at least it uses no resources, other than when you check for updates and change settings... even then it's a light resource-usage program.

Windows Defender - if the machine is running Vista, then it's already got it. If the machine is running XP, then it's a free download from Microsoft - and does provide some active protection as well as scanning.

I used to use Norton Antivirus many years ago. At the time, I thought there was nothing better. That's before I knew about AVG and Antivir. Also, the initial reason I left Norton was b/c it started causing a couple stupid problems on my PC which I thought no AV product I paid good money for should ever cause. One was I couldn't install it and (at the time) my favorite CD burning app, Roxio Easy CD Creator. If I did, I'd get constant blue screens. I ended up switching to Nero, primarily, for burning, and AVG for Antivirus. Of late, it seems that AVG isn't as strong a contender as it has been in the past on detection rates. That's why I'm at least thinking about going with Antivir. Or if I were going to spend money, I'd go with Eset Nod32, based on the overall tests, and weighing in the false positives of Antivir.

AVG is more customizeable from what I could see so far, and the user interface is better than Antivir. It seems to me, at least, that Antivir doesn't give you a whole heap of options for things to customize in its settings. That's not necessarily a bad thing, but something to consider.

Also, it'd be good to make sure that the firewall or any enterprise-level security you have in place is up do date and sufficient for your current needs. If that piece isn't up to par, then it may not matter what you put on the machines attached to that system.

--

"If to err is human, then I must be some kind of human!" -Me
 
@kjv1611 thank you for the detailed email. I will probably be testing some of those at home.

I am primarily looking for a small business of about 150 workstations. Something that has a central remote management console and deployment.

I've read some other threads about people recommending nod32 so i might be looking into that. But i want some real world "yeah nod32 or xyz app is so much better than SAV"!!!

our enterprise sav subscription is up by the end of september and doubt that we'll be renewing it.

thanks again.
 
I've read of some others who went to something else at the enterprise level that I just can't remember right off the top of my head. If you search around the forums enough, you'll find it. If I can find any of those threads, I'll post the links here for you.

--

"If to err is human, then I must be some kind of human!" -Me
 
This one might be of interest if you do end up moving from Symantec:
thread94-1199737

--

"If to err is human, then I must be some kind of human!" -Me
 
Something that has a central remote management console and deployment."

Perhaps Sophos? Personally, I find it over-rated. This was several years ago mind, maybe a huge improvement since then.
 
Ah, Sophos - I believe that was the one I was thinking of that others had bragged about. I've never tried it, so I don't know. And actually I just thought of it, and then read manhunter2826's post. [smile]

--

"If to err is human, then I must be some kind of human!" -Me
 
I loved Sophos. It worked! Unfortunately, our CFO insists we go with something cheaper. :-(


James P. Cottingham
[sup]I'm number 1,229!
I'm number 1,229![/sup]
 
Sophos.. not perfect but better than Symantec. We got hit by a zero day exploit two years ago and I watched as Symantec got hacked by the worm. When I told Symantec this on the phone and denied it could happen and would not help us. I've pulled every piece of symantec software out of the company (2,000 users), AV, Vertias, their email archiving etc. Gone.

Home of the book "Network Security Using Linux"
 
We use Sophos and can honestly say we have not had any infected machines in over 2 years. Also use there web filtering and is very efficient.

IT Support

Comptia A+
Comptia Network +
 
Suggest you have a look at the following graph:



Clearly no tool gets it right - even eventually over time it is barely more than 90% for 'reactive detection'. However, many such infection instances are likely mostly obscure and not an emanant nor eventual threat to most systems.

Alternatively, I am more impressed by 'proactive detection' heuristics (with the least instances of 'false positives')- thus not completely depending on formal virus definitions. According to the above chart, the top three (3) reported tools with such capabilities were:

Avira
Kaspersky
Nod32
(close 2nd)

Experiences and observations:

I have recently put (testing) Avira on a resource challenged older PC (1.6Ghz 512MB ram) and on a Netbook (1.2 Ghz 512MB ram) , and love the way it behaves and performs. This replaced AVG 8.5 which was constantly and even excessively high in CPU cycle percentages for many simple applications on such equipment. I alse tried Vipre which fared no better most particularly under a Wi-Fi environment at startup and when updates were in progress.

I have not specifically loaded Kaspersky on any of my PCs because it will likely be more sluggish and resource intensive based upon extensive experience with such a tool using the online version.

With Nod32, you can easily forget it is even on your system and I have never had infection issues that make me doubt my preferred a/v tool.

Eventually, even the 'best' tool will/may fail you. But, that is why, when in doubt, it is wiser to seek a second opinion from any of numerous available online scanning tools than to vilify your current tool for an occasional, even critical, oversight. Check out the 'Failures in Detection (Last 24 Hours)' section/link and know that there is no 'holy grail' for protection:




Vince
ASAP Member (VopThis) - Alliance of Security Analysis Professionals
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
 
We ditched Norton/Symantec AV many moons ago and moved over to Sophos.

Best thing we ever did, even when I've had the odd problem or simply needed help for being a spanner.

Their support has consistently been, quick, polite, helpful and always resolved my problems. the phone is usually answered pretty quickly, their call back service works and you can always understand the person on the end of the phone!

The wife had used them for years at her two sites (70+ users) and recommended them to me.

Compared to the cost of other such as McAfee, their pricing can be very keen also.

Dont forget if you do change AV provider, tell your reseller you want a 'competitors upgrade deal', and you'll get even more of a discount ;-)

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Google Rank Extractor -> Perl beta with FusionCharts
 
First off, on sticking with antivirus, I use Antivir. AVG used to be good, but from my experience lately, it has become nearly worthless. The last time I used it, it missed 4 trojans on the computer that I knew were there. It misses more and more everyday it seems.

Also, KJV, exactly what configs are you wanting that antivir does not have? As I always found it detailed in configuring. Just curious

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
electronicsfreak,

On Avira Antivir, it is a little trick finding the management options, but I've been finding them much better since using them on all my PCs, and installing Avira on others. It took me a while, but I think I've now found everything. Thanks for asking, though.

--

"If to err is human, then I must be some kind of human!" -Me
 
n/p, glad you found them.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top