Solved

free av = false security

Posted on 2014-03-28
18
486 Views
Last Modified: 2014-04-10
I read the below in http://betanews.com/2014/03/12/forced-to-use-windows-xp-past-april-10-ways-to-make-the-best-of-a-bad-situation/

i have read before in ee that some free av were just fine for residential.. but in the light of below have things started changing that free av does not pass the test?

what is the verdict of ee forum experts? if free ones are not good enough anymore, that does not mean any paid one is always good, right? the below author recommend eset..

i would appreciate your input. thanks
-----------------------
We've been able to move over 90 percent of our client base off XP at this point. Pretty impressive, but we still have our holdouts. For all these lone rangers, we have been very strict about ensuring that they are not relying on any of the free AV products (Avast, AVG, Security Essentials, etc) out there. These programs provide a false sense of security, and for a situation where a "wild west" of exploits is just about certain to erupt soon, it's silly to place all your eggs into the basket of a free AV product.
 
It's not that I have something against free antivirus. In fact, I used to recommend them back in the day when they actually did a good job. But I don't see this as being the case anymore. As I tell clients, the bad guys are too good -- and the free products just can't keep up. Aside from a few instances here or there, free products rarely breach the top 5 list of any of the major independent testing bodies, namely Virus Bulletin and AV-Comparatives.
0
Comment
Question by:25112
  • 6
  • 2
  • 2
  • +5
18 Comments
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 147 total points
ID: 39963078
I have had to rip free AV out of clients because of non stop viruses.

I always recommend a good commercial paid AV. They are not expensive at all. That makes them very much worth the money.
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 30 total points
ID: 39963093
I have gotten one virus since I first got on the internet in 1991.  The first defense against viruses is Quit Clicking on Things you Know Nothing About!!!  And don't open emails from strangers.
0
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 147 total points
ID: 39963095
I don't get viruses either. Good old fashion common sense stops viruses dead in their tracks.
0
 
LVL 34

Assisted Solution

by:Dan Craciun
Dan Craciun earned 59 total points
ID: 39963227
I've used Avast Free and Security Essentials on literally hundreds of computers over the years and had about the same amount of infections as on the computers where I had Nod32 or KAV.

The main vector of infection is the user. Let him run with too many rights (and you're forced to do that in XP) and no matter the AV, if you don't educate him, he will get adware/scareware/viruses.

AV-comparatives and VB are artificial tests that don't really say (IMO) how an AV will behave on your client's station.

HTH,
Dan
0
 
LVL 91

Assisted Solution

by:nobus
nobus earned 59 total points
ID: 39963430
i agree with Dan.
i want to add that there is no such thing as a 100% virus protection; all will eventually fail
i also have use Avast and AV free for home users -  but not for business; unless they want to do so.
i seldom see any virus, or malware on my pc's at home, but then i have a system that i use for exploring dubious sites, so i can wipe the disk, and do a fresh install if needed.
that is, if a simple scan with AV, mbam, and roguekiller does not work out ok
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 59 total points
ID: 39963873
I agree... Free means you get something, but is it what you need?  I've always used a paid anti virus. I've used Symantec Endpoint Protection for years and just tested ESET AV on a Pc that was running Symantec.  To my surprise, it found infected files that Symantec never found.

I've moved to ESET....
0
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 147 total points
ID: 39963929
I use Symantec Endpoint and the newest version (V12.1.4a) and it is very good.

The important point is to use the top quality paid AV of your choice. A will always find something B did not and vice versa. None of them are perfect. All of them (100%) are rear guard applications that figure out what to protect AFTER the virus is out.
0
 
LVL 10

Assisted Solution

by:Schuyler Dorsey
Schuyler Dorsey earned 58 total points
ID: 39964081
If you want a good third party way to compare AV solutions, check out:

http://www.av-comparatives.org/

As you already suggested, commercial AV is of much better quality than free ones. In the commercial world, Kaspersky and Symantec seem to be the best in terms of % caught year over year. ESET often ranks up there too.

Kaspersky is my favorite as it also offers some other great features like vulnerability scans. It will scan your system for out of date third party software and alert you on it.
0
 
LVL 27

Assisted Solution

by:serialband
serialband earned 58 total points
ID: 39964095
Symantec slows down systems when it scans.  That monstrosity was foisted on me at a previous workplace and I uninstalled it on my own desktop & laptop systems and used something else.  I still had to support users with it.


My new place uses ESET, a much, much better AV.  It's like night & day.  You never notice it running except on boot when it loads up a splash screen.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 147 total points
ID: 39964104
I do not have that much trouble. It scans for 15 minutes in the day (other than files coming in and out) and it does not bog down my machine much during that interval. I notice it, but it is not that bad.
0
 
LVL 27

Assisted Solution

by:serialband
serialband earned 58 total points
ID: 39964148
I guess it depends on what else is running when it runs, but many users complain about it and want it disabled because it disrupts their workflow.

I haven't yet had anyone complain about ESET.  I'm running a manual scan now to verify my experience.  I could never do that with symantec.  It would cause my system to crawl and I'd have to switch to another system temporarily to do work.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 59 total points
ID: 39964187
If Symantec Endpoint protection is completes a scan on your Pc in 15 minutes, it's probably running the Active Scan that only scans a port of your system.  

Based on how much surfing you do, the types of apps you install and general level of activity of your pc, you might want to activate the Full Scan which definitely takes more than 15 minutes for any AV app to run.

As I mentioned above, I've used Symantec Endpoint Protection for years and have gotten tired of the Indian based support I get when I do need support. I've learned how to use most of their tools to resolve most situations, but sometimes I run into a situation where I need it. Most of the support is based in Indian and I have grown tired of the waiting and having to work with a tech when I know more about the product then they do.

I recently started testing ESET on a server. On the first full scan of my Pc, it found some infected files that Symantec, Malwarebytes, Superantispyware and HitmanPro never found on Full Scans.  

I've started discussions with them and plan to move all my clients to that product line if the testing and support ultimately prove better then Symantec.

I base my opinion on Apples to Apples comparisons.
0
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 147 total points
ID: 39964195
I only do Quick Scans and I allow SEP to check in / out. Beyond that, I will do a Full Scan some evening (monthly) when I am not using the system. Full Scans take about an hour and do make the machine busy. That is why I do not do that.
0
 
LVL 34

Assisted Solution

by:Dan Craciun
Dan Craciun earned 59 total points
ID: 39964196
The thing I liked best at Eset was that in the past 10 years I've needed support only once, and got a response to my email in 2 hours, from someone who knew what he was talking about.

And the fact that the administrative console is free if you buy business licenses for workstations.
0
 
LVL 10

Assisted Solution

by:Schuyler Dorsey
Schuyler Dorsey earned 58 total points
ID: 39964289
Administrative control is free if you buy workstation licenses for every AV product I have worked with..

Trend Micro, Symantec, Kaspersky, Symantec, Vipre.. :-)
0
 
LVL 91

Assisted Solution

by:nobus
nobus earned 59 total points
ID: 39964589
right now, i use Panda Cloud AV free - lightweight and good
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 30 total points
ID: 39966521
That article is pretty terrible... it's 10 different ways to get XP a little more secure, but only 2-3 are actually something a home user could do. It's a bit biased as well, the recommendations can also be found on their site to some degree, it's an advertisement disguised as a blog.

Nonetheless some of the suggestions make sense, but should have been ordered better. Removing Admin rights is Job #1 for anyone using XP and want's to remain secure. Newer OS's are doing this by default finally, but people are still adding themselves into the local admin group. Free AV software is typically fine, MSE won't be so people should move to a new (free) AV if they use MSE on XP. MSE will not be allowing updates soon, and new installs won't be allowed on XP.
The firewall suggestion makes no sense... I know of no firewalls that do not support more than one subnet, or don't work on more than one vlan. Also virtualizing the XP host certainly adds no security.

Which AV is best is always the wrong question, the right question is what are best practices:
1) No admin access for every day tasks- admin is for administering only.
2) Backup all vital data and important items.
3) Stay patched with the OS and 3rd party software
4) Use an alternate browser, FF and Chrome will always have the advantage over IE until Active-X is removed fully.
5) Assume the worst- Don't open or click anything ever, until you are sure it's OK to do so. If you get sent something you didn't ask for, you may not want to open it.
That's about it. You do not need NGFW's, UTM's, proxy-av scanning, deepfreeze, bit9, symantec, mcafee, ultra-scan 9kagillion DPI etc... You need the basics first, and when or if those fail, you can start to tack on the bells and whistles.
-rich
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 39992635
@25112 - Thank you and I was happy to assist you with this.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now