?
Solved

free av = false security

Posted on 2014-03-28
18
Medium Priority
?
501 Views
Last Modified: 2014-04-10
I read the below in http://betanews.com/2014/03/12/forced-to-use-windows-xp-past-april-10-ways-to-make-the-best-of-a-bad-situation/

i have read before in ee that some free av were just fine for residential.. but in the light of below have things started changing that free av does not pass the test?

what is the verdict of ee forum experts? if free ones are not good enough anymore, that does not mean any paid one is always good, right? the below author recommend eset..

i would appreciate your input. thanks
-----------------------
We've been able to move over 90 percent of our client base off XP at this point. Pretty impressive, but we still have our holdouts. For all these lone rangers, we have been very strict about ensuring that they are not relying on any of the free AV products (Avast, AVG, Security Essentials, etc) out there. These programs provide a false sense of security, and for a situation where a "wild west" of exploits is just about certain to erupt soon, it's silly to place all your eggs into the basket of a free AV product.
 
It's not that I have something against free antivirus. In fact, I used to recommend them back in the day when they actually did a good job. But I don't see this as being the case anymore. As I tell clients, the bad guys are too good -- and the free products just can't keep up. Aside from a few instances here or there, free products rarely breach the top 5 list of any of the major independent testing bodies, namely Virus Bulletin and AV-Comparatives.
0
Comment
Question by:25112
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
  • 2
  • +5
18 Comments
 
LVL 97

Assisted Solution

by:John Hurst
John Hurst earned 588 total points
ID: 39963078
I have had to rip free AV out of clients because of non stop viruses.

I always recommend a good commercial paid AV. They are not expensive at all. That makes them very much worth the money.
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 120 total points
ID: 39963093
I have gotten one virus since I first got on the internet in 1991.  The first defense against viruses is Quit Clicking on Things you Know Nothing About!!!  And don't open emails from strangers.
0
 
LVL 97

Assisted Solution

by:John Hurst
John Hurst earned 588 total points
ID: 39963095
I don't get viruses either. Good old fashion common sense stops viruses dead in their tracks.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 35

Assisted Solution

by:Dan Craciun
Dan Craciun earned 236 total points
ID: 39963227
I've used Avast Free and Security Essentials on literally hundreds of computers over the years and had about the same amount of infections as on the computers where I had Nod32 or KAV.

The main vector of infection is the user. Let him run with too many rights (and you're forced to do that in XP) and no matter the AV, if you don't educate him, he will get adware/scareware/viruses.

AV-comparatives and VB are artificial tests that don't really say (IMO) how an AV will behave on your client's station.

HTH,
Dan
0
 
LVL 93

Assisted Solution

by:nobus
nobus earned 236 total points
ID: 39963430
i agree with Dan.
i want to add that there is no such thing as a 100% virus protection; all will eventually fail
i also have use Avast and AV free for home users -  but not for business; unless they want to do so.
i seldom see any virus, or malware on my pc's at home, but then i have a system that i use for exploring dubious sites, so i can wipe the disk, and do a fresh install if needed.
that is, if a simple scan with AV, mbam, and roguekiller does not work out ok
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 236 total points
ID: 39963873
I agree... Free means you get something, but is it what you need?  I've always used a paid anti virus. I've used Symantec Endpoint Protection for years and just tested ESET AV on a Pc that was running Symantec.  To my surprise, it found infected files that Symantec never found.

I've moved to ESET....
0
 
LVL 97

Assisted Solution

by:John Hurst
John Hurst earned 588 total points
ID: 39963929
I use Symantec Endpoint and the newest version (V12.1.4a) and it is very good.

The important point is to use the top quality paid AV of your choice. A will always find something B did not and vice versa. None of them are perfect. All of them (100%) are rear guard applications that figure out what to protect AFTER the virus is out.
0
 
LVL 10

Assisted Solution

by:Schuyler Dorsey
Schuyler Dorsey earned 232 total points
ID: 39964081
If you want a good third party way to compare AV solutions, check out:

http://www.av-comparatives.org/

As you already suggested, commercial AV is of much better quality than free ones. In the commercial world, Kaspersky and Symantec seem to be the best in terms of % caught year over year. ESET often ranks up there too.

Kaspersky is my favorite as it also offers some other great features like vulnerability scans. It will scan your system for out of date third party software and alert you on it.
0
 
LVL 30

Assisted Solution

by:serialband
serialband earned 232 total points
ID: 39964095
Symantec slows down systems when it scans.  That monstrosity was foisted on me at a previous workplace and I uninstalled it on my own desktop & laptop systems and used something else.  I still had to support users with it.


My new place uses ESET, a much, much better AV.  It's like night & day.  You never notice it running except on boot when it loads up a splash screen.
0
 
LVL 97

Assisted Solution

by:John Hurst
John Hurst earned 588 total points
ID: 39964104
I do not have that much trouble. It scans for 15 minutes in the day (other than files coming in and out) and it does not bog down my machine much during that interval. I notice it, but it is not that bad.
0
 
LVL 30

Assisted Solution

by:serialband
serialband earned 232 total points
ID: 39964148
I guess it depends on what else is running when it runs, but many users complain about it and want it disabled because it disrupts their workflow.

I haven't yet had anyone complain about ESET.  I'm running a manual scan now to verify my experience.  I could never do that with symantec.  It would cause my system to crawl and I'd have to switch to another system temporarily to do work.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 236 total points
ID: 39964187
If Symantec Endpoint protection is completes a scan on your Pc in 15 minutes, it's probably running the Active Scan that only scans a port of your system.  

Based on how much surfing you do, the types of apps you install and general level of activity of your pc, you might want to activate the Full Scan which definitely takes more than 15 minutes for any AV app to run.

As I mentioned above, I've used Symantec Endpoint Protection for years and have gotten tired of the Indian based support I get when I do need support. I've learned how to use most of their tools to resolve most situations, but sometimes I run into a situation where I need it. Most of the support is based in Indian and I have grown tired of the waiting and having to work with a tech when I know more about the product then they do.

I recently started testing ESET on a server. On the first full scan of my Pc, it found some infected files that Symantec, Malwarebytes, Superantispyware and HitmanPro never found on Full Scans.  

I've started discussions with them and plan to move all my clients to that product line if the testing and support ultimately prove better then Symantec.

I base my opinion on Apples to Apples comparisons.
0
 
LVL 97

Assisted Solution

by:John Hurst
John Hurst earned 588 total points
ID: 39964195
I only do Quick Scans and I allow SEP to check in / out. Beyond that, I will do a Full Scan some evening (monthly) when I am not using the system. Full Scans take about an hour and do make the machine busy. That is why I do not do that.
0
 
LVL 35

Assisted Solution

by:Dan Craciun
Dan Craciun earned 236 total points
ID: 39964196
The thing I liked best at Eset was that in the past 10 years I've needed support only once, and got a response to my email in 2 hours, from someone who knew what he was talking about.

And the fact that the administrative console is free if you buy business licenses for workstations.
0
 
LVL 10

Assisted Solution

by:Schuyler Dorsey
Schuyler Dorsey earned 232 total points
ID: 39964289
Administrative control is free if you buy workstation licenses for every AV product I have worked with..

Trend Micro, Symantec, Kaspersky, Symantec, Vipre.. :-)
0
 
LVL 93

Assisted Solution

by:nobus
nobus earned 236 total points
ID: 39964589
right now, i use Panda Cloud AV free - lightweight and good
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 120 total points
ID: 39966521
That article is pretty terrible... it's 10 different ways to get XP a little more secure, but only 2-3 are actually something a home user could do. It's a bit biased as well, the recommendations can also be found on their site to some degree, it's an advertisement disguised as a blog.

Nonetheless some of the suggestions make sense, but should have been ordered better. Removing Admin rights is Job #1 for anyone using XP and want's to remain secure. Newer OS's are doing this by default finally, but people are still adding themselves into the local admin group. Free AV software is typically fine, MSE won't be so people should move to a new (free) AV if they use MSE on XP. MSE will not be allowing updates soon, and new installs won't be allowed on XP.
The firewall suggestion makes no sense... I know of no firewalls that do not support more than one subnet, or don't work on more than one vlan. Also virtualizing the XP host certainly adds no security.

Which AV is best is always the wrong question, the right question is what are best practices:
1) No admin access for every day tasks- admin is for administering only.
2) Backup all vital data and important items.
3) Stay patched with the OS and 3rd party software
4) Use an alternate browser, FF and Chrome will always have the advantage over IE until Active-X is removed fully.
5) Assume the worst- Don't open or click anything ever, until you are sure it's OK to do so. If you get sent something you didn't ask for, you may not want to open it.
That's about it. You do not need NGFW's, UTM's, proxy-av scanning, deepfreeze, bit9, symantec, mcafee, ultra-scan 9kagillion DPI etc... You need the basics first, and when or if those fail, you can start to tack on the bells and whistles.
-rich
0
 
LVL 97

Expert Comment

by:John Hurst
ID: 39992635
@25112 - Thank you and I was happy to assist you with this.
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question