Switching from Kaspersky.. to?

[Piggy]

Hi,

 

I've been an avid user of Kasperksy  for quite a while but things change. It's got so many annoying prompts that my wife ends up disabling it and defeating the purpose of having it (on her Facebook links mainly). I looked at the definitive A/V page and it doesn't help much. I'm thinking between ESET and Sophos? Anyone have any other ideas? Are any free versions ok as well?

 

Thanks!

[+Raphaël G. MVC]

25 minutes ago, Piggy said:

Hi,

 

I've been an avid user of Kasperksy  for quite a while but things change. It's got so many annoying prompts that my wife ends up disabling it and defeating the purpose of having it (on her Facebook links mainly). I looked at the definitive A/V page and it doesn't help much. I'm thinking between ESET and Sophos? Anyone have any other ideas? Are any free versions ok as well?

 

Thanks!

I like ESET and I'm happy with it. I used Avast before that but it reported too many false positives. I'm a software developer creating clean software. And I hate it when my own apps are quarantined the moment after they're compiled. I can't compare with Kasperksy though. Never had it.

[T3X4S]

Sophos - NO
ESET - I hear a lot of good things - never used it
webroot's Secure Anywhere - IMO the best there is for 3-4 years now.
 

[goretsky Supervisor]

[NOTE:   This is an update of an earlier version I posted elsewhere.  AG]

 

Hello,

 

There's no real "best" anti-malware program for all home computers, because each environment is different (network, software, workflow, etc.), so what you need to do is some evaluating.

 

I would suggest looking around and coming up with a shortlist of three vendors. I think is a decent number to evaluate because after four or so, it gets messy because of the sheer amount of time required, unless you begin doing your evaluations in parallel--which may be possible if you have someone to assist you with the heavy lifting.

 

Once you have select the products you want to look at, you then contact each respective vendor, and arrange for a 30-day trial of each product.

 

Begin by rolling out the first one as a pilot to a small group of test users on your network, and not just yourself.  You don't want to just the parents trying it, but also kids who use various programs for school, computers with older software installed (still using XP as a print server, etc.).  Take the time to evaluate things properly so there are no "gotcha's" from trying to apply a "one-size fits all" cookie-cutter type approach, which doesn't account for all the use cases in your environment.

 

It's easy to look at things like speed of a system before and after the anti-malware is installed and the numerous independent reviews and reports of efficacy versus malware, but those are not the only things to look at for anti-malware software in a business environment. Some of the non-obvious things to look at include:

• ease of rollout (removal of previously-installed anti-malware solution; plus checking for any hiccups during your test deployment and workarounds needed)
• ease of maintenance (ability to create and deploy specific configurations; pushing out new signature updates or configurations, speed + completeness of reporting, etc.)
• compatibility testing (make sure it works with your business apps, other family members' software, tools, services used in your environment)
• support response (make several calls/open several tickets on typical scenarios to get an idea of how quickly you can get a response and how skilled that response it)

Anti-malware software isn't a glowing force-field which magically protects your computers from viruses. It is a more a combination of a tool for managing risk and also a kind of like an insurance policy. That's why the last bulleted item from above is so important. The good news, though, is, that unlike with a real insurance company, you get to test how your potential vendor handle claims first before you purchase a policy. That's because the anti-malware software you're trialing comes with tech support, and you can test that during the evaluation phase to make sure it will work well for you when you really need it. Try some common issues such as:

1. Setting up a computer with the wrong network settings, don't uninstall your existing anti-malware software before forcing an install of the evaluated product, or otherwise come up with some way of 'breaking' it, then call support and ask them for help troubleshooting why the trial won't install on it.
2. Infecting a PC, and asking support to walk you through cleaning it.
3. Walking through any other scenarios that are pain points with your current solution, to see if one of the new potential vendors does it any better. Or worse, for that matter.

You can come up with some other scenarios from things you've run into in the past. I think it's a good idea to test how quickly and thoroughly your potential anti-malware software's technical support department is before you have a problem with it and you've already purchased a multi-year license.

I'd also say it's a good idea to look at some independent test results and certifications to help qualify your decision, once you've got your short-list figured out. Here are a few testing and certification organizations:

 

No frames are allowed in the forum, as far as I can tell, so I'll use organization | URL | comment as delimiters.

 

AMTSO | http://www.amtso.org/ | Anti Malware Testing Standards Organization - not a test/certification organization per se, but one that is trying to create responsible guidelines for testing

AV-Comparatives | http://www.av-comparatives.org/ | EU-based

AV-TEST | http://www.av-test.org | EU-based

AVAR | http://www.aavar.org | Association of Anti Virus Asia Researchers, again, like AMTSO, not a test/cert org per se, but may have some interesting info to look

Dennis Technology Labs | http://www.dennistechnologylabs.com/ | UK-based

EICAR | http://www.eicar.org | European Institute for Computer Antivirus Research (also, not a test/cert org)

ICSA Labs | https://www.icsalabs.com/ | International Computer Security Association Lab - certification agency

NSS Labs | http://www.nsslabs.com/ | US-based

PassMark Software | http://www.passmark.com/ | US-based

PC Security Labs | https://www.pitci.com/ | CN-based

Veszprog, Ltd. (CheckVir) | http://www.checkvir.com/ | a certification organization, EU-based

Virus Bulletin | http://www.virusbtn.com/ | basically the research journal for the anti-malware industry, also does comparative testing, aka the VB100 and RAP test stores

Web Coast Labs | http://www.westcoastlabs.com/ | certification agency, EU-based.

 

One thing I will mention here is that the above list reflects my own personal beliefs and should not be considered an endorsement or a recommendation by my employer. In particular, I vehemently disagree with at how at least one of the entities listed above weighs certain categories in its tests, but I still believe that the testing methodology of the above entities are good in that they are repeatable and reproducible (even if I disagree with their interpretation of the resultant set of data).

 

There are also a lot of research institutions and universities involved in securing systems, testing anti-malware software, etc., such as:

• Baylor University (Texas)
• Carnegie-Mellon (US)
• Harvard (US)
• Norwich University (US)
• Politechnique Montreal (Canada)
• Purdue University (US)
• Slovak University of Technology (Slovak Republic)
• Stanford University (US)
• UC Santa Barbara (US)
• UC San Diego (US)
• University of Hamburg (Germany)
• University of Karlsruhe (Germany)

to name a few of the many, many organizations involved in looking at anti-malware software in some way.  If one of these is somewhat local to you, asking to speak to one of the professors in their Information Security program might be helpful.

 

I strongly recommend looking at reports and studies from multiple organizations over the course of several years. The reason for this is that testing methodology is often problematic, and even the best of these tests may have some sort of problem that was corrected in a subsequent use. It's important to keep in mind that test results are only valid for the period in which the tests were performed, and with the configuration and environment chosen by the tester. Looking at the results over a few years can help you determine if a program's protection is doing better, worse or about the same over time.

 

That, coupled with the due diligence in other areas like piloting the software, having your legal department review the contract for any hidden gotchas, etc., should give you a solid basis on which to base your purchase decision.

 

Regards,

 

Aryeh Goretsky

[Piggy]

Holy crap thank you Aryeh. Lots of info to wade through!

[+E.Worm Jimmy Subscriber¹]

1 minute ago, Piggy said:

Holy crap thank you Aryeh. Lots of info to wade through!

if this is too much (which it is)   i will give you a piece of my mind:

 

ONE DOES NOT SIMPLY LEAVE KASPERSKY!!!!

 

 

 

oh, now that i had a laugh,   i wholeheartedly recommend Eset antivirus.  

 

personally i tried a bunch of programs, and read up on a lot of solutions. 

i ended up with Eset antivirus (not any other package they have) and Malwarebytes Antimalware which i also (grudginly) decided to pay for.

 

this solution works for me.   not sure about you.  you might get a different anti-malware solution.  but i am pretty certain Eset Antivirus is at least one of the best choices you can make.

 

so, think all you want.  i gave you the choices i make.   before that i was on ESET antivirus and Spybot Search and Destroy (only for their immunize function)

before that i tried a ton of different free and paid for options...

[The Evil Overlord]

Just so it has some representation, Zonealarm (free firewall and antivirus available, you just have to look for it)

 

It's not the antichrist, and has been my 'go to' for 10 plus years now, (I forget the exact date I switched to xp and found zonealarm as protection for it) But Goretski, has a lot of info displayed for you, so you may find something better suited for your needs in his list also.