MSU just got a site license agreement with Eset for Nod32. This was at a time when the collective frustrations with Norton/Symantec Antivirus where at all time high. I have noticed over the years a few very prevalent problems with Symantec’s antivirus solution.
1. The updates don’t come as quickly and often as I would like.
2. Norton is slow to release fixes for already infected machines. In some cases I find myself writing an in house fix to mitigate the damage.
3. It’s a resource hog. It’s just heavy. It drastically affects performance when real time scan is enabled (which it should be to be effective) because it’s running all disk writes and reads through its filters.
4. Anyone who has had to use their server component knows that I don’t even need to continue this sentence.
Given these sins I decided to buy a few licenses for Nod32 and keep it on my key chain flash drive ready to install on the next machine I see with a virus related issue.
On Jan 27 the Brepibot.L took a couple of my users by surprise. It was too early in its life to be detected by the campuses clamav and a few users ran the exe before I could send out my warning to the distro lists.
Norton didn’t have a def that would fix it for a couple of days. In that time Nod32 got it with no problem, and even cleaned it on a guinea pig machine.
The next day a faculty member was having issues with random word doc corruption and suspected it to be virus related. I removed Norton and installed nod32 and then updated its defs. I ran a complete system scan and oddly enough it found four infected files that Norton had not previously detected. Two of these files where OLD viruses (one was my doom and another was sober). The problem ended up being a failing usb flash drive that he had the documents on.
Now to develop a deployment strategy.
