I agree with you - I am so very disappointed with Symantec as of late. Time and time again Symantec has allowed infections into computers, only to let me know after the fact that it's been infected. Usually results in a manual cleaning or a complete system reimage. Not how I like to spend my days or my customers money. I have 14 clients and all of them are using Symantec AV, so I guess it's time to look for something different!
Friday a manager here got a virus alert from SEP - unfortunately, the horse was already out when SEP closed the door - the beast was active, red circle with X in the middle, pop-ups all over the place, a VERY active desktop. SEP said it was infected, yes, but why did it not PREVENT it?
I've still, now, right now, running scans and doing a lot of manual work - as fast as it was infected, the infection seems to have "disappeared" - with NO changes made by me.
SEP was alerting every 60 minutes exactly on this infection, all weekend, then suddenly Sunday, it stopped sending hourly alerts. It saw this HTML file as the bug, but the HTML file could not have caused a tray icon and all those popups, there has to be other files involved that SEP didn't see.
All I could find was the HTML file to send in as a sample (I hate this constantly having to manually sendx in samples because the automation won't work) and it reported back as a known bug - if it was known, why was it allowed to be created on the computer, then allowed to run?
The computer today is showing up clean, but I can't believe it since nothing was cleaned off!
Even Trojan Remover said the computer was clean - but how can that be???? There were popups everywhere. There were hourly alerts, then it just stopped.......... and nothing was deleted. The computer was not rebooted.
MY point is - I run into this every week now, sometimes more than once a week. In each case I get a "yeah, we know about it" and I just want to respond - "if you know about it, then why did you let it in?"
I'm SO stressed and overworked here now, I don't need weekly infection cleaning added to my plate. That's what SEP is supposed to do, or prevent. i've never in my life seen so many bugs get in, all since moving FROM SAV TO SEP.
Coincidence? Is it just that at the time we switched all these new threats emerged? Or was SAV really better at PREVENTION?
Id love nothing more than an engineer come and visit us and look at the install, and see just what I'm seeing - the slow console, the virus misses each week, other strange things.