• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

(corporate) Windows Rootkit Removal - Paid Software

Saga

Saga

Banned
Hi guys - I'm in the market for a replacement enterprise software that does rootkit/spyware/malware/antivirus for a small-medium (~75) user company. Currently have have Trend Micro SMB deployed and in my opinion it's absolute garbage - not only does it constantly do false positives, but half of the Windows 7 viruses it's ever detected it simply doesn't know what to do with and sits there like a mute asked to explain love.

I've just started some preliminary reseach, but it appears to me that since every computer on this enterprise is running Windows 7 Professional, I should simply take advantage of MSSE for normal everyday and look into a specialist application for rootkits and malware.. the reasoninig behind this is that MSSE is exceptionally good at normal protection and is the perfect level of low-overhead on a system, but if something is good enough to fool MSSE it's going to need a specialist application. So far in my research the only thing that appears to be worth buying is HitmanPro - installed and used on multiple machines and it found rootkits no other software could, and since it does cloud scanning the overhead on the machines was practically zero.

So, my question is this: Should I use MSSE and another application as-needed, such as HitmanPro? If so, is there something superior to HitmanPro for rootkits? Or is there a small business solution that will meet my standards completely without me needing to use second-hand applications?

Specifications on the enterprise:

75 Windows 7 Pro Machines (95% laptops) - each one with a 2.6 C2D, 2.6+ i5, or 2.6+ i7, and every machine running a SSD. With performance like that overhead becomes less of an issue, but I would still prefer it to be as less invasive as possible.

Currently running Trend Micro SMB on a dedicated server with thin clients on each machine.. and it's garbage. Downright needs to go.

Thanks in advance for any suggestions.
 
Last edited:
wow those are nice machines! I've also heard good things about hitman pro. I think your idea would serve you well. MSE + Hitman. I'd also add in Malwarebytes
 
Chiefcrowe said:
wow those are nice machines! I've also heard good things about hitman pro. I think your idea would serve you well. MSE + Hitman. I'd also add in Malwarebytes
Click to expand...

Thank you - I just finished doing a Windows 7 Migration for this enterprise and I told the CFO I would only touch that at all if I could upgrade the machines. They were skeptical at first, but when I proved that a simple SSD upgrade for $200 extends the life of most machines for 3+ years and saves them from the $1800-2500 for a new machine, the numbers part of that lit eyes up like a kid on Christmas morning and I was given the go-ahead to make it happen. Every user is running a SSD and Win7 Pro now, and they are VERY happy office drones. My personal opinion, especially if you have a company laptop you are taking home, is go big and get a machine with a 3 year warranty and a roadmap life of 3-5 years, and since top of the line laptops are now in the $1500-$2000 range instead of $3000-$4000 like they were years ago, it's very easy to justify. Hell, a brand new quad core i7 T420 with a 128GB SSD can be ordered from Lenovo for $1600!

The reason I've settled on HitmanPro is that it's the ONLY application that has NEVER failed me. Recently I stopped even using Malwarebytes since HitmanPro would find more in significantly less time due to it's cloud file checking, so there is no reason to run Malwarebytes alongside HitmanPro.

Any other suggestions? Seems like MSSE + HitmanPro is the perfect enterprise solution, and doesn't require a client-server runaround.
 
as an aside - which brand/model SSDs are you using?

ah ok, well since you've had better experiences with hitman, i think you should be all set with that. How much does it cost?
 
Chiefcrowe said:
as an aside - which brand/model SSDs are you using?

ah ok, well since you've had better experiences with hitman, i think you should be all set with that. How much does it cost?
Click to expand...

Every machine has a 120 or 180GB Vertex 2. Reliability, performance, and warranty of OCZ offerings just seemed to make it a no brainer, and the price difference between an Agility and Vertex was so negligible that the V2 was the appropriate choice.

HitmanPro's business model is $10/user for 10-24 users. 25+ it's discounted (I've asked for a quote and have not been given one as of yet). This is for a 1 year license.

Additionally, you can buy what they refer to as incident licenses, which only makes sense if you understand how HitmanPro works; when you run HitmanPro you're given the option to either install it, or just run it and scan.. either option checks your machine, and if it finds nothing major (ie just adware cookies, etc) it handles them for you and tells you to be on your way.. if it finds something major (rootkit, virus, malware) it gives you the option to buy or to activate a free 30-day license and immediately fix your issue, so you basically are given one free fix per machine. If you went the incident license route, you could buy a 25-pack for $150, and you could use HitmanPro as-needed only on infected machines and use your incident packs only if there is a serious issue.

Basically it boils down to spending $10 per user per year, or buying a 25 pack for $150 and only using them when there is something to fix. To me the incident pack seems the way to go, as Windows 7 generally has so few issues that it's more cost-effective to react to Windows 7 issues than to install for preventative - in my opinion.

Frankly, HitmanPro has impressed me more than anything I've used in the past 10 years. Running Malwarebytes vs. HitmanPro side by side, HitmanPro gets done in 1/10th the time due to it's cloud checking, and has practically zero performance overhead. I can see this being more beneficial on non-SSD machines, but I don't actually have any platter drive computers around the house to test this on (every machine I own runs SSD's, and the platter drives I did have were always Raid1 so they wouldn't have given me accurate performance numbers anyway..) and at work the only platter drives we use are QA boxes I never touch.
 
Last edited:
My I suggest if the users are getting rootkits and such that you work on fixing the browsing habits and lock down the security.
I hope everyone is not a local admin.
 
JeffreyLebowski said:
My I suggest if the users are getting rootkits and such that you work on fixing the browsing habits and lock down the security.
I hope everyone is not a local admin.
Click to expand...

You're welcome to suggest whatever you like, but stipulations on administrative rights to the machines is two levels above my paygrade and nothing I ever said otherwise was taken into consideration.

You'd also be delighted to know this is a DoD contracted organization.
 
You may want to consider Windows Intune which can provide cloud based management including enterprise endpoint protection, computer updates, helpdesk access and much more for the cost of $11 per PC per month. Windows Intune general availability begins March 23rd, sign up today for a 30 day trial. The Windows Intune product page is available here:
http://www.microsoft.com/windows/windowsintune/pc-management.aspx
Additional information for IT professionals is available on the Springboard Series on TechNet here:
http://technet.microsoft.com/en-us/windows/ff472080.aspx?ITPID=wtcfeed
Brandon
Windows Outreach Team- IT Pro
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top