Symantec's Corporate/Enterprise stuff is much better than their Home/Personal stuff. But still not so great and too bloated.
http://www.av-comparatives.org/ is a nerd forum dedicated to - you guessed it - comparing antivirus (and other security) software. They have a systematic methodology, and they compare
everything - including what the AV vendors don't advertise - things like scan times, run delays, performance hits, false positives, actual effectiveness against new/unknown threats, time from virus introduction to widespread AV database innoculation.
The products themselves vary from version to version, even update to update, so the hierarchy tends to shuffle around a little. F-Secure and Kaspersky tend to always jostle each other at the top; McMicrosoft and Symantec usually rank somewhere around Fifth Place (or worse) in every category. AVG and Avast do well in most categories but sometimes have an epic fail. Other products (like Sophos and Trend) tend to score strongly in some categories but are pathetic in others.
Symantec works, sure, but it's clunky. You'd spend the same (maybe less) money and get better (more secure, smaller, faster) software from F-Secure or Kaspersky. I'd use it if it came "free" with a computer, but I wouldn't renew it or ever buy into it.
Two low-cost solutions: Firewall/proxy and training. Simply scanning
every new file (downloaded or from removable media) before installing/running/opening will work. Some AV software can be configured to do this automatically. (lol, unsavvy secretaries will be confused by distinctions like "executable" vs "data" files, just scan it all to be safe) ... of course Windows reliability can be eroded by installing too much safe junk over time, but that's another problem entirely. Hopefully a fresh image can be installed whenever necessary.
Configuring browser security settings can help a lot too, especially if you restrict ActiveX stuff. GPEDIT.MSC can be used to preconfigure or even "lockout" user ability to change these settings.
