Windows 7 x64 Users - Care to Share your List of Security Software?

[Teffy]

I have ESET NOD32 Antivirus, Windows firewall, and a password-protected Linksys Wireless-G Linux Broadband Router WRT54GL. I generally browse with Firefox. I'm due to renew my ESET antivirus or switch to something else.What are you using?

[Tushman]

I have ESET NOD32 Antivirus, Windows firewall, and a password-protected Linksys Wireless-G Linux Broadband Router WRT54GL. I generally browse with Firefox. I'm due to renew my ESET antivirus or switch to something else.What are you using?

NOD32 64-bit. These guys just keep getting better & better. One of the best there is in my opinion.

[Guest LilBambi]

ESET NOD32 is my all time favorite.

[mac]

MSE, Malwarebytes, WinPatrol, and Windows firewall. If they're good enough for Fred Langa, they're good enough for me!

Edited April 29, 2011 by mac

[Guest LilBambi]

That is the combo I was using before I got NOD32 again. And it is still the combo that I use on some of my computers so I can make sure it is still working well enough to suggest to clients.It does work very well, and not just as a free alternative. It just works well.

[Peachy]

NOD32 v4. WPA2-Enterprise on a Cisco WRVS4400N Wifi router.

[zlim]

I set up three windows 7 x64 computers for a friend (two desktops and a laptop), she is running ESET on all of them. She picked that because she has a two year business licenses for 7 other computers and was pleased with the program.

[V.T. Eric Layton]

I'm running MS Security Essentials on my XP Pro and my Win 7 installations.

[Tushman]

For those of you who are running Microsoft Security Essentials, read this artcile by Fred Langa. He let his system deliberately get infected with the LizaMoon trojan (as a test) and MSE failed to catch it.

[Guest LilBambi]

Actually, that was about 3 weeks ago when Fred posted that in the WindowsSecrets Newsletter (which means it was sometime earlier than the day he posted it since he didn't give a day, but simply said, "My encounter with LizaMoon started unexpectedly one evening when a suspicious warning popped up on my screen." and also stated, "A nasty piece of malware known as LizaMoon has hijacked links on millions of websites in the past weeks, including some normally safe iTunes and Google links."). eWeek reported:

First, the good news: Users are hit with the Windows Stability Center scam only once, so visiting the site repeatedly doesn’t repeat the attack.The bad news: Not many antivirus programs seem to be able to detect the Windows Stability Center. VirusTotal is a service that checks malware samples against 43 major antivirus products to see which products can detect it. As of April 1, only 17 out of the 43 tested block Windows Stability Scanner. At least, security companies are moving on this threat: It was only 13 out of 43 March 31.

PCWorld:

Dave Marcus, Director of Security Research and Communications for McAfee Labs, commented, "This type of threat vector is common and actually happens all the time. However, it's not always on this scale. There are many tools that exist currently that do this in an automated fashion."...There is no reason that any user should ever fall for a rogue AV scam. You should know whether or not you have AV software installed. If you do, you should be familiar enough with it to recognize what the alert messages and system scan look like. More importantly, when the malware gets to the point where it requires payment to download the full version of the rogue AV alarm bells should be going off in your head.

I don't think Microsoft Security Essentials was the only one caught with their pants down during the time frame that Fred Langa allowed it to infect his computer.McAfee was another antivirus software that I know for a fact failed to detect it because I cleaned up computers of clients that were using it. So free versus paid isn't the real issue here really.Oh, yeah...it was free Malwarebytes Antimalware that cleaned up the mess on those computers and me changing perms on the hosts file to edit the hosts file that was infected with all kinds of nastiness redirection, or removing the host file with free LiveCD Linux and copying the hosts.SAM file to the live hosts file, that kept it from being redirected to the bad sites it wanted to send all manner of legitimate sites to so it could be reinfected.

[V.T. Eric Layton]

No security blanket is going to keep out all the critters. You'd need to be running Linux for that.

[Corrine]

PCWorld:

Dave Marcus, Director of Security Research and Communications for McAfee Labs, commented, "This type of threat vector is common and actually happens all the time. However, it's not always on this scale. There are many tools that exist currently that do this in an automated fashion."...There is no reason that any user should ever fall for a rogue AV scam. You should know whether or not you have AV software installed. If you do, you should be familiar enough with it to recognize what the alert messages and system scan look like. More importantly, when the malware gets to the point where it requires payment to download the full version of the rogue AV alarm bells should be going off in your head.

The problem is people don't know what to do whey they get one of these drive-by's. The best action is F4 to close open Windows.

Oh, yeah...it was free Malwarebytes Antimalware that cleaned up the mess on those computers . . .

Since Grinler had the Uninstall Guide posted on the 31st, MBAM had it in detection prior to then. Remove Windows Stability CenterBack on topic, I have MSE, Windows 7 Firewall and WinPatrol in Windows 7 Ultimate, 64-bit.

[Tushman]

So free versus paid isn't the real issue here really.

No it's not. But MSE's failure to detect the LizaMoon troajn suggests to me it has a poor heuristics engine. That's just a layman's opinion of course, but this type of trojan/virus is definitely not "new". You know as well as I do that we have seen similar types of trojans/viruses giving fake warnings, and similar infection.

McAfee was another antivirus software that I know for a fact failed to detect it ....

I'm not surprised. McAfee is well... just McAfee. </barf> Edited May 1, 2011 by Tushman

[Guest LilBambi]

The problem is people don't know what to do whey they get one of these drive-by's. The best action is F4 to close open Windows.

So true Corrine! It's one thing to say that folks should know what their antivirus looks like, but in order for them to have everything done automated (updates, scans, etc.) so they will actually get done, often that means, scans are done behind the scenes with results of scans being handled automatically based on selections predetermined. Updates taken care of as well as scans overnight when it won't impact folks. Windows Updates taking care of themselves and notifiying you of the reason for the reboot in the night. Very few, unless they are savvy, pay much attention to anything but what they want to see or do while surfing. I have seen it first hand. These are not dumb people, just either focused or don't care to be informed on these types of things. Just take two aspirin and call me in the morning type of situation. If the problem is still there in the morning, maybe they will call someone...

Since Grinler had the Uninstall Guide posted on the 31st, MBAM had it in detection prior to then. Remove Windows Stability CenterBack on topic, I have MSE, Windows 7 Firewall and WinPatrol in Windows 7 Ultimate, 64-bit.

Yes, if it weren't for NOD32/ESET, I would be running the same thing on all windows computers.It is funny, I still believe we shouldn't put all our eggs in the one vendor basket, but that has been stressed a bit because Microsoft was part of the problem and they should be part of the solution. And they did just that. They became part of the solution. And no matter how you slice this particular situation, ALL antivirus software vendors paid and free need to do better at detecting incoming malware as it hits the computer's temporary spaces.Just because opening the item or running the item was 'requested' by the user, doesn't mean it shouldn't be checked for malware prior to opening it.We don't see antivirus software skipping scanning email attachments because someone requested it be opened or run. Same thing here really. Maybe not so simple because of so many things being run from webpages these days anyway....sigh...

[Guest LilBambi]

No it's not. But MSE's failure to detect the LizaMoon troajn suggests to me it has a poor heuristics engine. That's just a layman's opinion of course, but this type of trojan/virus is definitely not "new". You know as well as I do that we have seen similar types of trojans/viruses giving fake warnings, and similar infection.

Yes, that is true, we have seen some similiar types of things, but not the same as this. What it is being viewed as on visible front looks the same, but it isn't truly like the others in some respects. And don't forget, the user asked for it to be installed....multiple times....sigh...

I'm not surprised. McAfee is well... just McAfee.

Very few 'big name' antivirus software has my respect these days. They are major bloatware. I personally think they trip over their own bloat.And many of the free solutions, like MSE, are at least as good as any of those guys and can be used on lesser machines too for the most part.Many folks would prefer to buy their way out of a bucket, and that's ok. I personally don't think it's necessary, particularly if you use a combination of tools.My preferred combo would be: NOD32 or MSE for antivirusWinPatrol for preventing things from happening behind scenes that you are not aware of, and keeping an eye on services and running files, hidden files, hosts file, changes to start up and/or registry, even get a pseudo HiJackThis list that you can look over to see if anything looks odd, and more.Hardware firewall/NAT between computers and the Internet ... no running around barefoot on the Internet...Windows Firewall particularly on Windows 7, prefer a two way firewall on XP, like ZoneAlarm Free (hard to choose these days a good one for XP other than hoping they get Windows 7 real soon).Malwarebytes Antimalware updated frequently and run at least once a week or when something seems odd on the computer or you went somewhere or were prompted for something that seemed odd.SpywareBlaster - updated and new items enabled as available once a week.CCleaner or other temporary space cleaner - run at minimum once a week and when something seems odd on the computer or you went somewhere or were prompted for something that seemed odd. Not a bad idea to run your temporary files cleaner after each time one closes the browser. And there should be a very simple way to do that without a lot of fuss. With CCleaner, you can right click on the Recycle Bin and choose Run CCleaner (and if it's on Win7, respond to the box to allow it to run) and done.Keeping operating system and ALL Internet facing programs/plugins/addons up to date.Use something to help you know if search results are safe. Something like MyWOT also known as WOT on some browsers. And also Adblock Plus in all browsers. Both of these are available in all major browsers.If you don't mind annoyances while surfing (meaning you prefer to prevent rather than having to clean up things after the fact), you might also consider NoScript in Firefox, turning off automatic javascript running in Google Chrome, generally run with higher security settings in Internet Explorer, etc.And maybe even for good measure FlashBlock and BetterPrivacy in Firefox, or similar in other browsers.Of course, not everyone will opt for my regimen, which is their choice. Some folks really don't want to be bothered. The thing is many don't even have half of this in place and wouldn't even know if their AV was updated or not, which is actually pretty basic, eh?Sadly, it help some Windows/Computer Technician make a few bucks when they have to have their computers cleaned.

[Tushman]

Yes, that is true, we have seen some similiar types of things, but not the same as this. What it is being viewed as on visible front looks the same, but it isn't truly like the others in some respects.

How is it not the same? I personally think it is. "hey your computer is infected... let us help you. download our software to clean it up". </install> "Oops... so sorry, your security center has been disabled, your antivirus has been partially disabled... now it's time to pay up. Ha!" And even it's not, an antivirus with a good heuristics engine would have detected the shenanagans in the installer.I don't know... for some reason I really have a hard-*n for MSE like some people do. I never did. I'm gonna be the black sheep here and recommend they stick with another freeware option. MSE is relatively new and hasn't had a chance to mature. Of course, I'm sure people will heartily disagree with me on this. Sometimes I get the feeling people are on the I love MSE bandwagon just because that's what's "in", "cool" or "safe"...

[Guest LilBambi]

I don't know... for some reason I really have a hard-*n for MSE like some people do. I never did. I'm gonna be the black sheep here and recommend they stick with another freeware option. MSE is relatively new and hasn't had a chance to mature. Of course, I'm sure people will heartily disagree with me on this. Sometimes I get the feeling people are on the I love MSE bandwagon just because that's what's "in", "cool" or "safe"...

I think we all are entitled to our opinion on what we use and don't use, and why. Asking folks to share is what was asked and I think we all have.For me, MSE isn't what's cool and what's in. I consider that Microsoft was part of the massive viral problem on Windows, and I think they should be part of the solution. I think Microsoft is trying to do just that. And for a relative new comer, does pretty darn well. At least as well as most other free/pay to play antivirus software packages.

[Corrine]

No, not in love with MSE because it is "what's in, cool or safe". I have seen its effectiveness. It also isn't new. Although it was six or seven years ago, I beta-tested Windows OneCare and did not care for the extras that were included. I see MSE as a simplified version of the Enterprise offering, Microsoft Forefront. MSE uses the same definitions as Forefront and WindowsIntune.The other two "free for personal use" A/V programs I also suggest to people looking for a free solution are Avast and Avira. My personal favorite for a licensed A/V is ESET.

[Guest LilBambi]

Well stated Corrine!

[Tushman]

I think we all are entitled to our opinion on what we use and don't use, and why. Asking folks to share is what was asked and I think we all have.For me, MSE isn't what's cool and what's in. I consider that Microsoft was part of the massive viral problem on Windows, and I think they should be part of the solution. I think Microsoft is trying to do just that. And for a relative new comer, does pretty darn well. At least as well as most other free/pay to play antivirus software packages.

I'm not trying to criticize your personal choice/recommendation for MSE Bambi. I'm just saying that based on the article written by Fred Langa and the fact this type of virus/trojan has been seen before, MSE's performance (e.g. heuristics engine) is less than stellar. Obviously you have far more experience than the average joe - and I'm not even suggesting you fall into the category of users that i mentioned previously. It's more or less an observation/comment that I think people should give some more thought to what A/V they should use on their home computer rather than just being a mindless cattle following the herd.Since the thread was started asking people what they use for A/V, I'm just stating what my preferences are and why I don't like that MSE all that much.

[Guest LilBambi]

I'm not trying to criticize your personal choice/recommendation for MSE Bambi. I'm just saying that based on the article written by Fred Langa and the fact this type of virus/trojan has been seen before, MSE's performance (e.g. heuristics engine) is less than stellar. Obviously you have far more experience than the average joe - and I'm not even suggesting you fall into the category of users that i mentioned previously. It's more or less an observation/comment that I think people should give some more thought to what A/V they should use on their home computer rather than just being a mindless cattle following the herd.Since the thread was started asking people what they use for A/V, I'm just stating what my preferences are and why I don't like that MSE all that much.

I hear ya.

[JerryM]

I am using Avira Premium Internet Security, Malwarebytes Paid, Mamutu, and Win Patrol.The one I will probably not renew is Mamutu. I do not believe that any AV will intercept all malware, and especially rogues. I have had a couple of friends using Norton that got infected by a rogue that prevented downloading from the internet. I put Malwarebytes on a CD, installed it on the machine, and ran a quick scan. MBAM found and removed the rogue.Although some AV forums discourage other applications like MBAM removing it is not an option for me.I have two computers and both are running the same applications.I have used Norton IS for a year or so with satisfaction, and recently gave Avast Pro a trial. Both ran smoothly on my machines so the common denominator that will not change is MBAM.I suspect that all here are aware of the latest on demand tests by AV Comparatives. Avast free outperformed almost all the highly thought of paid AVs.Regards,Jerry

Edited June 3, 2011 by JerryM

[Guest LilBambi]

Yes, I agree, no matter what you run antivirus-wise, Malwarebytes Antimalware has to be part of the combo.Another is CCleaner or another 'crap cleaner' .. .I like CCleaner because it just works and it does the job well. They took off the preclicked install of some other thing like Bing Toolbar, etc., now I think it's Google Chrome. Just remember to unclick anything you don't want during the install that is unrelated to the program itself ... and don't forget to allow the right click items for the Recycle Bin (Open CCleaner and Run CCleaner). Nothing like being able to just close the browser, right click on the Recycle bin and run CCleaner after every browser session.WinPatrol is wonderful and if you have enough RAM (to handle all your security programs) then definitely go for it, every time! I have it running on all my Windows installs. And many of my client's installs. The only exception is if they don't have enough RAM to be comfortable running AV, OS or 3rd party firewall (depending on OS).And believe me, although most folks have enough RAM to cover it all comfortably, not everyone has 2-4GB RAM on their Windows install (speaking mostly older systems now as well as a decent/speedy CPU). As much as we all would like to say there shouldn't be anyone running anything older Windows 7 on their Windows computers these days, that's not reality.There are some really nice AV software out there and then there are some real dogs too. I find the Microsoft Security Essentials works fine. I also love ESET's NOD32.

[abarbarian]

http://www.virusbtn.com/vb100/indexThis has some very interesting information on security and performance of anti virus programs.Me I use Avast (7years) with windows firewall. Thats it as you don't tend to get many nastys on Steam an if they appear I just shoot em up.