Spyware, viruses, & security forum: Is the security software built into Windows 7 good enough or not?

none of it's good enough.

Ron -

Unfortunately, it's not now, nor ever will be enough to go with the default tools included in Windows.

First off, Windows 7 is now in the hands of the public and at last report, it's got 10% of the market, that is, if you believe Microsoft's estimates.

Among those of us enjoying the benefits of Windows 7, the hacker community is no doubt, likewise having fun trying to find ways to break things in order to get in. That's their job. As Windows 7 gets more popularity, it's more likely that these guys will find things that can be exploited and will use them.

BUT, that's not to say that Windows 7 sucks or has weak security. The security is lightyears ahead of XP.

There are several things to keep in mind to stay safe.

1.) Avoid the dark corners of the Internet.
2.) Avoid clicking on links in SPAM emails.
3.) Keep Windows and other MS products updated regularly.
4.) Install good quality antimalware products including an antivirus, and an antimalware app and make sure they're updated regularly.

Now... By "good quality" - I mean NO McAfee or Norton! As evidenced this past week, McAfee can't be trusted. 9 out of 10 of the PC's I've rebuilt in the past 5 years have been because of Norton's complete failure to do it's job. As it is, both products are an epic FAIL in my book.

A good one I've had NO problem with would be Avast. It updates regularly. It does it's job well and it's free for home use. They also offer a paid for version.

Now then... The difference between a virus and other malware is a matter of semantics. A virus is a file that spreads itself to other systems. It can arrive through a link in an email, or as an attachment and can, depending on it's sophisitication, spread over a local network.

Spyware is classified as programs that spy on you - keyboard loggers are a good example of this sort of thing. They run in the background, trying to catch you typing in passwords on your banking sites and other shopping online so they can report your credit card info to their masters who will then proceed to run up purchases on your tab.

Adware is typically innocuous. It comes about when you visit a site and the ad(s) place a cookie on your hard drive. If you visit another site somewhere else that hosts adveristising from the same company, they can see the sort of things you're interested in and can target ads you might be interested in.

Bots on the other hand are programs that do other things - like spread spam, launch distributed denial of service attacks and so forth. These are the big money malware tools these days. These are typically "dropped" on your system by a trojan downloader.

The trojan finds its way on your system like a virus - by way of an email attachment, link to a fake video codec, or other socially engineered tricks and is executed. The downloader connects to it's command server on the internet and gets it's marching orders. It downloads tools for spamming or launching a DDoS attack.

Those tools then grab the info they need (spam template, mailing lists, IP addresses to attack) and then gets to work.

A DDoS (Distributed Denial of Service) attack is one where you have a lot of computers all trying to access the same server at the exact same time. The server in question can't handle that much traffic at once and usually crashes.

Spam... I would assume you already know what that is. No further explanation is needed.

Both of these activities tend to be the big money makers for the people behind them. They charge other people money to send out spam for them or to take out someone's servers.

There are other forms of malware - there's the "ransomware" variety. These are programs that are more viral than anything and arrive in the typical viral manner. The ransomware program then launches and proceeds to take all of your data files and encrypts them. It then pops up a notice on your desktop telling you that those files are now being held for ransom. You have a limited amount of time to pay them some money or, the files will be deleted permanently. Since the files are encrypted with a fairly strong encryption scheme, the odds of decrypting them without the key before time's up is slim to none. And Slim left town.

The bottom line: As long as these activities can be leveraged into making money, they will continue exist. The "skript kiddies" have grown up and have figured out how to use their "mad skillz" into making money. LOTS of money. And as such, they will continue to find holes in operating systems like Windows and OSX.

As a side note - As OSX gains market share, it will likely get more and more attention from the bad guys. Contrary to the Mac mentality, OSX is not any better at keeping the baddies out. The only thing that's kept Macs safe is the lack of numbers. Why go after an operating system with only a few hundred million users when there's a pool of over a BILLION running Windows?

So what's a good antimalware package? I like two of the current offerings. Spybot Search and Destroy and Malwarebytes AntiMalware. Spybot S&D is a free app and catches quite a lot of things. MBAM (MalwareBytes AntiMalware) generally does a pretty good job of cleaning up anything Spybot leaves behind. MBAM has a free version and a paid for version.

Thx for the explanation, and providing real, practical solution.

I use 5 different computers with windods 7. To be safe I install Avast and Windows security essentials. I have not had any infections yet. while on some of the other computers with out these two programs installed they have been infected. after installing these programs there have been no more problems. Hope this helps.

Stan

Well Ron, here's my view. First of all I just got a new computer with 7 on it and I don't remember being told by them that there was no need of extra security. In fact they gave me 15 months of McAfee with it for free. However, since I'm with a major cable company, that company offers a free and terrific version of Norton which is well better than McAfee ever has or will be (in my view). So my answer is no, even though there are all the security measures built in to Win 7 I would always play it on the safe side and have an actual security system. If you are with a major cable company for your Internet go to the home site and see what they offer you. Most now offer security because it's in their best interest in the long run due to the complications it helps their customers avoid. If you don't have an Internet provider who offers a free service then get AVG the free version. I've found it to be the best as far as free goes. I will say this, my Internet company used to use McAfee as the security they offered us and they recently upgraded to Norton so that's why I use that now. I find less problems with it accepting what I want and less problems with it not knowing what to block. It's been great so far. But in the end, the main point is that I would never get on the Internet without an actual security program.

Yes, it is good enough for home users - in my humble opinion!!!!
I use it on three of my machines and have had no trouble.
My other machine is a fairly new iMac!!!!!!

Windows 7 security is far batter than previous versions of Windows. To suggest that Microsoft is supperior to all other security solutions is a bit of a leap. This is up there with Bill Gates claiming to end all spam, or Microsoft senior vice president Bob Muglia proclaiming that Windows Vista was the most secure operating system in the industry. We all know what has been the truth with Microsoft proclamations. Just check out how many critical fixes Microsoft has had to issue this year alone and how many critical issues they do not have a fix for.

No security solution is 100% vendors that say so are not being honest. The solution that is best today usually is not by next quarter. Multiple layerd products are the best solution at this time.

A gateway UTM appliance that blocks virus/spyware/application threats. Host based firewall/anti-virus/anti-spyware. Then use the microsoft tools and you usually should be OK (still not perfect).

You should be aware of the fact that I have checked several different shops, in my city, and all have said that, at some point, or another, ALL of these "hyper brand new" programs, beyond Windows XP are full of problems. Sure, It will take awhile, for the problems to surface, but they will, just as sure as the sun rises in the morning.

According to the FIVE (5), local, computer repair shops, that I have spoken with, each has given up trying to "fix" advanced versions, of Windows. Not one shop gave me a good review, of any Windows O.S., beyond XP. In fact, many of these shops actually DUMP "advanced" programs, such as Windows 7, and replace it with XP.

Even my local Walmart recommends XP, as the best O.S. so far.

I thought that you should know about this information. I also encourage you to check with your own, local, shops, and stores. Ask which system that THEY recommend. Just dont be surprised, or insulted, if they say "XP is the only good one".

Use every security as with Vista I had infections on 7 (trojan Appl/xxx) or somthing like that
and using all securyties from previous Wimdows now.
We have heaps of updates for 7 already from Microsoft if is so safe, why updates.
Don't thrust anybody.

Also wanted to mention that Defender Pro uses Kaspersky Antivirus and Firewall in their suites and it can be purchased for $20 for use on 3 pc's. It can be purchased online at http://www.defender-pro.com or at Wal-Mart or Target and they offer a free trial on the website.

Hi, windows 7 in certainly the most secure version of windows, building on major coding changes that came with Vista.

Still I wouldn't feel entirely safe without any additional protection. Microsoft's free security essentials is a good start in my opinion as it seemlessly intergrates with W7, has a simple interface, updates daily, and monitors all downloads and programs/processes in realtime.

As an additional measure you can also run Malwarebytes. The paid version also runs in realtime and focuses on more unusual threats that traditional anti-virus may miss. It complements other anti-virus products,so there is no conflict running both at the same time.

In fact the above is my setup, plus a good router based firewall. I never had any malware with this setup. Considering I had two viruses and many cases of spyware/adware when running xp with Avg (paid version), I would say I am happy with my setup.

if you have to start a post with 'i'm not a computer expert', and there are computer experts posting all around, you should take that as your cue to read and not write. there are countless pages of information RIGHT HERE that you should have read prior to posting. obviously they made no impression on you.

keep on steering clear of that AV software. i'll take your computer when you throw it away in 3 months.

i recomend microsoft security essentials for the best security software and is free to dowload from microsoft

Don't run two anti-virus products at the same time. You're asking for trouble down the road when they conflict and cause system damage.

Further to my post #51
I have just read a post that dismissed a virus threat. The risk in doing that is very high indeed. The reason why virus protection is distributed for free is that when companies first began deleting orders if they contained a virus, they soon found that they had to delete more than half of all orders coming in. Hence it paid them to pay the industry in order to give potential customers virus protection for free.
A personal computer is frequently used as a means of passing on a virus to a major company or organisation - and you will never know you're doing it! Once infected, everyone you communicate with will be infected.
That is totally irresponsible as it also enables fraudsters and terrorists to use you as an unwitting carrier.
If you use "dial up" you have a somewhat better chance than someone on broadband of getting away with it for longer because your IP address is constantly changing. That is no excuse for being complacent and putting your friends and associates at risk by ignoring the free products designed to make the internet a safer place.