What is the best Anti-virus and firewall apps for a Win 7 PC in 2011?
January 3, 2011 11:24 AM
What is the best Anti-virus and firewall apps for a Win 7 PC in 2011?
I just purchased a new Dell PC, and I'd like to set it up with a good anti-virus and firewall program.
The general consensus seems to be that McAfee and Norton are bloated, resource-hoggy, and ineffective. Google turns up plenty of free programs, but credible, CURRENT reviews are hard to find.
Many of the big programs offer "security centers" - huge programs that combine anti-virus, firewall, malware removers, and phishing protection. Some of this seems necessary, others not-so-much.
Also, Win 7 has a firewall built-in; since I'm not remotely a security expert - I have no idea if this is sufficient, or I need a 3rd party app on top (or instead of it).
So, what's a conscientious but non-expert Windows user to do?
(I know, I know - get a Mac. Which I've done - I LOVE my iMac. But I ALSO need a PC for work...)
I have tried many and lately I have had best luck with FREE Microsoft Security Essentials. Symantec used to be good but recent versions have turned into trash since they started doing all their programming and development over in India. I have had McAfee break more computers than it protects.
I recommend turning on Windows 7 firewall, download and run Microsoft Security Essentials, turn on automatic updates, don't open attachments from anyone you didn't plan on receiving in advance. Avoid dark alleys of the internet, such as porn, illegal downloads, etc.
posted by nogero at 11:33 AM on January 3, 2011
I recommend turning on Windows 7 firewall, download and run Microsoft Security Essentials, turn on automatic updates, don't open attachments from anyone you didn't plan on receiving in advance. Avoid dark alleys of the internet, such as porn, illegal downloads, etc.
posted by nogero at 11:33 AM on January 3, 2011
Thirding the others. MSE is all you need.
posted by puritycontrol at 11:34 AM on January 3, 2011
posted by puritycontrol at 11:34 AM on January 3, 2011
One more thing: Most viruses come from two sources now days: PDF files and Java scripts. Unless you have a specific need for Java disable it in your web browser. Use an alternative program such as FoxIt, or a built-in PDF reader and avoid Adobe Acrobat if possible.
posted by nogero at 11:36 AM on January 3, 2011
posted by nogero at 11:36 AM on January 3, 2011
I don't have any specific knowledge or known experience with MSE, but my vote usually goes for AVG Free as a great basic anti-virus and Kaspersky for if you want to pay for quality.
posted by zombieApoc at 11:37 AM on January 3, 2011
posted by zombieApoc at 11:37 AM on January 3, 2011
In my side-line pc repair job, I've seen a few incidents that got past MS Security Essentials, which up to then was my personal fave as well.
I've been trying out Trend Micro's Titanium Internet Security 2011 with good results. I got a deal on the 3 PC license, otherwise I would have gone for just the antivirus. Generally the security suites are quite bloated.
Oh, and keep flash up-to-date or use the built in player in Chrome. Lots of malware was riding flash.
posted by hey you over in the corner at 11:38 AM on January 3, 2011
I've been trying out Trend Micro's Titanium Internet Security 2011 with good results. I got a deal on the 3 PC license, otherwise I would have gone for just the antivirus. Generally the security suites are quite bloated.
Oh, and keep flash up-to-date or use the built in player in Chrome. Lots of malware was riding flash.
posted by hey you over in the corner at 11:38 AM on January 3, 2011
If going the free route, for the most part you should be ok with Security Essentials, Avast (I run both side by side with no big performance hit), or AVG. Very rarely do I recommend that someone purchase a virus scanner, as the free ones do a decent job and are fairly non-intrustrive. If you want to go the subscription route, I'd recommend BitDefender (for detection rate) and NOD32 (for performance).
*Just as important* Make sure your 3rd party apps are always kept up to date, most notably ones that act as browser plugins (Adobe Reader, Adobe Flash, Sun Java, Quicktime, etc). These are the main points of attack for malware, not the browsers themselves. These apps are also vulnerable to 0-day attacks....which are attacks designed to get past most if not all virus scanners until their DATs are updated. VirusTotal is a good site for checking suspicious 0-day files individually.
The built in firewall for Windows 7 is fairly decent in combination with the built in UAC. That combined with your router deflecting traffic, you should be fine...unless you're opening up various outside ports.
I also highly recommend this handy browser addon called WOT (Web of Trust). It is a community driven site advisor that also gathers its data from malwaredomains.com. You'll see an icon next to google search results (very nice in the event of a SOE hijack). It also will warn you of visited links with low reputation. It's a must-have for every new PC I set up.
posted by samsara at 11:46 AM on January 3, 2011
*Just as important* Make sure your 3rd party apps are always kept up to date, most notably ones that act as browser plugins (Adobe Reader, Adobe Flash, Sun Java, Quicktime, etc). These are the main points of attack for malware, not the browsers themselves. These apps are also vulnerable to 0-day attacks....which are attacks designed to get past most if not all virus scanners until their DATs are updated. VirusTotal is a good site for checking suspicious 0-day files individually.
The built in firewall for Windows 7 is fairly decent in combination with the built in UAC. That combined with your router deflecting traffic, you should be fine...unless you're opening up various outside ports.
I also highly recommend this handy browser addon called WOT (Web of Trust). It is a community driven site advisor that also gathers its data from malwaredomains.com. You'll see an icon next to google search results (very nice in the event of a SOE hijack). It also will warn you of visited links with low reputation. It's a must-have for every new PC I set up.
posted by samsara at 11:46 AM on January 3, 2011
MSE, Avast!, and I've had a lot of people lately tell me about Panda Cloud, but I haven't tested it long enough to feel comfortable with it.
posted by deezil at 11:53 AM on January 3, 2011
posted by deezil at 11:53 AM on January 3, 2011
I like AVG Free, personally. You are right that McAfee and Norton are worse for your computer than most viruses you could get- they're really disgustingly bad. I tend to leave my Windows Firewall off. As far as I know, my router provides a firewall anyway, and having a software firewall on too can only cause annoying problems.
My overall opinion is that the threat of viruses to Windows machines is very overrated. If you aren't downloading shady exe files from warez sites, and aren't using Outlook on a big corporate network, it's actually pretty hard to get one.
posted by drjimmy11 at 12:25 PM on January 3, 2011
My overall opinion is that the threat of viruses to Windows machines is very overrated. If you aren't downloading shady exe files from warez sites, and aren't using Outlook on a big corporate network, it's actually pretty hard to get one.
posted by drjimmy11 at 12:25 PM on January 3, 2011
None of them do anything to protect you from things you click on on webpages, or things that autoload via flash elements.
Flash, out of date updates, PDF, and Java are your worst enemies, in that order.
No matter what you do, use firefox/chrome/ and adblock and flashblock. These are critical, specifically flashblock. If you're paranoid, go with NoScript too, but it's an annoyance for me.
If you're a good boy, and you behave yourself, MSE and the windows firewall are fine (in addition to ad/flashblock). For an added layer of protection, use a hosts file. If you're paranoid, after you run PCDecrapifier to take all the dell bloatware off the system, install SpyBot and let it do it's innoculation routine. That'll protect your system files w/ minimal annoyance.
But then, seriously, keep those updates updated, avoid Adobe PDF reader, block every app on facebook, and use webmail over client-based solutions. You'll be peachy.
posted by TomMelee at 12:36 PM on January 3, 2011
Flash, out of date updates, PDF, and Java are your worst enemies, in that order.
No matter what you do, use firefox/chrome/ and adblock and flashblock. These are critical, specifically flashblock. If you're paranoid, go with NoScript too, but it's an annoyance for me.
If you're a good boy, and you behave yourself, MSE and the windows firewall are fine (in addition to ad/flashblock). For an added layer of protection, use a hosts file. If you're paranoid, after you run PCDecrapifier to take all the dell bloatware off the system, install SpyBot and let it do it's innoculation routine. That'll protect your system files w/ minimal annoyance.
But then, seriously, keep those updates updated, avoid Adobe PDF reader, block every app on facebook, and use webmail over client-based solutions. You'll be peachy.
posted by TomMelee at 12:36 PM on January 3, 2011
Lots of people commenting here about the vulnerabilities created by Adobe PDF... OK then - what's the best PDF viewer?
posted by stuehler at 12:40 PM on January 3, 2011
posted by stuehler at 12:40 PM on January 3, 2011
Just a retort to DrJimmy11, really quickly. Norton has made significant progress in the last couple years. They're really much better now. Not as good as, say, Kaspersky, but very much better. Their enterprise level protection is pretty great, actually. This person isn't an enterprise level user though. I still don't advocate that anyone pay Norton's pricetag, but it's not *bad* anymore.
What I really wanted to respond to was how easy it IS to get a virus now. Facebook (the bane of any IT guy's existence) doesn't bother to certify any app it runs. Many are malicious trojan loaders. Once you've got the trojan, you can get the rootkit. Once you've got the rootkit, you're...screwed. I'd almost bet a dollar that 20% of MeFites have a rootkit and don't even know it. This is why I advocate flashblock so hard, and why a managed hosts file can really make all the difference.
(Trojan + bad password management = identity theft and email/facebook hijacking, etc. Bad, bad. Sucky even.)
posted by TomMelee at 12:40 PM on January 3, 2011
What I really wanted to respond to was how easy it IS to get a virus now. Facebook (the bane of any IT guy's existence) doesn't bother to certify any app it runs. Many are malicious trojan loaders. Once you've got the trojan, you can get the rootkit. Once you've got the rootkit, you're...screwed. I'd almost bet a dollar that 20% of MeFites have a rootkit and don't even know it. This is why I advocate flashblock so hard, and why a managed hosts file can really make all the difference.
(Trojan + bad password management = identity theft and email/facebook hijacking, etc. Bad, bad. Sucky even.)
posted by TomMelee at 12:40 PM on January 3, 2011
PDF X-Change Viewer if you need to be able to do fillable forms. Sumatra if you don't.
I used to recommend Foxit, until I learned how fast XChange and Sumatra are, and until Foxit started bundling w/ crapware.
posted by TomMelee at 12:42 PM on January 3, 2011
I used to recommend Foxit, until I learned how fast XChange and Sumatra are, and until Foxit started bundling w/ crapware.
posted by TomMelee at 12:42 PM on January 3, 2011
Just a note about MSE - I use it myself but it can still get some pretty odd behaviours such as chewing up all your resources when you boot up or not starting at all. Otherwise I'll nth it as the best free option - combined with safe browsing via NoScript you should be fine.
If you want to pay money for a bit more control and more options, I've had good luck with Kaspersky.
posted by charred husk at 1:41 PM on January 3, 2011
If you want to pay money for a bit more control and more options, I've had good luck with Kaspersky.
posted by charred husk at 1:41 PM on January 3, 2011
I used to recommend Foxit, until I learned how fast XChange and Sumatra are, and until Foxit started bundling w/ crapware.
Wow, thanks for linking these..I used to think Foxit was just about it for an alternative, and ya..its gotten adware-ish lately while still sharing some of Adobe's vulnerabilities. On a side note however, the new Adobe Reader X looks promising now that it is sandboxing its processes (in laymans terms, it operates within a virtual PC environment..completely detached from the operating system, so malware has a MUCH more difficult time reaching parts of the live system...still, doesn't hurt to turn off javascript support in your PDF reader no matter what it is if you don't need it)
posted by samsara at 1:56 PM on January 3, 2011
Wow, thanks for linking these..I used to think Foxit was just about it for an alternative, and ya..its gotten adware-ish lately while still sharing some of Adobe's vulnerabilities. On a side note however, the new Adobe Reader X looks promising now that it is sandboxing its processes (in laymans terms, it operates within a virtual PC environment..completely detached from the operating system, so malware has a MUCH more difficult time reaching parts of the live system...still, doesn't hurt to turn off javascript support in your PDF reader no matter what it is if you don't need it)
posted by samsara at 1:56 PM on January 3, 2011
personally i use Avira antivirus. performance-wise i don't think anything out there can touch it (in my experience NOD32 is rather slow). maybe i'm paranoid but i'd never use MSE since essentially if MS new anything about security they wouldn't have had so many problems over the years. I'd rather trust a dedicated third party for that.
maybe the following websites can give you a clearer idea of what's best for you:
http://www.av-test.org/certifications
http://www.av-comparatives.org/comparativesreviews/summary-reports
posted by canned polar bear at 4:01 PM on January 3, 2011
maybe the following websites can give you a clearer idea of what's best for you:
http://www.av-test.org/certifications
http://www.av-comparatives.org/comparativesreviews/summary-reports
posted by canned polar bear at 4:01 PM on January 3, 2011
One easy way to cut down on getting something nasty via Acrobat Reader is to disable javascript in the preferences.
I've not, yet, come across a non-malicious PDF which needs javascript to work.
posted by mr_silver at 3:22 AM on January 4, 2011
I've not, yet, come across a non-malicious PDF which needs javascript to work.
posted by mr_silver at 3:22 AM on January 4, 2011
I highly recommend installing the Secunia Personal Software Inspector and let it run weekly.
It scans your PC for software and notifies you if any of your programs have had updates released fpr them recently. It will also tell you if youre missing any Windows security patches.
posted by Fiat124 at 12:58 AM on January 5, 2011
It scans your PC for software and notifies you if any of your programs have had updates released fpr them recently. It will also tell you if youre missing any Windows security patches.
posted by Fiat124 at 12:58 AM on January 5, 2011
'Nthing PSI and throwing in a vote for ClamAV for Windows. I run it alongside Avast (it is designed to do this) and it has stopped some nastiness indeed.
Please note it is cloudbased, so you will need a connection for it to be most effective.
posted by Samizdata at 1:34 PM on January 16, 2011
Please note it is cloudbased, so you will need a connection for it to be most effective.
posted by Samizdata at 1:34 PM on January 16, 2011
ClamAV for windows is basically a rebranded version of Immunet for now. They might change their interface down the road, but for the time being both clients are exactly the same except for their branding. The same happened a long ways back when Microsoft bought out GIANT Antispyware (pre-defender, was named Microsoft Antispyware even though the executables and registry keys still had GIANT in them)
posted by samsara at 8:34 AM on January 18, 2011
posted by samsara at 8:34 AM on January 18, 2011
This thread is closed to new comments.
posted by ChrisHartley at 11:32 AM on January 3, 2011