Best Windows 7 malware protection?
February 5, 2017 9:09 PM   Subscribe

I have a new laptop that I would like to carry around to strange cafés with wifi (plus, you know, connect to the Internet). I am wondering about best antimalware protection options. Paying one time is fine, but monthly/annually is not. Country of origin is also something that concerns me.

I've tried looking around at articles and reviews -- there are still plenty of people covering antivirus/antimalware software for Windows 7, which is great. However, the reviews seem to focus almost exclusively on metrics (helpful), while not covering how trustworthy the producing company is, or how much control the user has after its installed.

Additionally, I very much want to just buy something and pay for it once -- I'll pay for updates, but I don't want to have to pay repeatedly just to keep the core software running.

It seems to me that in installing an antimalware program you're essentially allying with the producers, so really trusting them is important.

Apparently Windows Defender (the free, included antivirus software) is either "pretty good" or "terrible".

Any advice on:

a) which software will work for me, and/or:

b) how to leverage my dated knowledge to understand current offerings on my own? I have a 1990s CS background and it bothers me when I don't have at least a little understanding of what's really going on with software I install on my computer.
posted by amtho to Computers & Internet (15 answers total) 5 users marked this as a favorite
Windows Defender is fine. Like any AV and/or anti-malware stuff, it can be crappy on really slow hardware, but if that isn't an issue, just use the Microsoft stuff.

If you really feel the need to do more, run Malwarebytes from time to time.
posted by wierdo at 9:17 PM on February 5, 2017 [1 favorite]

Stick with MS Defender. The others are really not very good. This article has some details.

You can look into using a VPN in addition to defender.
posted by coberh at 9:32 PM on February 5, 2017

The best way of avoiding malware is just not downloading suspicious files. Plus defender on top just in case.

The main thing you want to be leery of on public wifi is providing credentials or sensitive data to websites that have plain http (as opposed to https) connections. And a good way of avoiding having to think about that is to pay for a VPN (virtual private network) service and always use that.
posted by jzed at 9:51 PM on February 5, 2017 [1 favorite]

Oh and here is an article from the EFF (Electronic Freedom Foundation - a not for profit) on choosing a VPN.
posted by jzed at 9:55 PM on February 5, 2017 [2 favorites]

Argh, that all matches my previous understanding. I was hoping for better, especially since I sometimes advise older people who are increasingly unable to reliably tell trustworthy downloads from non-trustworthy.
posted by amtho at 10:12 PM on February 5, 2017

Sadly, avoiding fake software downloads and keeping your browser updated and using NoScript and/or a good ad blocker to avoid drive-by JS forced download/execution attacks is by far the best prevention. Well, that and a software firewall if you are using WiFi that gives public IPs.

Literally the only time I've gotten malware in the last 20 years was when I had disabled the Windows firewall and unthinkingly connected to an access point that gave me a public IP and got whacked with a zero day SMB exploit. Otherwise, I haven't run any sort of security software aside from Clamav and Malwarebytes on occasion to make sure I hadn't picked anything up that was being particularly sneaky like a quiet keylogger. (I'd notice a DDoS botnet/spamming type thing immediately since I have network monitoring tools to alert me of my devices using more bandwidth than they ought to)

These days, uBlock probably does more than anything else to prevent problems. At least a few times a year major ad networks used on otherwise trustworthy sites get conned into serving malware.
posted by wierdo at 12:20 AM on February 6, 2017 [2 favorites]

Weirdo, please tell me of your network monitoring tool, if it's convenient.
posted by amtho at 12:37 AM on February 6, 2017

Windows Defender and Microsoft Security Essentials are basically the same thing. I think for Windows 7 you have to install Security Essentials separately (from Microsoft here); for W8 and W10 it comes with the OS and is called Windows Defender.

And yes, it's good enough, although if you're really worried about security you shouldn't be running Windows 7. If it's new hardware, why not 10?
posted by neckro23 at 7:30 AM on February 6, 2017

I think by far the most important thing for security now is to make sure that what ever browser they use, you install a pop-up/ad blocker. Increasingly this is the major vector for problems, whether automatic or caused by user error. Chrome and Firefox do some, but not enough. Microblock origin (uBlock origin) has been great for me for more than a year. Like your responses above, I think this is the most important security software you can install.

The other two things to look at really closely: a password manager (LastPass, 1Pass, etc...) and off-site backup (Dropbox, Google Drive, MS Onedrive or even something a lot more secure like Crashplan). Those lock down important things like banking websites etc... The backup provides a way to restore if everything goes south.

Defense in depth. Windows Defender is fine, but the majority of threats we see at work now are transmitted over the web.
posted by bonehead at 8:12 AM on February 6, 2017

And do look at migrating to W10 soon. W7 end of life was in Jan 2015, though it will do security patches through 2020. You want those.
posted by bonehead at 8:16 AM on February 6, 2017

bonehead: I have an encrypted database I made in Access-like software -- stored locally -- which is my password manager, and I use external hard drives and a safety deposit box as my external backup. I also map known ad server domains to localhost in my local hosts file. I'm hoping that these, plus popup blocking, plus a better backup schedule, will address the points you mention.
posted by amtho at 9:07 AM on February 6, 2017

Upgrade to windows 10 if you care about security. It's still actually a free upgrade if you are able to click a few links.
posted by soylent00FF00 at 6:08 PM on February 6, 2017

amtho, at home, my router runs dd-wrt with SNMP enabled and I have a Cacti instance pointing at it with bandwidth (and other) alerts enabled. I used to also have smokeping alert when latency got above a certain threshold as well, which on older hardware I used to use would catch overly large numbers of connection requests since it could only handle a 50-100 new connections per second before latency began to rise enough to be noticeable.

These days, I just have Cacti alert on the actual number of connections in the NAT table now that the count is available over SNMP.

Were there a problem, the GUI provides per-device connection counts and bandwidth usage. I could log that to Cacti, but that is enough hassle I don't bother. I'm getting complacent in my old age.

Elsewhere I have Mikrotik routers configured similarly and plain old Linux PCs that are monitored with Nagios to similar ends.

I suspect there exists software for Windows that will do the same for individual machines, but since I've always done the monitoring on the network level I can't say for sure. One could run Cacti in a VM and install an SNMP server on Windows if nothing else, I suppose.
posted by wierdo at 10:43 PM on February 6, 2017

I could be wrong about this, so someone chime in if I am. But in a wifi cafe you will be assigned a DNS of the cafe's choosing, which could possibly a danger: phishing, etc. If you are worried about this, you can set up OpenDNS on your laptop which is generally considered safe, as far as I know.
posted by DarkForest at 6:37 AM on February 7, 2017

« Older Break in! Ahhhh!   |   I REALLY like this guy (long distance) and... Newer »
This thread is closed to new comments.