Most antivirus companies will continue to support Windows 7

Discussion in 'other anti-virus software' started by guest, Jan 29, 2020.

  1. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    No offense but your mouse avatar somehow reminds me of my maiden Aunt Molly.

    I recognize that you are a security pro & I'm not. However, I have offered my opinions & supported those opinions with facts. You have offered only opinions, without offering supporting facts.

    Please: either show where my facts are incorrect, or offer your own supporting facts. I would rather learn from you than argue. :thumb::thumb::thumb:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    @ all -- IMO, some of the preceding comments indicate that their writers manifestly ignore the tremendous security power of retaining a separated file of clean images. This is true, whether one is using patched OS or un-patched OS. With daily or bi-daily imaging, the need moves from primarily protection to primarily detection. For example, a file integrity checker (e.g., ADinf) doesn't protect real-time but it is an excellent form of detection.

    Once a nasty is detected, simply restore a clean image and... POOF!! The sun shines, the birds sing, a soft breeze blows, & all is right with the world. :isay:

    Anti-exe + behavior blocker + HIPS + ADinf + imaging + THINK! = 99% bullet proof, no matter which WIN OS is in use (maybe even Win10 :rolleyes: ).
     
    Last edited: Feb 15, 2020
  2. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    100% agree with you bellgamin but I do it the other way around, think+imaging and then whatever for the rest...and it even work with Windows 10...:p:)
     
    Last edited: Feb 15, 2020
  3. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Of course, but system imaging goes without saying; it should be a de facto standard for anyone running any kind of O/S. It's for recovery as opposed to actual security, at least in the technical sense.
     
  4. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I understood what you wrote, but I think you missed my point. I'd much rather use a patched OS, such as Windows 8 or 10, without HIPS or any other security software, other than an antivirus, than use an unpatched OS.
     
  5. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Okay, but ---- WHICH antivirus would you use? Surely you do not mean an AV that works solely on signatures, do you? Otherwise, almost any AV also contains one or more of the following: HIPS, Firewall, Behavior Blocker, et alia.

    Ergo, I doubt that your statement "without HIPS or any other security software" (emphasis added) means that you rely solely on sig-based security & a patched OS -- or do you?

    Also, the topic of this thread pertains to WIN7. Win7 is not unpatched -- just not AS patched. I maintain that Win7, protected by anti-exe, HIPS, BB, ADinf, et alia, is equally or more secure than a patched OS protected merely by sigs. Further, if Win7's security wall is ever penetrated, detection will lead to (POOF!) "uninfectedness" via a restored clean image file.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Or is someone going to say that a malware does (or might) exist that is totally undetectable* by any tool now extant?
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    * Philosophically, if a totally undetectable malware ever did exist, there would be NO symptoms to reveal its presence, so how would we ever know of its existence? Hmmm... Occam's Razor is at hand. I shall go and have a shave.
     
  6. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    @bellgamin Well pretty much all antiviruses these days do include some form of behaviour blocking. But what I meant was that I'd rather not have to take extra security measures to compensate for an operating system with unpatched security vulnerabilities. So I only use the behaviour blocking in my antivirus, I don't use anything else to supplement it. I have done nothing else to harden my system, or make it more secure. Not that's anything wrong with doing that. But for my usage, I do not feel the need to use anything else other than an antivirus. I never get infected and nothing get blocked automatically.

    However, if I was to use an unpatched operating system, I feel that it would make sense to take extra steps to secure the system.
    As I just explained, I was not referring to using only signatures and personally I would rather not use an unpatched operating system. I would choose an up to date OS, protected only with signatures, over an outdated one, protected with multiple security apps.
     
  7. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,387
    I'm of exactly the same opinion, I am totally okay with the ideia of just running Microsoft Defender along with a Chromium Browser (adblocker installed) on Windows 10.
     
  8. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    There you go --- roll those dice! :rolleyes:
     
  9. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen
    I too understood your post. As you said, each to their own. :thumb: Only I think that the patches protect my OS from the known vulnerability, HIPS and other security softwares protect also from unknown.
     
  10. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    i already wrote that - but defender on win10 has anti-exploit (several methods), anti-ransom, anti-crypto-miner, pua/pup and signature scan (100%).
    currently i cannot speak for win8 (not installed), but win7 dont has that options, maybe with MSE. anyhow in its basic features windows 10 is more secure than any other windows before (and i still dont speak about privacy because this dont matters here).
    [...]
     
  11. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,387
    I fully agree with you and by default Windows 10 users will have a much more safer (and faster) browsing experience with the new Microsoft Edge.

    Microsoft Defender isnt a basic antivirus anymore, combined with Windows 10 security mitigations, it is a "next-gen" solution with all the features that are needed to keep the user safe.
     
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I did no follow WD thread closely but are all those mitigations now enabled by default? If not can they be activated from Settings with few clicks?
     
  13. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,387
    Anti-exploit, SmartScreen, AMSI, behavior blocker, cloud detonation machine learning, block at first-sight, network real time inspection are all enabled by default, but you can use ConfigureDefender to easily enable even more robust mitigations.

    https://github.com/AndyFul/ConfigureDefender
     
  14. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    PUA/PUP is not on by default, dont know why
    on: Set-MpPreference -PUAProtection Enabled
    off: Set-MpPreference -PUAProtection Disabled
    (to execute in powershell)

    most of anti-exploit settings are on, and you can set exclusions.
     
  15. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Thank you both for your answers. Just wanted to get an idea what's enabled by default.
     
  16. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Whether someone chooses to stay with Win7, or seeks advice whether or not to switch to Win10, this is a very instructive thread. It goes to show you -- friendly disagreements can be very productive.

    I salute all! :thumb::thumb::thumb:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    To clarify a few terms: anti-exe = anti-execution <> anti-exploit. ::: MBAE (or HMP.A) + OSA = anti-exploit.
     
    Last edited: Feb 16, 2020
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.