Security Recommendations for 64bit Windows 7 Users

Hi everyone,

I have been doing lots of research and have determined that many of the best software for security is not compatible with a 64bit OS. Some examples include DefenseWall, Sandboxie, Malware Defender, Shadow Defender, etc. Is there anybody here using 64bit Windows 7 or who has knowledge of good software for it who can recommend top notch security apps for it? I particularly want the ability to have a sandbox or shadow defender type of safe mode with a greats HIPS which is why I listed those 4 apps as examples. Unfortunately I know that I wont be able to use those due to 64bit incompatibility. If there is anyone using 64bit Windows 7, what did you choose to use for your OS security?

 

If you want a good HIPS that is compatible with 64-bit systems, you could try Comodo Internet Security. I haven't tried it on 64-bit Windows 7 myself, but it should work.

 

For FW on x64: Use Stems post to set Win7 FW two way or alternatively use WindowsFWControl x64 to add outbound application level

HIPS: Use UAC with PGS Pretty Good Security, to deny execution of C:\Users and add basic user rights to all internet facing programs (except IE8 and Iron) on name

Next level HIPS options: a) ThreatFire, b) Returnil

Adhoc: Hitman Pro

 

Norton IS is compatible with W7 64 bit.

 

In x64, is using Win7 FW two way a better option than Comodo? If I understood correctly from other threads, patchguard in Win7x64 prevents many security apps from being able to protect themselves and also makes them weaker vs their 32bit versions. I have read this is true for comodo as well.

 

Not a better, an easier option.

When you look at the security improvements of x64, you really do not need Defense Plus. Ideally I would like to have an application on x64 which only would warn me when side by side process intrusions occur and user space autostart locations are changed.

 

Okay but what if I were to choose to use Comodo without Defense+? Would that be a better option over Windows 2way FW? And what about the inability of security apps to protect themselves in x64. Is certain malware once executed, able to manipulate, control, or kill the process of security software because of this inability? Can you prevent this from happening someway[maybe with LUA/SRP/DEP]?

I'm fairly new to this stuff and I am just trying to get a better understanding of whats going on. I have read certain things in older threads that relate to my questions which have got me a little confused & in need of clarification.

 

personally i recommend staying with Win7 Firewall as long as you have a router.

 

I'm using the beta of Vipre Anti Virus and ThreatFire and they work very well together on Windows 7 64-bit. No issues here at all.

Vipre is one of the fastest, lightest and best anti virus programs I've ever used. Highly recommended.

I feel pretty protected with both running and for firewall, Windows 7 firewall is running and of course the hardware firewall in my router does an excellent job as well.

 

Vipre has a beta out?

 

Guess it must be the official release now, because I don't see the Windows 7 beta on their main page any longer, so it must have been updated. Didn't even know it had been...how about that.

Running great here though.

 

Dump 64bit
Reformat
And Install 32bit

 

posts like this dont help the TS... he's clearly made the choice to use 64bit so try to work from there...

 

Well I am running Vistax64 and will be switching Win7x64 next month. I will use Win7 firewall(which you can configure to give outbound protection if you like), Nod32, and MBAM on demand. When Nod32 expires I may or may not switch to MSE or Avast free. My browser is Firefox, and probably the most important extension I use other than Adblock Plus is WOT. I am using Acronis 2009 for imaging and will upgrade to Acronis 2010 next month (which BTW has a virtual sandbox in the program called try and decide). If you have a clean image of your os then a sandbox is not quite as important, although it is nice to have. With that said Returnil 3 beta I believe is x64 compatible. You also have deepfreeze that is x64 compatible. I don't have problems with infections with my setup. When I have restored from a clean image it was because of something else other than infection. But I do understand that there are a lot of security enthusiasts who like to have absolute maximum protection and therefore have multiple security apps running in real time, which is fine.

 

I am using Norton av 2010 and Outpost firewall pro 2009 in Win7 x64 without problems for now.

 

PrevX runs fine under win7 x64

 

Allthough I feel I have the easiest and strongest 32 bit security application available, I still would not mind buying a new PC with Windows7 x64 pre-installed.

 

Just the OS itself, and a hardware firewall (because I have it around). Limited user accounts, a software restriction policy, some "tweaks" here and there like disabling autorun for removable and in fact all drives, and using software that I consider better for media playback, browsing and managing files than WMP, IE and Explorer are. That, and a lot of "common sense." Basically, no third party security software, because it doesn't really suit my purposes. This is on a 64-bit Windows, but not Windows 7, though.

 

Ha , I agree with Windchild

On Windows7 x64, just use UAC with slider to ignore user initiated elevations (Vistax64 users can download Norton's UAC tool to reduce pop-ups).

Use Win7/Vista's own FW, set it two way with Stem's post (see FW section) or download Windows7FireWallControl freebie (we are also behind a NAT/FW/SPI router)

Download Sully's PGS and set it up like this:
- meaning running all internet facing applications as Limited User
- IE8 runs by default in protected mode
- Start Iron with PSExec to force it with lowest rights (protected mode) also
(now it runs in a double Sandbox, Iron's own and protected mode of the OS)

Add a (free) AV to your liking, add KeyScrambler free for IE8 to fool any keylogger when online banking/shopping.

Your done and pretty much covered (vista and Windows7 only allow side by side intrusions, all higher rights level objects/processes are protected, so running your browsers with lower than LUA rights=Protected Mode, should be safe)

NB as you might have guessed Iron is the dodgy Internet browser (-incognito)

 

I use Windows 7 Ultimate 64bit and all I use is Microsoft Security Essentials. I know this is a forum for the super paranoid and I've been a reader here for a long time, but realistically if you have a router + UAC + MSE anything more is really overkill unless you are still living in the early 90's and download all your fun stuff from websites that have infinite banners/popups