Spyware, Viruses, & Security forum

General discussion

Is the security software built into Windows 7 good enough or not?

by Lee Koo (ADMIN) CNET staff/forum admin / April 23, 2010 5:35 AM PDT

Is the security software built into Windows 7 good enough or not?

I just purchased an HP computer with Windows 7. It is currently working GREAT! I was told by Microsoft that there is no need to have any other security protection because their built-in security system surpasses everything else. Is this true? If so, why is there a need for McAfee or Norton, or any other security protection? If it's not true, what are the reasons? What would you recommended for security software? And what are the differences between antivirus/antispyware security software? Please advise. Thank you.

--Submitted by Ron G.

Here are some featured member answers to get you started, but
please read all the advice and suggestions that our
members have contributed to this question.

What you were told is very puzzling ..... --Submitted by Watzman

You still need antivirus software with Windows 7 --Submitted by waytron

No...Sadly, it never ends. --Submitted by Wolfie2k5

Read all member contributions to this topic

Thank you to all who contributed!

If you have any additional suggestions for Ron, click on the reply link and post away. Please be as detailed as possible in your answers and if you are offering security utlity recommendations, a link to the product would be great! Thanks!

Note: Please keep this discussion civil and on topic. This is not an anti-Microsoft discussion. You are welcome to express your opinionss, but please keep it informative, constructive, and remember to be considerate of other members.
Post a reply
Discussion is locked
You are posting a reply to: Is the security software built into Windows 7 good enough or not?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Is the security software built into Windows 7 good enough or not?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Always a better mouse trap

No clue (aside from arrogance) why they'd tell you that, but there's always someone building a better mouse trap. Peraonally, I've had great success with Avast! (which is free for personal use) and nothing but headache from the Usual Suspects.

If you believe that there's no need cuz MS security is already the best, I've got a bridge to sell ya, the check's in the mail and I really won't... well, you get the drift.

Collapse -
Windows 7 Protection
by Prof321 / May 2, 2010 2:41 AM PDT

The advice regarding Microsoft Security Essentials from Watzman is excellent. This is an excellent security suite and it's available for free.

Collapse -
What you were told is very puzzling .....
by Watzman / April 23, 2010 10:27 AM PDT

What you were told is puzzling, because as far as I am aware, AS SHIPPED, Windows 7, like other Microsoft OS', has no anti-spyware or anti-malware software (like Windows XP SP2 and later, it does have a firewall).

Now, that said, you don't have "plain generic" Windows 7, you have an OEM implementation (in this case, HP), which may had software added.

Last fall, Microsoft did introduce a totally free security package, MSE (Microsoft Security Essentials). Perhaps they thought that you had this installed, and perhaps, indeed, you do ... you can check on that, I can't.

In any case, MSE is free, and MSE is, in fact, very good; there is pretty much universal agreement on that point. Is it as good as McAfee or Norton (Symantec) or other paid products? That is a matter of debate, but it is at least "in that league" .... and I would go so far as to say that it's the best FREE security software.

As to the paid product, I and many other (but not all, by any means) professionals believe that Norton Internet Security (NIS) is currently the best of the paid products. Some people are very down on Norton, because mid-decade Norton had gotten very, very, VERY bad (no argument), but the Norton products since about 2007-2008 are among the best of the security software products (note I say "among the best"; arguing which is THE best is like arguing about religion or politics ... you won't get a unanimous opinion).

I do think that, generally, having a fully updated (e.g. critical updates) system and MSE is definitely "good enough". If you want a paid product, I'd personally go with NIS. My gut feeling is that it's a tiny bit better than MSE, but for many people the "tiny bit" may not be enough to justify the fact that it's not free.

BTW, to get MSE, go to http://www.microsoft.com/security_essentials/

Note that MSE requires activation and validation; it will not run on copies of windows that are not "genuine", and tests for this during installation.

Collapse -
I agree
by rafter56 / April 30, 2010 1:45 PM PDT

But i would like to add that some ISPs provide antivirus-antispyware suits with the subscription. Comcast is my ISP and provides NIS free for up to seven computers. MSE is very good, I used it before but upgraded to NIS because of some additional features and it didn't cost me any extra with Comcast.

Collapse -
Dream on: Trust MS and you shall be bitten.
by jacquechirac / April 30, 2010 2:55 PM PDT

I have yet to see a single product come out of M$ that is secure to my liking.

Think of this: If they knew how to produce a safe and secure system then would they have had a gazillion security updates to each and every package? These are not anti-virus definition updates, these are patches to correct bugs, gaping security holes!!!

I will bet my money (and my peace of mind) on Avast, Zonealarm, Malwarebytes, and Adaware (all solid, excellent quality freebies.)

Alternatively, switch to Linux and get rid of the headaches and worries altogether. In running the L for 15 years I never had to worry about a "Security Patch" or a virus/Trojan horse, or malware of anykind.

Collapse -
Linux...that's an Apple-like statement
by garry.k / April 30, 2010 11:19 PM PDT

If Linux ever became popular then it would get tested and guess what, it would needan antivirus program too! Apple users have been making this statement too, but now the security flaws are starting to surface. Now there are anti-virus programs for Apple and it's only 10% of the market. To assume that any OS doesn't need added security is to live in a fool's world.

Collapse -
(NT) How do I install Linux on my MS Win CE 4.2.net system (eom)
by DouglasLedet / May 1, 2010 9:55 AM PDT
Collapse -
Not as simple as it sounds, yet gives total eye ball control
by Carsto / May 13, 2010 4:37 PM PDT

Google liveusbcreator, download and install, even on Win PC. Go to Fedora, Gentoo, Debian or Ubuntu sites to get reasonably easily understood and implemented OSs. Download the ISO and install it on a USB pendrive of at least 2GB. Do not make copies, this changes the format. Then you have a bootable live CD OS. You can run this by choosing the boot device when the PC starts up. F12, I think. This will leave your Win XP, 7, whatever intact and you can check things out.

When you want to install to disc, you can do dual boot installs. You first install Windows because it hogs the master boot record. (Small part of why people started hating MS and big reason for the virus thingy, representative of the mentality, win some, lose some). Then you install any Linux OS and you can then install GRUB and you will be able to boot into any OS after that. Linux will also read NTFS files and you can link the two OSs with SAMBA. Linux also does not have a registry. It does have dependencies - small generic utility apps like printing that may be used by other larger apps. Watch this.

Go to LinuxOnline http://www.linux.org for three courses on the Linux system. There are also forums where you can get help. It is a lonely road, yet highly, vastly rewarding. All the software is free, but you have to work at getting your knowledge up. The virus/spy thing does largely not exist merely from the fact that is is a friendly community and all is freely available, Refer GCC, C++, Fortran et al compilers all in one.

One other benefit is the eternal maintenance is gone, there are updates, but the weekly nitpick is gone.

Fedora is a good place to start. All the office apps and you can convert to MS format. I changed my Office suite to Evermore Integrated Office, done in Java and runs on both Lin and Win. Does spread, word and presenter all under one file format; click, paste internal links.

Collapse -
by old_fella / April 30, 2010 7:28 PM PDT

I wonder if the confusion is being caused by Windows Defender. If I remember correctly Win 7 ships with Windows Defender.

I know some people think this is anti-virus.



Collapse -
NIS vs Avast Pro - ( no debate for me)
by FHankfreeman / April 30, 2010 11:39 PM PDT

I agree with the absolute need for a business and personal investment in a good internet and antivirus suite of software? I concur with this submitter that NIS ONCE had serious issues and having been burned across the board by these on all the sites I had to support, I am DONE with Norton and will never return to them?.

I have made the switch to Avast Pro and glad I did for it is exceptional in performance and catching weird stuff but allowing utilities that Norton and McAfee believe are viruses but they are not. Again Avast Pro (Not AVG) is where I have gone to on all my physical and virtual Windows 7-64 ultimate systems. It is time and money well spent.

Hank Freeman
Senior Data/Systems/DBA/Solutions Architect.

Collapse -
The ultimate guide to Windows 7 security
by FHankfreeman / May 2, 2010 11:49 PM PDT
Collapse -
Well said!
by nightVzn / May 1, 2010 8:46 AM PDT

This is a really excellent response. In forums like these, as we all know, people love to throw vociferous opinions around like they're going out of style, but you really gave a fair appraisal of the pros/cons of MSE vs. the paid solutions, especially in terms of Norton's significant improvements since its dark ages a few years back.

Personally I'm on the lightest version of Norton's product -- AntiVirus 2010 -- and I'm very pleased with it, especially considering how awful it was just a few short years ago. But MSE, being free, is making me wonder, and I do have a certain bias (perhaps irrational?) that an OS vendor is in the best position to release compatible products to run on its OS.

It'll be interesting to see how Symantec and McAfee respond to justify their existence in response to very credible free competition from Microsoft.

Collapse -
No complaints about MSE
by W3ZJ / May 2, 2010 2:27 AM PDT

I've been running MSE on three machines now for several months, I don't remember exactly when I uninstalled Norton Anti Virus and installed MSE. But I was tired of paying for updates.

The good news is that in that time MSE has picked up several things and and as far as I know has not let any kind of malware slip through.

The even better news is that quite a few of the participants here have indicated using MSE and not one has complained of a problem. I think that says alot in favor of free MSE.


Collapse -
MSE not installed on PC
by learner005 / May 2, 2010 7:40 AM PDT

I think if you investigate a bit ,you'll find that most suppliers such as HP do not install the free MSE program on the PC's is simply because of that reason>>it is FREE!They usually put a trial version of Norton,AVG or some other anti-virus program on the PC's because they are paid to do so...but with the Microsoft OS they aren't paid extra to install the MSE program.It's all about them making their money and without concern for the buyer!!
This is the same attitude they have about not shipping the free recovery and systems disc you pay for in the price of the PC but they keep and claim you have to go to a partitioned section of the HD to activate the program.I argued that if the PC screwsup and you can't access anything then how can you get the recovery or system disc to do the job required?This happened to me with an ACER pc I got as a christmas gift back in 'o8...after a lot of annoying and pestering ACER help techs and top bosses they realized I was in no hurry to go away and they sent me "DOUBLE DISCS" of both recovery and systems discs.
But personally rather than pay for the space {memory} hogging Norton or AVG program I find the MSE from Microsoft very efficient...and as with other anti-virus programs I've had,I simply go to DOWNLOAD.COM >owned by CNET< check around and download something like avir antivir or avast to do a sweep/scan with that program just to see if my anti-virus program has missed anything.

Collapse -
Norton trial that came with my HP DV6
by Jillnjase / May 4, 2010 11:37 AM PDT

Unfortunatey against my better judgement I decided to trust Nortons and MS security because of the ratings that Nortons were/are receiving. I very nearly lost my system thanks to trusting both MS and Nortons. It took me a week to recover my system. I had difficulty even trying to boot in safe mode.

I have Zone Alarm 2010 in bed with S&D and have had no problems since, and that was over eight months ago.

I have been using ZA for well over 10 years now and it has kept me safe.

I don't care what the experts say I will never trust either MS or Nortons again, and I warn everyone i know against them.

AND,,,,,I also had one hell of a job to fully uninstall Nortons......Does that sound familiar......hmmmm....sounds like a virus to me.


Collapse -
How did you do that??
by Hank Vonk / June 18, 2010 11:38 AM PDT

How did you manage to run MS AND Norton Anti virus, at the same time? That IS what you are saying, If I read you correctly. I was always told this was NOT POSSIBLE! 2 AV's at once?? Maybe THAT was your problem... I'm running MSE on 2 desktops and a laptop, no issues.. I also run Malwarebytes and S&D on the side occasionally too... all work, all free, not a single issue! I USED to run Norton, until the cost got to darned high.... so they lost 3 customers here! I'll stick with Free AND Effective!!

Collapse -
Win7 still needs an anti-malware tool

Even Windows 7 still needs an anti-malware tool. The bundled Windows Defender only looks for spyware, not viruses or the like.

However, it is possible your new PC is running Microsoft Security Essentials (MSE). It is actually not part of Windows 7, but may have been installed by your dealer. As MSE is also produced by Microsoft, and is available without charge, you may have misunderstood your dealer. If you are running MSE, you are covered.

At the same time, you also need to know that you still need to practice prudent computing. NO anti-malware can guarantee complete protection, especially if the user insists on doing risky things.

Collapse -
not true

Anti-viruses have multiple functions based on which one you have, which could include hacker prevention and up to date anti-spyware and anti-virus protection.

Threats are developed 24/7 by people trying to infiltrate your system, while windows only updates once or twice a month. I don't see how they can claim the protection is better than an anti-virus that updates every day. The sheer fact that there are so many different anti-programs out there and some are better than others, but there is NO perfect protection, means that windows 7 itself cannot also be perfect.

They could claim that additional programs would conflict and hinder the effectiveness of the windows 7 security, but they definitely cannot say they have the best security. It simply is not true.

I would recommend a spyware and anti-virus program with Win 7, but make sure it is 100% guarantee supported with win 7. (there is no shame in using free programs either, they work just as well as the full versions just without a little extra benefits.)

Collapse -
MSE does update daily.
by W3ZJ / May 1, 2010 12:35 AM PDT
In reply to: not true

The monthly updates you refer to are the patches that MS provides to correct some newly discovered vulnerability in Windows. And bye the way neither Linux or Apple are immune from vulnerabilities, it's just that there are so few of them around that it's not worth a hackers time to bother attacking them.

However, Microsoft does automatically download in install new anti-virus footprints for Microsoft Security Essentials every day 7 days a week, 365 days a year.


Collapse -
MS's built-in security measures in Win 7.

I would never trust Microsoft's included security software. I, too, am running Win 7, but immediately installed Norton Internet Security 2010 to protect myself. I have worked with too many people, in the past, who have also trusted MS's security and have had to clean their system's of viruses, etc.

Microsoft's included security measures are a 'nice' start, but no where near an end result for keeping yourself safe.

Don't believe whaty say or claim and get another antivirus app and keep it updated.

Collapse -
Window 7 antivirus/spyware
by duxdad / April 30, 2010 10:13 AM PDT

I actually take the opposite tac. On a new computer the first thing I do is remove Norton Bloatware, install Microsoft Security Essentials. I used to be a big Vipre fan but it let me down with a rouge security program infection. MSE removed it handily!!

Collapse -
Windows 7 is as Insecure as any Windows Install!
by iSamsung2u / May 1, 2010 2:37 PM PDT

Norton's stuff has been completely redesigned and can't be considered bloatware if properly installed for your needs. But there are other competitors to Norton's for 32bit Windows 7 (64bit is an whole different story) that are just as good. Here's just one:
Microsoft has always relied on Firewall holes to get in and out of your machine. So even though they say they won't use any of your information, they still have access to it. Their own software notoriously gets busted into all the time. Symantec listed the highest number of "Remote Code Execution Vulnerabilities" ever recorded last year. So should you really trust Microsoft? I don't think so!!!

I always hardware firewall my home network and never use wireless from inside my firewalled network router. My Sony PS3 runs on a wireless N out side my network too. But it's considered un-hackable and has never been broken into, except by putting it behind a computer using packet sniffers. Still that only captures data once it leaves the PS3!

Linux has SELinux (unbreakable NSA protection), but it's pain in the neck to use. If only Windows had something like AppArmor or Grsecure to fully control traffic (even Microsoft's), then I'd feel more comfortable. Then you wouldn't even need to worry about Remote Code Executions or Rootkits even. Because even if something got in, it couldn't get out. Everything runs in a sandbox where everything is kept either in or out! Wink

Collapse -
Norton NO WAY
by yorba / April 30, 2010 2:48 PM PDT

I'm sorry, but those who rate Norton as great need to rethink their stance. Norton misses more than it catches. It is true bloatware and is no longer the great software that Peter Norton started years ago. I personally would trust Microsoft Security Essentials more than I would Norton, and I am not a Microsoft fan by any means. I've been with PC's since the days of DOS 5 and this time, with a new system running Windows 7 64-bit, I am placing my trust in MSE.

Collapse -
Norton ???
by waytron / May 1, 2010 8:45 PM PDT
In reply to: Norton NO WAY

MSE may be OK when used with Windows 7 but I have not had good luck with it on older Windows XP machines. I have installed it on many client's XP computers and they came back infected within just a few days. I have a small group of clients that seem to get infected all the time because they perform a lot of risky searches and forwhatever reason are always infected. You can say what you want, but I have tried many combinations of protection with them and the latest 2010 version of Norton IS has worked the best so far and with very little impact on performance. I would have never have recommended Norton a few years ago and would typically remove Norton from every machine that would come in for service. Knock on Wood, but I have not had a single infected Windows 7 computer come in yet so I truly feel that the security has improved but only time will tell.

Collapse -
wheeew... another Dinosaur besides me! :P
by iSamsung2u / May 2, 2010 7:53 PM PDT
In reply to: Norton NO WAY

All the different 3rd party and MSE have their problems if they do not include a SANDBOX to isolate the Browser and any plugins or extensions away from the OS!

Not many people realize that you have not just a dozen or so ports. But 1000's of them. So even Sandboxing 80, 8080 (or whatever) is not going to protect you. Microsoft this year on Win 7 made all 3rd parties agree to allowing them access through some certain obscure ports. So even 3rd party Firewalls are limited by this agreement. It encompasses some ports used in Microsoft's own secure tunneling for business users. Although home desktops still have these same ports open through any Firewall OK'd by Microsoft and remember they just admitted that remote code execution vulnerabilities still exist!

Just saying... unless you run a dedicated home network firewall (not just a router/FW), you still have ports you don't know about OPEN!

So don't let the bedbugs, Microsoft lets in get away with your info. Packet Sniffers just outside the door can harvest everything about you. That's why a Hyper Tunneling Service is the BEST ANSWER for Security and Anonymity. Whether you use Microsoft's new Secure Tunnel, is up to you! ....but should you really trust the a company that lives inside your home, to keep YOU safe from itself? Wink

Collapse -
security software

Hi Ron G. I use Kaspersky 2010 I Have used Kaspersky for 2 years and it has worked well for me. I checked the ratings on security software before I bought mine I believe that the most money you should spend on software is for computer security, especially in this day and age. I'm running windows7 64bit but i have used it on windows vista 32 & 64 bit also. Hope this helps you.

Collapse -
And so you trust Microsoft that much?

Add free AVG, Zonealarm, PopUpBlocker and then, maybe, just a little trust or ignore what Microsoft would have you believe. Remember, you are not paranoid if the bad guys really are, after all, after you.

Collapse -
How much does it slow your computer down?
by infinityman1958 / April 23, 2010 5:26 PM PDT

I see someone recommends AVG (which I didn't like compared to avast due to the way it operated), zonealarm, popup blocker and adaware I think, and I wonder how much all of this slows down my system. Right now I am using just windows 7 ultimate 64 bit system and I don't go to risky sites. I like how fast this machine is now and don't want to slow it down.

Collapse -
So far, pretty fast
by jthelw / April 30, 2010 10:55 AM PDT

I've installed AVG, adaware and Malwarebytes on my 3 week old Acer 5732Z 64 bit Win 7 laptop; haven't tried popup blocker but probably will due to the comments I've seen here. (I've tried Avast on other machines and was impressed with them, too). Like you, I'm trying to avoid risky sites, but it's hard to keep ahead of the bad guys.

Everything's still lightning-fast, but time will tell - machines slow down with software installations, multiple files and various other junque and just time!

Collapse -
Avoiding risky sites is not enough
by waytron / May 1, 2010 8:25 PM PDT

Even though infected emails still come around, most viruses, trojans, spyware and malware are now coming from infected websites and bad links. Simply avoiding risky sites is not enough. You don?t have to visiting porn sites to get infected. Many legitimate sites can have infected links. I get clients all the time that click on bad links on Facebook or other social sites. Just last fall, many thousands of users got infected by a link on the New York Times website and just a few weeks ago a client of mine found that someone had broken into and planted spyware on his company?s website and infected many of his clients who visited his site. Sometimes all it takes is mistyping the name of a website into your browser and your done. Many of these bad guys will pray on common website misspellings. If you use the Internet, you should never go without protection and at the very least, if you are concerned about computer performance, you should be scanning with NON-Realtime virus and spyware scanners weekly.

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


Free trip to the Grand Prix

Don't miss your chance to win a trip to the Formula 1 Grand Prix in Monaco for you and a plus-one.