Windows 10 and Anti-Virus software

[Springs Branch]

Recently I suspected I'd opened a phising e-mail on my PC (running Windows 10, plus a paid subscription to Kaspersky - in case you want to hack me). I had the computer checked by a local IT guy & luckily no virus or malware found.

When picking up my laptop, the IT guy advised me not to bother renewing my Kaspersky subscription when it came due "because Windows 10 now has enough anti-virus protection built in".

The subscription's due for renewal soon, so I tried Googling this question, but can't get any clear answers.

I notice my work computers - also Windows 10 - still have some kind of separate security software running, so I'm tending to think I should ignore the advice and renew.

Anyone have an informed opinion on this?

 

[Lewlew]

Windows Defender, the built in software, is perfectly good. Used it for years and not had any issues.

Good practice to run CCleaner and Malwarebytes every now and then to clear out any junk

 

[ComUtoR]

I've never paid for a virus checker and I've been online since the dark days of dialup. Even if you didn't go with the more than sufficient Windows Defender, there are many free options available.

The best way to defend yourself against viruses, malware, spyware, and various cookie monsters is to have good internet discipline and browse sensibly. Stick to the main sites, flip your passwords every now and again, increase your general awareness, and if you don't recognize the sender, don't open the email (yes the sender(s) can be spoofed)

My biggest concern nowdays is tracking and targeted adverts. Personal information is worth a fortune but is often gained through social engineering or 'hacking' where personal data is stored.

My work computer is protected by 'cyber nanny' security software. They are there to prevent employees abusing the work computer for various means. They also have a whitelist of safe sites so you can generally browse safely. My work computer is so restrictive it will restrict certain web forums too. IT even blocks places like Amazon because my employer decided on that restriction. 'Cyber Nannies' are ok but can be frustrating. Windows has built in parental controls (last I checked) so you can set up safer browsing to help reduce the laces where you can get a virus or malware installed from.

Some ISPs have built in restrictions for illegal websites and google will offer you safe search options.

 

[Bevan Price]

Windows Defender, the built in software, is perfectly good. Used it for years and not had any issues.

Good practice to run CCleaner and Malwarebytes every now and then to clear out any junk

Malwarebytes won't run on my Windows 10 (64 bit). I also use CCleaner, but it does not get rid of all the junk, so I also use the free version of Glary Utilities and Moo0 Disc Cleaner. All of these tend to find some residual junk even if I have previously run the other two.

As an added precaution, I also use Norton anti-malware software - in addition to Windows Defender. No harm in having extra protection provided there is no software conflict, and Norton occasionally reports that it has blocked "intrusion attempts".

As ComUtoR comments, beware of all email containing links to click. I seem to get loads of messages pretending to come from BT and inviting me to click a link to check my bill. Inspect the sender details & return address, and I find that most of these do not actually come from BT. I also set my email reader (Thunderbird) to real email in "text format only" - that reduces the risk of accidentally clicking unwanted links. Unfortunately, most commercial organisations seem to insist on sending email in "html" format, which can be more risky to the receivers - and messages viewed as "text only" can sometimes appear to be totally blank.

 

[Bletchleyite]

I've not used anything other than Windows Defender and a bit of common sense for years and I haven't had an issue, the one time something got in it caught and removed it fine.

What I tend to find is that AV/antimalware systems tend to "fight" with each other if you have more than one installed, so if you install something as well as Windows Defender without disabling that you will hit big performance issues.

 

[Harpers Tate]

Another +vote for Windows Defender here. I have zero belief that anything paid warrants the expense. Puzzled a bit about MalWareBytes (which I do use - the free version - occasionally to do an additional scan) not working in Win10 64. It works here on that platform.

 

[jumble]

Another +vote for Windows Defender here. I have zero belief that anything paid warrants the expense. Puzzled a bit about MalWareBytes (which I do use - the free version - occasionally to do an additional scan) not working in Win10 64. It works here on that platform.

I would argue the opposite if you value your data against Ransomware
Something like Trend Micro will stop any process that starts multiple encryption
Defender will not
malwarebytes works fine on Windows 10 64Bit

 

[td97]

Used to have Kaspersky Premium free from Barclays but they ended that when tensions with Russia became prickly.
Since then I've only used Defender (with Windows 10) and I'd agree there's no need for 3rd party software.
Take a look at Microsoft's own blurb https://www.microsoft.com/en-gb/windows/comprehensive-security
An independent AV testing site rates Defender highly too https://www.av-test.org/en/antivirus/home-windows/

 

[cjmillsnun]

I would argue the opposite if you value your data against Ransomware
Something like Trend Micro will stop any process that starts multiple encryption
Defender will not
malwarebytes works fine on Windows 10 64Bit

The best defence against ransomeware is regular backing up

 

[furnessvale]

Used to have Kaspersky Premium free from Barclays but they ended that when tensions with Russia became prickly.
Since then I've only used Defender (with Windows 10) and I'd agree there's no need for 3rd party software.
Take a look at Microsoft's own blurb https://www.microsoft.com/en-gb/windows/comprehensive-security
An independent AV testing site rates Defender highly too https://www.av-test.org/en/antivirus/home-windows/

I once had Kaspersky. I am not very computer literate but I do know it nearly ground my computer to a halt. I do not know why, and neither did the shop that sold me Kaspersky, but we removed it and all was well again.

 

[jumble]

The best defence against ransomeware is regular backing up

Not true
Ransomware defence should be multilayer of which regular backups is just a part
A lot of backup solutions will simply either end up with the backups themselves being encrypted or the backups being of encrypted files
( let alone backups that were not being done although everyone believed they were)

 

[trebor79]

Windows Defender works fine, and is in fact difficult to completely disable in order to use some other solution.

 

[hooverboy]

Windows Defender works fine, and is in fact difficult to completely disable in order to use some other solution.

when you use some other solution,bits of windows defender are automatically disabled.

 

[hooverboy]

What I tend to find is that AV/antimalware systems tend to "fight" with each other if you have more than one installed, so if you install something as well as Windows Defender without disabling that you will hit big performance issues.

That's true,
some are more friendly than others when used with windows defender.

with win10 defender is already active, but some antivirus/anti malware apps really slow the system down.
Not a particularly nice experience with norton, but others like avast seem to be fine.

 

[Lucan]

The best defence against ransomeware is regular backing up

Not true. Ransomware defence should be multilayer of which regular backups is just a part
A lot of backup solutions will simply either end up with the backups themselves being encrypted or the backups being of encrypted files

I agree with cjmillsnun. But it depends on the backup methodology. A simple backup of eg weekly copying stuff to another drive is too susceptible, as Jumble says. You need a Tower of Hanoi schedule and backing up to a normally disconnected medium.

I used to back up onto a tape drive until the size of my stuff outgrew it, and a larger tape drive and its tapes would have been prohibitively expensive because they are aimed at the professional market. I know a company that never re-uses its weekly backup tapes, just stores them indefinitely. Now I back up to an older PC which is only booted up for the purpose. I got it for £20 off Ebay so it is a cheap solution, and it's unlikely a burglar would take it as it looks old-hat and you almost need a chain hoist to lift it - they are after iPhones.

 

[AlexNL]

Windows Defender on its own is a perfectly fine solution these days, it's quite advanced and does it work silently in the background. I recommend leaving it to its default settings, which are more than adequate for the majority of users.

Corporates often tend to roll out their own AV solutions, either because they 'always did it like this' or because they prefer the management tools offered by the product of their choosing.

 

[trebor79]

I'm of the view that in less than a decade well no longer have to worry about such things.
Computing is slowly drifting back to an evolution of the mainframe and dumb terminal model. Cloud storage is very widespread in it's use. You can now rent virtual computers in the cloud - primarily aimed at the gaming market but I also use mine for general use - and several cloud gaming services now exist.
We as users won't need to worry about security or backing stuff up. We'll just have a relatively dumb device to send mouse clicks and keystrokes into the cloud and display the result on a screen.

 

[Lucan]

I'm of the view that in less than a decade well no longer have to worry about such things....... Cloud storage is very widespread in it's use. ...... We as users won't need to worry about security or backing stuff up.

What makes you think that cloud storage is immune to malware and ransomware? There are plenty of such cases, plus cases of cloud companies going bankrupt and vanishing with the data. In many ways a cloud provider (and any corporate body) is a fatter target for hackers as the rewards are bigger. Here is an example from a few days ago :-

https://www.teiss.co.uk/ryuk-ransomware-hospitals/

Quoting :
"A Ryuk ransomware attack launched by Russian hackers targeting a cloud data hosting company resulted in as many as 110 hospitals being unable to access patient medical records and medication administration data that were stored in the company's servers."

The battle between malware and security will continue indefinitely. Even security companies themselves are not immune, HBGary (one such company) for example :-

https://en.wikipedia.org/wiki/HBGary#WikiLeaks,_Bank_of_America,_Hunton_&_Williams,_and_Anonymous

Quoting:
"On February 5–6, 2011, Anonymous compromised the HBGary website, copied tens of thousands of documents from both HBGary Federal and HBGary, Inc."

 

[malc-c]

I've used Eset software for years and never had an issue. I also use Macrim Reflect (paid version, but the free version is just as good) and image the drive daily to an external drive, rotating the drives so in the rare event of being hacked I can revert back to the previous day. The drive is disconnected from the network once complete as most ransom ware will encrypt all drives, including any network attached or USB drives on the network.

 

[WestCoast]

Windows Defender on its own is a perfectly fine solution these days, it's quite advanced and does it work silently in the background. I recommend leaving it to its default settings, which are more than adequate for the majority of users.

Corporates often tend to roll out their own AV solutions, either because they 'always did it like this' or because they prefer the management tools offered by the product of their choosing.

I work in IT Security and on enterprise networks we wouldn't recommend exclusively using Defender on our end user Microsoft devices for many reasons. As a basic AV it's pretty decent nowadays but a layered protection model needs to be employed and Microsoft's advanced options are neither cheap nor necessarily intuitive versus some of the large commercial offerings in this space.

On home devices I use F-Secure as an AV it's very inexpensive and lightweight and has capabilities in ransomware detection that Defender does not have. I'd recommend steering clear of anything marketed towards the home market like Norton, go for a home version of enterprise software like ESET, Bitdefender, Sophos, Trend Mirco etc whatever you like best. Although if you are sensible, Defender is perfectly adequate for home use.

 

[WestCoast]

What makes you think that cloud storage is immune to malware and ransomware? There are plenty of such cases, plus cases of cloud companies going bankrupt and vanishing with the data. In many ways a cloud provider (and any corporate body) is a fatter target for hackers as the rewards are bigger. Here is an example from a few days ago :

It certainly is not immune, all cloud providers have in their terms and conditions that they operate on a shared responsibility model with users. In organisations at the moment much of the recent chatter is around developing models for cloud protection and ensuring that data in the cloud is adequately secured and retrievable in case of loss. There are numerous known vulnerabilities in e.g. Office 365 that have the potential to cause headaches to large users.

 

[Crossover]

From a sysadmin perspective, we implemented an alternative at our company in part for management tools. We ran Defender for a while out of necessity but wouldn’t have known if anything had been detected in a device.

 

[Springs Branch]

....... Although if you are sensible, Defender is perfectly adequate for home use.

Thanks to all who responded. I'm usually vigilant and careful with incoming e-mails and don't visit the more dubious genres of websites, so think I'll stick with Windows Defender going forward.

........ Corporates often tend to roll out their own AV solutions, either because they 'always did it like this' or because they prefer the management tools offered by the product of their choosing.

One of the reasons for posting the original question was that I was intrigued why - if Windows Defender is adequate - both the firms for whom I'm currently working run third-party security (McAfee and AVG) on their laptops.

This comment explains it - based on their corporate culture in other areas, at one it's probably due to inertia, at the other micro-managing & monitoring of staff.

 

[Xenophon PCDGS]

I use the paid version of Malwarebytes Premium and have faith in it.