If you have Windows, you probably have some kind of anti-virus or anti-malware software installed.
If you purchased your computer instead of building it yourself, your system will most likely have come pre-installed with McAfee or some other product.
Well, everybody has their opinions on the question of security. Some people prefer Kaspersky, some love Norton, others swear by Avast. I don’t know anyone who swears by McAfee…
I’ve used all of these over the years, and I’ve managed quite a few computers in my day.
So, what’s the best antivirus and anti-malware software out there?
It depends…
It’s generally thought that Windows is less secure than, say, Mac OS X. This is both true and false.
Windows is used by more people, which means it’s a much larger target for hackers. OS X and linux are used by far fewer people, thus making them much smaller targets. That’s one consideration.
The next thing to consider is that ever since Microsoft decided to implement “Patch Tuesdays” ages ago, they have generally been very good about patching security holes in various flavors of Windows. I say, “generally very good” because if you were to go read about some of the security holes in OS X, you will find that OS X has had many of the same problems as Windows – but historically, it has usually taken Apple way, way longer to patch those holes (months, and in some cases, over a year).
Well, as I said, OS X is a much smaller target for hackers anyway due to its smaller user base. So is linux… Which reminds me, linux has security holes, too. There’s no such thing as a “safe operating system”.
And frankly, many people don’t have much choice other than to use Windows for work reasons, software reasons, etc.
So Windows isn’t so bad security-wise?
All things considered, not really. No, it’s not perfect. But then neither is any other OS. The big problem with Windows is that since more people are using it, and since most people don’t really think about security, they don’t do anything to protect themselves further.
That’s exactly why Microsoft made Microsoft Security Essentials integrated and activated by default, starting with Windows 8 – for free. Security Essentials is Microsoft’s own anti-virus solution.
A little note here: There is Windows Defender, and Microsoft Security Essentials. Defender is built in to Vista and Windows 7. For those OSes, you need to click the link above and install Security Essentials, which adds anti-virus capabilities, and basically replaces Defender. But, starting in Windows 8, you don’t need to install anything, because in Win 8, Defender = Microsoft Security Essentials. They included MSE + the former Defender in Windows 8, but kept the name “Defender” to make things as confusing as possible for you and me.
Anyway, before you laugh (I did), it’s actually pretty good.
Let me qualify that statement: no, MSE is NOT the best at detecting virusus and malware. In fact, it misses some malware that other Baddy Catchers nab. The benefit is that it’s there by default, it’s turned on by default, and it requires 0 user interaction. MSE/Defender keeps itself up to date in the background, and normally you won’t even know it’s there unless it detects something evil on your puter.
Coupled with regular updates and security patches, I call that a big win for Windows users, and a good move on Microsoft’s part.
How you get malware
This is where things get tricky. If you’re a normal Mom and Pop kind of user, you’re not using your puter for anything more than surfing the web a bit to known good sites, doing some e-mail, and so on, then you’re pretty safe already. Situations where you might not be so safe include:
- downloading illegal software
- downloading pirated movies or music or other content
- surfing for porn
- clicking on links in e-mails that explain that Mr. Makumbo from the African Republic of Wallawallabingbang has just died and left you $5 million, so please give Mrs. Makumbo all your bank account details so she can dutifully transfer the money according to Mr. Makumbo’s wishes amidst her intense grief
By the way, the big clues in the last one are:
- You don’t know anyone named Mr. Makumbo
- There is no African nation called Wallawallabingbang
- On Planet Earth in the year 2015, nobody is just going to give you $5 million
If somebody walks up to you on the street and tells you they’ll give you $5 million, you’d think it’s a scam and/or that person is crazy. But for some reason, on the internet people can sometimes forget common sense. That’s a big problem, and one of the primary ways you get malware on your computer (or worse).
If you get a PayPal e-mail asking you to confirm your account, don’t just click the button. Hover your mouse over the button, and see where the link goes at the bottom of the screen. If it’s going to “paypal.com”, it’s probably legit. If it’s going to “paypal.thebigheist.com”, then you can be sure it’s a scam, because “thebigheist.com” is clearly not PayPal’s domain name!
So, for those of us who tend to be not-so-sharp when on the internet (you’re not alone), you’ll probably need some extra protection.
The Big Guns
If you’re kind of a “newbie” to internet safety, or if you just like to be extra-safe, or if the current month is either an odd number or an even number, then you should seriously consider upping the ante a bit. Personally, to supplement Windows Defender, I swear by MalwareBytes Anti-Malware.
MalwareBytes Anti-Malware is NOT free, but their Premium version has real-time protection, it blocks malicious web sites and downloads on the fly, it keeps itself up to date, it automatically protects itself from being disabled, and it is literally the ONLY anti-malware system I have ever used that has never failed me when cleaning nasty malware off an already-infected machine.
Plus, it’s generally so zippy that you won’t even know it’s there.
As I said, it’s not free, but at $24.95 per year, it’s a steal. You can try the Premium version free for 14 days to see if you like it.
It’s also set-it-and-forget it. Like Defender, unless it detects something, you’ll never need to even look at it.
This is one of the primary benefits in my opinion that MalwareBytes has over other “suites” like Norton. Norton is great if you want to take the time to configure and tweak everything. Otherwise, it’s kind of bloated and complicated for your average user.
With MalwareBytes + Defender (or Security Essentials if you’re still on Win 7), you’ve got full protection at a very small annual cost, and you don’t need to be a nerd to make everything work nicely. And that’s why this combination gets my official seal of approval:
What about a Firewall?
I use the Windows firewall.
Fancy firewalls are great, but again, for most people, what’s already built in is good enough – if you have anti-virus and preferably anti-malware software installed.
What about blocking Flash and JavaScript in my browser?
You can if you want.
I use FlashBlock in Firefox. Most of the time, I find myself telling FlashBlock to stop blocking flash on a particular site… like, on all sites. So, it’s only quasi-useful.
Blocking JavaScript is a bit more hairy. The fact is, darn near everything on the net is powered by JavaScript these days. Google Analytics tracks you with JS, Google Maps works because of JS, your webmail like GMail or Hotmail heavily depends on JS, etc.
It’s a bit like FlashBlock: it can help, but it’s also kind of irritating, and thus kind of useless if you’re constantly just allowing stuff through.
Besides, with something like MalwareBytes Anti-Malware, any baddies that try to come through during your surfing will be blocked, and you’ll be notified.
Most people want to block JavaScript more for privacy reasons though, which is okay. But, like I said, be very careful about what you block.
And be aware that simply by surfing the internet – even with JS completely disabled or blocked – you’re still leaving a trail that can be followed and tracked.
And finally…
Don’t forget common sense safety precautions:
- Use strong passwords
- Use different passwords for different sites
- Save your passwords securely in something like KeePass (you only need to remember 1 strong password instead of 50 different ones)
- Don’t talk to strangers
- Don’t accept candy from strangers
- Be aware that people will present themselves behind false personas
- Be aware that it’s very easy to fake an e-mail that will appear genuine. The From: field can be faked. Check the links before clicking!
- If it sounds too good to be true, it is
Happy surfing!
A word about PayPal spoof/phishing emails. A legit PayPal email will always address the recipient by his or her name. An email without this greeting is 100% bogus. PayPal will never have an embedded link to click in their correspondence. They, will instead ask that you log in to your Paypal account and then proceed to the relevant link at the site. There will never be multiple recipients to a legit email from PayPal.
We have used PayPal for almost a decade now, multiple transactions daily, with not one fraudulent transaction. They’ve got their security s**t together, even if they are infuriatingly paranoid to transact with at times. Don’t blow it by giving away your access data to the scammers with a thoughtless click.
Now I know why I cannot install MSE on Win8… it’s already there in disguise! Ouch!
Hey Scotthie, I know you from Cass. I’m kind of a “poweruser” and well versed into computing tech but not a pro, especially on the subject of antivirus/antimalware. For some time, I’ve been wondering if the risk is actually “real” because I felt like all this was propaganda like this “terrorists business” in real life.
Most of the time, the antivirus just clog my cpu and memory and it’s been a while I’ve ever run into some kind of infection problems. I’ve been without antivirus for 4 years now and some time I wonder if
my putter is infected and install malwayrebytes for a quick analysis but that found nothing or trivial/benign stuff. But then again I’m not a pro, and I may be missing something
Well, the threat is definitely real. I’ve removed more malware than I care to admit from various people’s machines. I never get any myself, but then I know what to do and what not to do.
As for where it comes from, I wouldn’t be surprised if some AV vendors have at some point created their own malware to justify their existence. On the other hand, when we have our governments/agencies creating things like Stuxnet, well… Some of it is state-sponsored, some of it is “script kiddies”, some of it is people who are in it for profit (ransomware), and so on.
I also know many people who don’t have any real protection, and they’ve never had any problems. So, I guess it depends on what you do, a bit of luck, and probably other variables.
Of course, if one uses Win 8 or Win 10, Defender is built in and always running, which probably helps.
I’ve though the same way about AV Vendors creating the risks.
In the end, I think It comes down to knowledge of the internet , knowledge (that protects) of good practices and bad practices like suspicious site and prompt, that comes from experiences.
I think I’ve stopped getting stuffs since I moved away from somes “corners” of the internet.
I’ve installed Malwarebytes, and i’ll experiment with it if something comes out
Thank you for the input Scottie
I died with the candy track haha, regarding the protection software, I found MalwareFox to be a cheaper option.