Malware Bad!If you have Windows, you probably have some kind of anti-virus or anti-malware software installed.

If you purchased your computer instead of building it yourself, your system will most likely have come pre-installed with McAfee or some other product.

Well, everybody has their opinions on the question of security. Some people prefer Kaspersky, some love Norton, others swear by Avast. I don’t know anyone who swears by McAfee…

I’ve used all of these over the years, and I’ve managed quite a few computers in my day.

So, what’s the best antivirus and anti-malware software out there?

It depends…

It’s generally thought that Windows is less secure than, say, Mac OS X. This is both true and false.

Windows is used by more people, which means it’s a much larger target for hackers. OS X and linux are used by far fewer people, thus making them much smaller targets. That’s one consideration.

The next thing to consider is that ever since Microsoft decided to implement “Patch Tuesdays” ages ago, they have generally been very good about patching security holes in various flavors of Windows. I say, “generally very good” because if you were to go read about some of the security holes in OS X, you will find that OS X has had many of the same problems as Windows – but historically, it has usually taken Apple way, way longer to patch those holes (months, and in some cases, over a year).

Well, as I said, OS X is a much smaller target for hackers anyway due to its smaller user base. So is linux… Which reminds me, linux has security holes, too. There’s no such thing as a “safe operating system”.

And frankly, many people don’t have much choice other than to use Windows for work reasons, software reasons, etc.

So Windows isn’t so bad security-wise?

All things considered, not really. No, it’s not perfect. But then neither is any other OS. The big problem with Windows is that since more people are using it, and since most people don’t really think about security, they don’t do anything to protect themselves further.

That’s exactly why Microsoft made Microsoft Security Essentials integrated and activated by default, starting with Windows 8 – for free. Security Essentials is Microsoft’s own anti-virus solution.

Microsoft Security Essentials, aka Defender
A little note here: There is Windows Defender, and Microsoft Security Essentials. Defender is built in to Vista and Windows 7. For those OSes, you need to click the link above and install Security Essentials, which adds anti-virus capabilities, and basically replaces Defender. But, starting in Windows 8, you don’t need to install anything, because in Win 8, Defender = Microsoft Security Essentials. They included MSE + the former Defender in Windows 8, but kept the name “Defender” to make things as confusing as possible for you and me.

Anyway, before you laugh (I did), it’s actually pretty good.

Let me qualify that statement: no, MSE is NOT the best at detecting virusus and malware. In fact, it misses some malware that other Baddy Catchers nab. The benefit is that it’s there by default, it’s turned on by default, and it requires 0 user interaction. MSE/Defender keeps itself up to date in the background, and normally you won’t even know it’s there unless it detects something evil on your puter.

Coupled with regular updates and security patches, I call that a big win for Windows users, and a good move on Microsoft’s part.

How you get malware

This is where things get tricky. If you’re a normal Mom and Pop kind of user, you’re not using your puter for anything more than surfing the web a bit to known good sites, doing some e-mail, and so on, then you’re pretty safe already. Situations where you might not be so safe include:

  • downloading illegal software
  • downloading pirated movies or music or other content
  • surfing for porn
  • clicking on links in e-mails that explain that Mr. Makumbo from the African Republic of Wallawallabingbang has just died and left you $5 million, so please give Mrs. Makumbo all your bank account details so she can dutifully transfer the money according to Mr. Makumbo’s wishes amidst her intense grief

By the way, the big clues in the last one are:

  1. You don’t know anyone named Mr. Makumbo
  2. There is no African nation called Wallawallabingbang
  3. On Planet Earth in the year 2015, nobody is just going to give you $5 million

If somebody walks up to you on the street and tells you they’ll give you $5 million, you’d think it’s a scam and/or that person is crazy. But for some reason, on the internet people can sometimes forget common sense. That’s a big problem, and one of the primary ways you get malware on your computer (or worse).

If you get a PayPal e-mail asking you to confirm your account, don’t just click the button. Hover your mouse over the button, and see where the link goes at the bottom of the screen. If it’s going to “”, it’s probably legit. If it’s going to “”, then you can be sure it’s a scam, because “” is clearly not PayPal’s domain name!

So, for those of us who tend to be not-so-sharp when on the internet (you’re not alone), you’ll probably need some extra protection.

The Big Guns

If you’re kind of a “newbie” to internet safety, or if you just like to be extra-safe, or if the current month is either an odd number or an even number, then you should seriously consider upping the ante a bit. Personally, to supplement Windows Defender, I swear by MalwareBytes Anti-Malware.

MalwareBytes Anti-Malware

MalwareBytes Anti-Malware is NOT free, but their Premium version has real-time protection, it blocks malicious web sites and downloads on the fly, it keeps itself up to date, it automatically protects itself from being disabled, and it is literally the ONLY anti-malware system I have ever used that has never failed me when cleaning nasty malware off an already-infected machine.

Plus, it’s generally so zippy that you won’t even know it’s there.

As I said, it’s not free, but at $24.95 per year, it’s a steal. You can try the Premium version free for 14 days to see if you like it.

It’s also set-it-and-forget it. Like Defender, unless it detects something, you’ll never need to even look at it.

This is one of the primary benefits in my opinion that MalwareBytes has over other “suites” like Norton. Norton is great if you want to take the time to configure and tweak everything. Otherwise, it’s kind of bloated and complicated for your average user.

With MalwareBytes + Defender (or Security Essentials if you’re still on Win 7), you’ve got full protection at a very small annual cost, and you don’t need to be a nerd to make everything work nicely. And that’s why this combination gets my official seal of approval:

Scottie Shabam SealWhat about a Firewall?

I use the Windows firewall.

Fancy firewalls are great, but again, for most people, what’s already built in is good enough – if you have anti-virus and preferably anti-malware software installed.

What about blocking Flash and JavaScript in my browser?

You can if you want.

I use FlashBlock in Firefox. Most of the time, I find myself telling FlashBlock to stop blocking flash on a particular site… like, on all sites. So, it’s only quasi-useful.

Blocking JavaScript is a bit more hairy. The fact is, darn near everything on the net is powered by JavaScript these days. Google Analytics tracks you with JS, Google Maps works because of JS, your webmail like GMail or Hotmail heavily depends on JS, etc.

It’s a bit like FlashBlock: it can help, but it’s also kind of irritating, and thus kind of useless if you’re constantly just allowing stuff through.

Besides, with something like MalwareBytes Anti-Malware, any baddies that try to come through during your surfing will be blocked, and you’ll be notified.

Most people want to block JavaScript more for privacy reasons though, which is okay. But, like I said, be very careful about what you block.

And be aware that simply by surfing the internet – even with JS completely disabled or blocked – you’re still leaving a trail that can be followed and tracked.

And finally…

Free CandyDon’t forget common sense safety precautions:

  • Use strong passwords
  • Use different passwords for different sites
  • Save your passwords securely in something like KeePass (you only need to remember 1 strong password instead of 50 different ones)
  • Don’t talk to strangers
  • Don’t accept candy from strangers
  • Be aware that people will present themselves behind false personas
  • Be aware that it’s very easy to fake an e-mail that will appear genuine. The From: field can be faked. Check the links before clicking!
  • If it sounds too good to be true, it is

Happy surfing!

Need help? Hire me!
Get Scottie Stuff!