• Third Party Antivirus for Win10?

    Home » Forums » AskWoody support » Windows » Windows 10 » Questions: Win10 » Third Party Antivirus for Win10?

    Author
    Topic
    #198897

    Do Windows 10 users really have to use a third party AV or is Defender just as good?  Have been using Defender for two years on two boxes, so far so good.   I have searched many hours on this subject and it seems that any related comments range in the 2015 – 2016 era.   I cannot find anything tangible and recent and those who broach the topic skate around what I really want to know.   Due to the lack of candid information, my feeling is that this may be a sticky issue with the AV people.   As such, I was wondering how many Win10 users on this forum would like to share their recent 2018 experiences using Defender or third party protection?  I am especially interested in corporate users.    Thanks.

    Viewing 5 reply threads
    Author
    Replies
    • #198900

      There are two independent labs that rate AV products. You can look at the comparisons specifically for Win10. They have consumer and Enterprise.

      AV-Test and AV-Comparitives.

    • #198913

      Just a home user, but I am using Avira Pro on my main desktop with Windows 10 Pro 1709, and Bitdefender Free on my Windows Home 1803 laptop.

      Both of these company’s products get great scores at the test labs mentioned by PKCano.

      I prefer the email tech support that I have available with the Avira Pro version on my main PC, otherwise their Avira Free version uses the same detection engine.   I used that for years with Win 7, but without support.  Don’t often need support, but it comes in handy if you do.  It seems very light on my system, no heavier than Defender alone.

      https://www.avira.com/en/free-antivirus-windows

      https://www.avira.com/en/avira-antivirus-pro#

      Bitdefender Free is a lot more slimmed down from their paid Internet Security product. It does not have many configuration options, other than quarantine, so it is ideal for set and forget use.  It is very quiet and updates automatically. Also light on my system, no heavier than Defender.

      https://www.bitdefender.com/solutions/free.html

      https://www.bitdefender.com/solutions/internet-security.html

      Regarding Defender, I think it is a great call by Microsoft to include it as a default, as many users forget to upgrade the bundled trial versions that come pre-installed, or to add a 3rd party AV.

      And judging by test scores, Defender appears very much improved in the Windows 10 incarnation.  In the past I would never have touched it, but I would use it for a non-critical PC these days, due to the ease of use, and it’s already there.  But it never seems to score quite as good as the top 3rd party AVs in real-world tests.  Even the free ones.  YMMV.  🙂

      With Defender, or any of the free AVs, I would probably recommend running something like MalwareBytes with exploit and ransomware protection, for the additional layer of security.  https://www.malwarebytes.com/

      I use a lesser known anti-exploit product called HitmanPro.Alert from Sophos in addition to Avira Pro, that provides complete exploit protection.   https://www.hitmanpro.com/en-us/alert.aspx

      Windows 10 Pro 22H2

      2 users thanked author for this post.
    • #198915

      I use a lesser known anti-exploit product called HitmanPro.Alert from Sophos in addition to Avira Pro, that provides complete exploit protection.

      HitmanPro.Alert is a great product, supported by developers who really care about their customers. I totally endorse @JohnW’s recommendation.

      There’s a long-running thread on HMP.A at Wilders Security. (Suggestion: don’t try to read all 597 pages!!  🙂 )

       

    • #198956

      I would recommend a review of the AV Comparatives test results for both consumer and enterprise. They update the tests quarterly. The April 2018 results (using WIN10) just came out. Note that MS Defender is included and compared against a host of other AV Programs.

      I am using ESET because it does a pretty good job and it has a minimum impact on the system

      • #199125

        I couldn’t help noticing that AV-Test recommended above doesn’t include ESET in its tests, which is odd as ESET is such a popular product.

      • #199145

        I wouldn’t get too hung on on 3rd party test lab results.  That is almost like a political or religious debate on some security related forums that I visit, regarding the pro/cons of testing, LOL!  Some of these discussions are best avoided entirely.  😉

        The test results are useful as a general starting point for casual users, but among so called experts there will always be strong opinions and questions about why certain products are included/excluded, or questions about the testing methodology.

        Is it possible to get objective data about real world AV performance?  Not sure, but my approach is to read all of the test results, then take a grain of salt.  🙂

        Windows 10 Pro 22H2

    • #199076

      I find it hard to use the info at comparisons sites without context. It comes down to the testing methodology and I don’t follow it with the level of details to be very assertive on the subject, but I think I do have good reasons to not take those tests too seriously.

      One of the problem is they evaluate the product based on the default settings, which makes sense as many people won’t change them, but is not that useful to me. For example, Avast didn’t rank very high on AV-test, but I always used some of its optional feature that I think makes it much more secure against emerging threats than a product who wasn’t offering it, like the one that prevents any unknown executable from running without whitelisting it with a password. It has saved me from headaches a few times from some users plus it alerts me that something is going on through email when it happens. If you have Windows Enterprise, you can use Applocker, but for a small business/home use, forget it.

      Also, is it more important to protect from unknown threats or to have a great signature database?

      Another thing is default values are sometimes there to provide lightweight resources usage for acceptable protection, but you might prefer, in my case, to be a bit more intense on resource usages for the type of user and have more protection. Tweakability is important to me.

      I also find that comparisons based on suites can be misleading, as not all features have the same value in terms of protection to me.  A lot of supposed protections are a bit gimmicky and I would rather have the product perform better on the basics than cover a larger base of things that are not that useful. Over the years, I also found some products performance moved up and down much more than others. Since I don’t want to change antivirus every year, review all settings and monitor that too closely, I prefer products that are more consistent over time and not worry that next year it will be much less high on the list.

      To me, the best protections for an antivirus, in order are:

      1) executable control

      2) anti-exploit (Windows 10 now offer some configurable features for that and 7 has the free EMET)

      3) signature base protection because that is what they are supposed to do but not because it is that useful.

      The rest don’t seem to offer much value to me if you are not someone who clicks everywhere and install everything you come across. Maybe I forget something?

      Of course, you need browser protections and settings as well from scripts and an adblocker to reduce the likelihood of getting something bad, plus keeping software patched (maybe with a delay in the case of Windows due to possible issues) which I would choose any day over running any antivirus solution.

      What I find upsetting now is it seems the web becomes less and less usable without scripting and it is hard to install adequate protections for users in a set it and forget it way without breaking functionality. That, to me, might not look very good for the future. Some clever people find ways to do all kind of things like a keylogger using scripts and really, the fact that a lot of web development now utilizes third-party scripts that could be modified by some hacker and then reach you through other web sites that uses them is scary. If hackers were able to easily modify Linux Mint and MySQL downloads, I don’t have problem imagining them polluting some broadly used script.

      Things like Meltdown/Spectre have also shattered some expectations of safety and opened a can of worms even if we haven’t seen the results of this yet. Many things we though could be insulated are not as insulated as we once though. This is scary.

      The future doesn’t look good for security with a landscape composed of an ever changing unstable OS and more complex interactions between online codes. The sorry state of home routers and IoT security is saddening, as the recent disclosure of the router infection that has been going on on unpatched routers for a long time just shown.

      The level of sophistication that bad guys now reach have no match in terms of protection and it is not because it is not on the first page of the news that it is not happening.

      https://threatpost.com/mylobot-botnet-emerges-with-rare-level-of-complexity/132967/

       

       

      • #199097

        So to summarize your post, that looks like yes, you should look at a 3rd party AV that provides:

        1. Whitelisting for trusted applications (executable control)

        2. Anti-exploit protection (ransomware, keyloggers, etc)

        3. Blacklisting (signature for known malware)

        I assume that #2 probably should include behavior blocking ability.

        Couple this with good patching practices and safe online behavior, and you will probably be as safe as possible, but nothing will ever ensure 100% protection.

        So a good backup plan is absolutely necessary to cover for that unknown threat.  🙂

        Windows 10 Pro 22H2

        1 user thanked author for this post.
    • #199141

      I don’t have any hard data on this, but I will tell you what my gut feeling is:

      I think Windows 10 with Defender is likely very secure. My reason for saying that: I believe that a key reason why Microsoft collect all of the telemetry information is so that they can deal with vulnerabilities and threats. When you think of the millions and millions of active Windows computers out there which are sending telemetry information to Microsoft, you know that they are getting a lot of information on every aspect of Windows computing, including vulnerabilities and threats. Since Defender is a Microsoft product, it likely benefits from all of that information. And when you figure Microsoft’s A.I. into the mix, along with automatic updates, that makes for potentially a very secure environment.

      I personally believe that Microsoft isn’t that much of a threat in terms of your privacy. Making money off of your personal data isn’t a major part of Microsoft’s business model, unlike other companies which I won’t mention at this time.

      Group "L" (Linux Mint)
      with Windows 10 running on a separate hard drive
      • #199149

        That sounds like a good theory, and I would hope it was true!  🙂

        I use Windows 10 Pro as my daily driver, but with my own carefully chosen security products, layered to create the best defense possible.  Then for good measure, I take a daily scheduled automatic Macrium image of my system drive at 6PM.

        Defender is disabled by policy here.  Microsoft is not yet transparent enough for me to trust them 100% with my security.  🙁

        Windows 10 Pro 22H2

    Viewing 5 reply threads
    Reply To: Third Party Antivirus for Win10?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: