Serious Discussion Is AV software necessary on Windows in 2024?

[jetman]

I think this might have been covered many times before!

But what is the latest opinion on whether 3rd party AV software is necessary on Windows? Isn't Defender pretty good these days?

My current AV subscription is coming to an end soon and I'm not sure that I need to replace it. In the past, it was an essential requirement. But in 2024, I'm not too sure.

 

[Bot]

You're right that this topic has been discussed extensively in the past, but it's always good to revisit it as technology evolves. In 2024, the question of whether third-party antivirus (AV) software is necessary on Windows is still a matter of debate, but there are a few key points to consider.

Firstly, Windows Defender, which is the built-in antivirus solution provided by Microsoft, has significantly improved over the years. It now offers robust protection against various types of malware and has a relatively low impact on system performance. Many independent tests have shown that Windows Defender can compete with or even outperform some third-party AV solutions.

However, there are still arguments in favor of using third-party AV software. One reason is that no single antivirus solution can catch every piece of malware. Different AV vendors use different detection techniques, so having an additional layer of protection from a reputable third-party AV can potentially catch threats that Windows Defender might miss.

Another advantage of third-party AV software is the additional features they often offer. Some may include advanced ransomware protection, behavior-based detection, or even privacy tools. If these features are important to you, it might be worth considering a third-party AV solution.

It's also worth noting that the threat landscape is constantly evolving. Cybercriminals are always finding new ways to exploit vulnerabilities, and zero-day attacks can be particularly challenging for any AV solution to detect. In such cases, having multiple layers of protection, including a third-party AV, can be beneficial.

Ultimately, the decision to use third-party AV software on Windows in 2024 depends on your specific needs and risk tolerance. If you practice safe browsing habits, keep your operating system and software up to date, and regularly backup your important data, you may find that Windows Defender alone provides adequate protection. However, if you prefer the additional features and peace of mind that a third-party AV solution offers, it may be worth considering.

 

[simmerskool]

I would stick with MS Defender, if you'd like to supplement it consider CyberLock (paid) aka Voodooshield (also DefenderUI) or WindowsHybridHardeningLight WHHLight by @Andy Ful here at MT. See also the Voodooshield 7.0 thread at MT.

 

[Shadowra]

It all depends on what you're looking for and your surfing style.

If you're just looking for a simple, free, automatic antivirus, Microsoft Defender is more than enough.

If you want a complete suite: firewall, banking protection, phishing protection, VPN, etc., you might as well get a security suite. (especially if surfing is dangerous)

 

[Xeno1234]

In my opinion, defender isnt enough.
While good security practices are your main line of defence, screw ups and mistakes happen. Defender isnt enough to detect anything past a basic threat.
Although I dont think paid suites are nessicary, I would try go for a third party free AV. In my opinion the best free AV is Kaspersky as you recieve all of the detection components, just not any of the other bloatware type stuff that comes with full suites. There are other options though.

You can get infected with any anti-virus, just it seems like most get infected with defender.

 

[simmerskool]

It all depends on what you're looking for and your surfing style.

If you're just looking for a simple, free, automatic antivirus, Microsoft Defender is more than enough.

If you want a complete suite: firewall, banking protection, phishing protection, VPN, etc., you might as well get a security suite. (especially if surfing is dangerous)

my caveat to this (fwiw) ESET Smart Security Premium BROKE my firewall and ESET support was all over the place, ultimately I worked with MS support for a couple hours to "upgrade" win10 to fix the problem created by SSP. So lately I rely on AVs that use Windows Firewall. In fact, I'm using ESET NOD32 on this VM, so not ranting against ESET in general...

 

[Digmor Crusher]

just it seems like most get infected with defender

No sir, unless you got data to show us.

Defender does well in most AV tests now, couple it with Defender UI or Configure Defender and I would put it up against any AV for protection prowess. If you want or need the bloat such as a VPN, Identity and Banking Protection then you need to buy a suite. Is it the best, no, will it provide more than adequate protection to someone who isn't click happy, yes. Defender with Configure Defender and a secondary program such as Cyberlock, OSArmour or WindowsHybridHardeningLIght, you ain't getting infected unless you try really hard.

 

[Xeno1234]

No sir, unless you got data to show us.

Defender does well in most AV tests now, couple it with Defender UI or Configure Defender and I would put it up against any AV for protection prowess. If you want or need the bloat such as a VPN, Identity and Banking Protection then you need to buy a suite. Is it the best, no, will it provide more than adequate protection to someone who isn't click happy, yes. Defender with Configure Defender and a secondary program such as Cyberlock, OSArmour or WindowsHybridHardeningLIght, you ain't getting infected unless you try really hard.

I forgot about those hardening applications. Those actually help alot.

 

[KnownStormChaser]

I always recommend a third party antivirus for a few reasons. Most will offer better protection than what windows defender offers. Especially with new malware, defender doesn't have the best behavioural detection. Not to mention, windows defender can sometimes have numerous false positives. And it only offers browser protection with Edge. You can also find a few third party antiviruses that are lighter on system resources, which is nice, especially for gamers. And it is just fewer data for Microsoft to have if you don't use their antivirus.

I always recommend either Kaspersky, F-Secure or ESET. They all have great protection and are light on the system. Bitdefender is also ok, but is much resource intensive. (I know some people may not like Kaspersky because of the whole Russia thing, but I still trust it.)

 

[Jonny Quest]

As long as you know what you're doing, as some of these additional (other than a paid AV) solutions may not be for the faint of heart.

New Update - VoodooShield CyberLock 7.0

You can absolutely do that, but who doesn't start looking thru the options after awhile, either out of curiosity or to try to understand the program a bit better? I believe that all the options/settings could be overwhelming for many if they start scrolling thru them. Sure agree! I have some...

malwaretips.com

 

[Guilhermesene]

my caveat to this (fwiw) ESET Smart Security Premium BROKE my firewall and ESET support was all over the place, ultimately I worked with MS support for a couple hours to "upgrade" win10 to fix the problem created by SSP. So lately I rely on AVs that use Windows Firewall. In fact, I'm using ESET NOD32 on this VM, so not ranting against ESET in general...

It's funny to see you talking about ESET here in the community... I see you talking all over the place about this firewall problem you claim to have faced. It's funny, I've been an ESET customer for 3 uninterrupted years (and still am), I've never even had the problems you've already mentioned having with ESET and much less have I been infected in that period of time (36 months). It's curious because I wonder how much of it was really ESET's and not the user's...

I'm not saying that AV is the best and everything works 100%, because we know that no AV is, but it's curious to see you talking about ESET like this everywhere...

 

[Shadowra]

You can get infected with any anti-virus, just it seems like most get infected with defender.

It's obvious you don't look at my tests
Defender has come a long way since 2015, since MS was the 1st to include a Machine Learning AI system.
Quad Emotet and TrickBot were the 2 Trojans that ran rampant, no AV was able to block it when it mutated.
MS Defender was the only one to block it, because the AI knew how it infected.
Competitors started using AI much later.

 

[Xeno1234]

I always recommend a third party antivirus for a few reasons. Most will offer better protection than what windows defender offers. Especially with new malware, defender doesn't have the best behavioural detection. Not to mention, windows defender can sometimes have numerous false positives. And it only offers browser protection with Edge. You can also find a few third party antiviruses that are lighter on system resources, which is nice, especially for gamers. And it is just fewer data for Microsoft to have if you don't use their antivirus.

I always recommend either Kaspersky, F-Secure or ESET. They all have great protection and are light on the system. Bitdefender is also ok, but is much resource intensive. (I know some people may not like Kaspersky because of the whole Russia thing, but I still trust it.)

Defender has quite alot of false positives for gaming.

 

[Shadowra]

Defender has quite alot of false positives for gaming.

Any antivirus can produce false positives.
Microsoft corrects them fairly quickly if you submit them, however, I've never seen it remove a game...

Some AVs like Panda or Norton are more familiar with false positives (like Norton which detects Surfshark VPN as a PUP...)
Or Trend Micro, which blocks all unsigned files as suspicious ^^ (it protects, yes, but if you have a totally clean program coded by an independent developer who can't sign his program: It'll be blocked).

The only one that's ever removed a game is DeepInstinct, but its AI is too violent and you need to know how to configure it.

NB : Microsoft has even increased the size of files to be scanned and now knows how to block bloated files (those containing PrivateLoader, Vidar, EternityLoader or RiseProLoader)

 

[Xeno1234]

Any antivirus can produce false positives.
Microsoft corrects them fairly quickly if you submit them, however, I've never seen it remove a game...

Some AVs like Panda or Norton are more familiar with false positives (like Norton which detects Surfshark VPN as a PUP...)
Or Trend Micro, which blocks all unsigned files as suspicious ^^ (it protects, yes, but if you have a totally clean program coded by an independent developer who can't sign his program: It'll be blocked).

The only one that's ever removed a game is DeepInstinct, but its AI is too violent and you need to know how to configure it.

NB : Microsoft has even increased the size of files to be scanned and now knows how to block bloated files (those containing PrivateLoader, Vidar, EternityLoader or RiseProLoader)

I've never seen it flag an entire game but I've seen it flag game mods.
But I just realized that the one it flagged was also flagged by Triage.

 

[Shadowra]

I've never seen it flag an entire game but I've seen it flag game mods.
But I just realized that the one it flagged was also flagged by Triage.

If you've seen Wacatac or TrojanScript detected, it's probably because it uses scripts or a programming language it doesn't like.
Just report it to Microsoft.

 

[simmerskool]

It's funny to see you talking about ESET here in the community... I see you talking all over the place about this firewall problem you claim to have faced. It's funny, I've been an ESET customer for 3 uninterrupted years (and still am), I've never even had the problems you've already mentioned having with ESET and much less have I been infected in that period of time (36 months). It's curious because I wonder how much of it was really ESET's and not the user's...

I'm not saying that AV is the best and everything works 100%, because we know that no AV is, but it's curious to see you talking about ESET like this everywhere...

I posted about ESET SSP breaking my firewall, and various issues related to fixing it including conflicting tech support from ESET in real-time when it was happening, which was several months ago. I mentioned it today after @Shadowra's post because my experience is that it is better to use an AV that uses Windows Firewall. (Eg, F-Secure, MS Defender) Also at the time this firewall break happened to me, shortly after an SSP update, I saw several posts in other places of users having the same problem. Why is funny for me to talk about ESET? I am a long-time user of ESET, I am currently running NOD32 on this computer. But I urge caution about ESET's firewall. FWIW -- take it or leave it. Perhaps they have fixed it, but I will not use it again.

 

[Zero Knowledge]

If your going to use 3rd party AV just go with whatever is cheaper license wise. Kaspersky is cheapest I've found, followed by Norton/Avast/AVG. ESET/BItDefender are most expensive. But if I had to choose I would take ESET NOD32 with WF & WD periodic scans + Hard_Configurator.

simmerskool it's not only ESET that breaks WF, BitDefender does this too and it's stupid and dumb. Not sure how you delete/destroy/bork WF to the point you need to reinstall Windows to get it working again but obviously you can. Ridiculous that AV software is so bad and that MS allows AV software to delete/stuff up a crucial Windows services..

 

[simmerskool]

If your going to use 3rd party AV just go with whatever is cheaper license wise. Kaspersky is cheapest I've found, followed by Norton/Avast/AVG. ESET/BItDefender are most expensive. But if I had to choose I would take ESET NOD32 with WF & WD periodic scans + Hard_Configurator.

simmerskool it's not only ESET that breaks WF, BitDefender does this too and it's stupid and dumb. Not sure how you delete/destroy/bork WF to the point you need to reinstall Windows to get it working again but obviously you can. Ridiculous that Av software is so bad.

Good info. I ran Bitdefender free version for a short period, but just did not like it, but did not use it enough to know if it broke anything. At the time of my firewall incident, I was more troubled by the conflicting messages I got from ESET support. One tech said one thing, but another said 180 opposite. I had several exchanges like this. On the other hand, for me, NOD32, very smooth & very light.

 

[ErzCrz]

I'm using MD with DefenderUI and CyberLock/Voodooshield ($30 for 1 year with discount for extra years). I run WIndowsFirewallControl which although has a little bit of a learning curvei, is quite good and just a front end for Windows Firewall making it more capable and it prompts for any new connection there isn't a rule for and you can be very specific with the rules including temporary blocking ones.

MD with Hardening or the whitelisting approach of CL/VS fills in those signature and behaviour gaps in protection and a decent backup is an essential part to layered security but use what works for you