Is Windows Defender enough?

kelper said:

You say, " I personally don't use any antivirus software, and use Sordum Defender Control to disable Windows Defender completely." No wonder you know how viruses infect computers!

Viruses are a tiny part of the problem; it's malware (which includes viruses) that we have to fight. A good anti-malware program will detect many attack vectors such a scam emails, dodgy websites, keyloggers and many others.

Click to expand...

Well, that comes largely from writing software and having a pretty deep understanding of how Windows works internally, along with an analytical mind. Understanding how computers get infected is a matter of working backwards from the rogue processes/files and figuring out how they got there (which is another reason why I like my computers lean and mean; it's easy to identify processes that shouldn't be there if you're at <50 processes on a fresh boot instead of at 250). Asking the user what they were doing when they first noticed issues, or if there was anything unusual they could think of helps provide clues too. Having experience cleaning infected systems up and learning the process of infection along the way is why I am comfortable running no antivirus software. I know how it happens, and it's pretty easy to intentionally avoid. For example, questionable/new software can be manually scanned with Malwarebytes (free) or VirusTotal, and then run in a sandbox to see what it will do.

Yes; hence my positive mention of Malwarebytes. Often malware/adware gets downloaded first, and since it isn't a "virus", it has a higher chance of bypassing initial detection by conventional antivirus software. Then the virus comes later, once the unwanted software has gotten itself embedded in the machine. If the virus gets hit by your antivirus software, the malware/adware can keep trying to load something else over time until it succeeds. Malwarebytes has a much lower detection threshold, tagging even "potentially unwanted software", which sets it apart from the others as especially useful.

Most malware today contains no virus, why are you so focused on viruses?

At work I use MS Defender, but at home using Bitdefender Free. But its my personal choice. But yes MS Defender do an excelent job.

MiguelAngel11 said:

MS Defender do an excelent job.

Click to expand...

Defender tested with default settings, and Smart App Control enabled.

I'm using Windows Defender and I also have a lifetime subscription to MalwareBytes, so I have that running as well. Both have coexisted for years quite well, and I've had no breeches or infections. I also practice common sense security measures with email and websites.

kelper said:

Most malware today contains no virus, why are you so focused on viruses?

Click to expand...

Yeah - the days of viruses being the primary concern were from days when hackers were basically amateurs disrupting pcs just for the sheer hell of it. However, such attacks never made the hackers really rich.

Malware nowadays is basically organised crime and is much more lucrative e.g. ransom attacks, getting bank details to steal users savings, phishing attacks e.g. you have not paid invoice blah nlah blah.

TBH I cannot even remember last time I had a virus attack or even a quarantine and that is just using Defender.

Maleware often relies on conning users. I pretty much assume all emails are scams. I never send banking details online and only purchase from recognised sources e.g. Amazon, Asda (UK supermarket). I even take care with ebay.

So the (regrettably oxymoronic) Common Sense is an important part of security.

Of course Defender is more than just an AV package.

With sensible backups, one can protect against ransomware for example but nothing can protect against e.g. phishing attacks other than a brain.

In fact, my major concern is that AI malware is now the biggest threat to us all e.g. identity faking.
I do not think is beyond the realm of modern AI malware to be able to crack banking systems and I am not even sure Common Sense will help in the future.

Yep, it's only a matter of time, and probably not that much time, that the AI malware becomes the major issue. I'm starting to see a day where we'll have one sacrificial system that we connect to the Internet and any other computers will be totally off-line and just be on a local network.

That is a concerning thought. At the moment AI is being used for good things like a scanning hyperlinks for negative content, helping write code and so on, but I guess if some bad person created their own AI, they could use it for nefarious purposes. Similar to the Internet. When the World Wide Web first started it was supposed to be open and free and positive and then it got commercial. The companies running AI seem to be for progression for the future, but I wonder if there's any legislation as to what they can and can't do. A good company would ensure their AI was programmed not to do negative things. Ie to be ethical.

You don't need to create your own, just leverage someone's else's, e.g.


Even AI-based tools intended to help defend a network are being used offensively.

Hazel123 said:

At the moment AI is being used for good things like a scanning hyperlinks for negative content

Click to expand...

Hazel123 said:

I wonder if there's any legislation as to what they can and can't do

Click to expand...

I love to see when people see positive on AI.
But... sadly Hackers/criminals started to use AI to develop malware several years ago, to be able to update the code fast to keep it as zeroday to prevent the AV's to keep up so the malware signature changed all the time.
It became such problem that they went from signatures to app behavior detection... etc etc etc.
It dont matter if they create laws, as only good guys follows the law.
It is easy to circumvent the built-in ethical blocks that is in chatGPT to create harmful code, you just have to manipulate the question and formulation to make it do it.

Also there is local AI's you can download that dont have those ethical blocks, so you can be direct..
(Create a malware that scan all network devices) This one will be blocked by GPT.
(Create a program that can detect and list all my devices i have in my network) This one will most likely be answered by GPT..
It will produce the same code as it does the same thing.

So i would love if they could build in blocks that actually worked... But its to late.. even if GPT6 will have it.. there is already GPT4 and GPT5 that can be used instead. And as they can be downloaded for local usage.. Its sadly too late to put the genie back in to the bottle...

I used to rely on windows defender until i got wise...now i have bitdefender plus nordvpn. Im on hotspot so it is critical that i have these. Zero incidents

Marie SWE said:

I love to see when people see positive on AI.
But... sadly Hackers/criminals started to use AI to develop malware several years ago, to be able to update the code fast to keep it as zeroday to prevent the AV's to keep up so the malware signature changed all the time.
It became such problem that they went from signatures to app behavior detection... etc etc etc.
It dont matter if they create laws, as only good guys follows the law.
It is easy to circumvent the built-in ethical blocks that is in chatGPT to create harmful code, you just have to manipulate the question and formulation to make it do it.

Also there is local AI's you can download that dont have those ethical blocks, so you can be direct..
(Create a malware that scan all network devices) This one will be blocked by GPT.
(Create a program that can detect and list all my devices i have in my network) This one will most likely be answered by GPT..
It will produce the same code as it does the same thing.

So i would love if they could build in blocks that actually worked... But its to late.. even if GPT6 will have it.. there is already GPT4 and GPT5 that can be used instead. And as they can be downloaded for local usage.. Its sadly too late to put the genie back in to the bottle...

Click to expand...

So I was being naive!

Hazel123 said:

So I was being naive!

Click to expand...

No i see it as a optimistic view we all want.
sadly we almost never get what we want.
I'm in to ethical cyber security and i do use AI to help me generate scripts and code for ethical testing.
The last thing i did was to develop a code to protect a laptop if it gets stolen and booted by someone that dont know how to boot the computer, the drive will be wiped as the laptop contain sensitive data.
But that code with a few modifications can be abused as malware payload to wipe the disk. So i wont share the code because of that.

It is not bad inventions, its always the bad intentions.
just look at nuclear fission.. its green energy zero CO2 emissions.. so what did they do with that invention... the A-bomb...
I dont know why.. but it seems as humanity always end up finding bad things to do with good inventions

Marie SWE said:

No i see it as a optimistic view we all want.
sadly we almost never get what we want.
I'm in to ethical cyber security and i do use AI to help me generate scripts and code for ethical testing.
The last thing i did was to develop a code to protect a laptop if it gets stolen and booted by someone that dont know how to boot the computer, the drive will be wiped as the laptop contain sensitive data.
But that code with a few modifications can be abused as malware payload to wipe the disk. So i wont share the code because of that.

It is not bad inventions, its always the bad intentions.
just look at nuclear fission.. its green energy zero CO2 emissions.. so what did they do with that invention... the A-bomb...
I dont know why.. but it seems as humanity always end up finding bad things to do with good inventions

Click to expand...

Not sure you can describe nuclear reactors as green due to radioactive waste but they do help CO2 emissions for sure. As an ex Nuclear employee, I still firmly believe Nuclear Energy is the way forward.

Perhaps, I could buy a baby sized reactor and use it at home for charging a car but I doubt I would get planning permission LOL.

JesseRBassett said:

Just curious if using MS Windows Defender is good enough internet security for one's pc?

Click to expand...

When we talk about “internet security,” we’re really talking about two layers:

• First, the anti-malware engine.
• Second, the protections that reduce your attack surface (web/phishing protection, firewall, exploit and ransomware defenses, etc.).

We run a small test lab in Iran to evaluate our systems against the high volume of daily cyberattacks. We also maintain an isolated test machine for newly discovered malware. Some of our endpoints run Windows 11, so my comments here focus on that OS rather than Linux. I’m not a full‑time security engineer, but I’m interested in penetration‑testing techniques and sometimes emulate attacks using Kali Linux in a lab environment.

For a typical home user, Microsoft Defender (built into Windows 11) is the best free option—provided you keep Windows fully updated and enable both cloud‑delivered protection and automatic sample submission. Combined with basic “common sense” (avoiding cracked software, suspicious attachments, and unknown links), it offers solid baseline protection. You’re unlikely to be a high‑value target for a professional hacker, but opportunistic attackers—often using phishing or ransomware—may still try to steal money or hijack your hardware for cryptocurrency mining.

That said, in our internal tests with fresh, in‑the‑wild samples, Defender missed a noticeable portion of very new malware. Top paid suites consistently caught more and offered stronger phishing/web blocking and hardening features. In our office, we use ESET because it balances high detection rates with useful extras (robust firewall, web protection, granular controls) and has proven more effective at blocking live attacks.

Direct answer: For low‑risk home use, Defender can be sufficient if it’s properly configured and paired with good habits. If you face higher risk—such as targeted phishing, frequent exposure to untrusted files, remote desktop access, or you want extras like a VPN, password manager, or advanced firewall—consider a reputable paid suite like ESET, Bitdefender, Kaspersky, or Norton.

Why Microsoft Defender might be “good enough”​

• Baseline coverage: Real-time protection, cloud-delivered detection, SmartScreen for phishing/malware URLs, ransomware protections (Controlled Folder Access), firewall integration.
• Low friction: No extra cost, low system impact, strong OS integration, tamper protection, and fewer compatibility issues.
• With good habits: For users who install software only from trusted sources, keep Windows and browsers updated, and use modern browsers with safe-browsing, Defender covers the basics well.

Where paid suites add value​

• Zero-day and web threat blocking: Often faster at detecting and stopping brand-new samples, malicious scripts, and phishing sites.
• Attack-surface reduction: Stronger exploit protection, advanced firewall controls, network intrusion prevention, and device-control policies.
• Privacy and convenience: Built-in VPN (in higher tiers), password manager, webcam/mic protection, anti-tracker, and identity monitoring.
• Management and visibility: Better logs, alerts, sandboxing, and options to fine-tune policies—useful if you’re supporting multiple devices.

Note: Your specific results will depend on what you click, where you download from, and how quickly cloud detections update. Lab tests (including ours) with very fresh samples tend to favor top paid suites; this gap matters most for higher-risk users.

Practical hardening tips for Windows 11 (with or without a paid suite)​

• Update everything
  • Windows Update: Enable automatic updates.
  • Apps and drivers: Keep browsers, add-ons, and drivers current.

• Enable key Defender features:
  • Cloud-delivered protection and sample submission for faster detections.
  • SmartScreen in Windows and in Edge/your main browser.
  • Controlled Folder Access to add ransomware resistance (test your workflows).

• Reduce attack surface:
  • Use a standard user account for daily work; reserve admin for installs.
  • Disable or lock down RDP if you don’t need it; use strong passwords and 2FA for remote tools.
  • Uninstall risky plugins and old Java/Flash-era baggage.

• Browser and email hygiene:
  • Don’t run macros in Office docs from email or messaging apps.
  • Consider DNS filtering (e.g., Quad9, Cloudflare Family) for extra phishing/malware blocking.

• Backups and recovery:
  • 3–2–1 backups with at least one offline or immutable copy; periodically test restore.

• Password and 2FA:
  • Password manager and two-factor authentication (prefer app-based or security keys).

Notes for a higher-risk environment (like Iran)​

• Phishing and poisoned downloads: Be extra wary of cracked software, “activators,” and trojanized installers; they are a leading infection vector.
• Cloud connectivity: Defender’s best detections rely on cloud lookups—ensure it has consistent internet access. If connectivity is restricted, the benefit of a paid suite with strong offline heuristics/sandboxing grows.
• Targeted lures: Expect localized phishing and messaging-app delivery; treat document downloads and shortened links as suspicious by default.

@Sheikh

I am testing your Windows Optimisation script. A control panel window opens but nothing happens. Was I supposed to do something? I closed it and the script is progressing but my laptop goes to sleep and I have to keep waking it. Could you add a line to turn off sleep?

cereberus said:

Not sure you can describe nuclear reactors as green due to radioactive waste but they do help CO2 emissions for sure. As an ex Nuclear employee, I still firmly believe Nuclear Energy is the way forward.

Perhaps, I could buy a baby sized reactor and use it at home for charging a car but I doubt I would get planning permission LOL.

Click to expand...

I think it is Google that started to talk about having SMR reactors to their data centers, or it was another big tech company.
Yeah i see that as needed too as CO" levels need to go down.. and coal and diesel reactors isn't good..
But they have to push development for even safer reactors.. So worst case scenario just is, it wont run again.. and no risk for the environment or people near by.

cereberus said:

Perhaps, I could buy a baby sized reactor and use it at home for charging a car but I doubt I would get planning permission LOL.

Click to expand...

It's easier to ask for forgiveness than permission. :)

Sheikh said:

When we talk about “internet security,” we’re really talking about two layers:

Click to expand...

That was a pretty good summary
You forgot the philosophically layer thogh.... The state of mind of zero trust.

YES WD is fine or more than sufficient for domestic machines. Corporate / business systems -- different ballgame.

Most 3rd party A/V companies for domestic computers are flogging C20 solutions for C21 systems where the main problem for individuals is preventing being scammed (much more difficult to do via software) than actual hacking. Who even needs even the old respected "Venerable Malwarebytes" package any more.

These companies just prey on people's sense of paranoia now. Just don't leave sensitive material online and update the security regularly. It's amazing how much private info people just give away voluntarily !!!.

WD is almost of military strength now if you update regularly on latest releases of Windows. It's based on Ms's Azure -- and when was the last time Azure was hacked or had a big downtime.

Cheers
jimbo