Windows 10 Security Tips and Is Windows Defender good enough?
This article provides important information and tips about improving the security of your Windows 10 PC.
What's the best free and paid antivirus software for Windows 10? or is Windows Defender good enough and does it offer enough protection?
What Microsoft says about Windows 10 Security
Windows 10 is the most secure Windows we've ever built. From first boot up through the supported lifetime of your device, you’re covered by enhanced security features that help protect against viruses, malware, and even phishing attacks.(1)
Windows 10 Security Tips
The best protection is yourself
Even the best antivirus programs can fail to detect new malware (computer virusses, ransomware, spyware, trojans, rootkits, etc...).(2)
Malware threats have grown significantly in the past decade.
Malware (computer virusses, ransomware, spyware, trojans, rootkits, etc...) threats grow so fast, that antivirus programs take too long to catch up with malware (even the best antivirus programs).(3)
Therefore, the best protection is yourself and you need to pay attention with everything you do on the internet!
So, if you decide to download and install pirated software, click on links in unsolicited emails, ignore Windows updates, or use an unsecured web browser, then there's a good chance that your computer will get infected.
There's no better virus (malware) protection than yourself.
Best Free Antivirus for Windows 10
There are so many free antivirus programs out there that it's difficult to choose one.
The problem with most free antivirus programs is that they keep asking you to buy their paid products.
If you are looking for a good free antivirus program, then the free versions of Bitdefender and Kaspersky are good options.
Another option would be Windows Defender.
Is Windows Defender good enough?
Windows Defender is a real-time antivirus program that's built-in Windows 10.
It gives you a basic antivirus protection and automatically runs in the background.
It scans files when they're accessed and before you open them.
And it automatically turns on when you don't have or uninstall a antivirus program.
Updates for Windows Defender will automatically be delivered through Windows Update and will be installed like any other Windows update.
Is Windows Defender good enough?
Well, because Windows Defender never gets good results in Antivirus tests (AV-tests) like:
So I recommend using one of the free antivirus programs I mentioned before in this article.
If you are looking for better virus protection with more features, then the paid versions of Bitdefender and Kaspersky are good options.
Bitdefender and Kaspersky always get good results in antivirus tests (AV-tests) and these programs also won many awards.
You can also use other FREE tools together with your antivirus program to improve the security of your Windows 10 PC.
Use Second Opinion Malware Scanners
Like I said before, even the best antivirus software can fail to detect malware (computer virus, spyware, etc.), so that's why it's always a good idea to use second opinion malware scanners.
You can use these scanners to scan your PC periodically (e.g once a week, once a month, etc.).
Most malware scanners do not conflict, so it's not a problem if you use multiple scanners on your PC.
Examples of free second opinion malware scanners are:
- Malwarebytes (note: to download the free version, you will have to scroll down to the bottom of the page and then click on "DOWNLOAD 14 DAY TRIAL". You will get the Premium version for the first 14 days and after the 14 days it will turn into the free version – which is a on demand malware scanner)
- Zemana Antimalware (for the download button of the free version you will have to scroll down to the comparison table)
- Kaspersky Virus Removal Tool
- ESET Online Scanner
- Kaspersky TDSSKiller
Note: Always check the scanning results for false positives, so that you don't remove anything important.
Use Virus Total to Analyze Suspicious Files and URLs
VirusTotal is a free online service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
It uses multiple antivirus engines, website scanners, file and URL analysis tools and user contributions.
So if you don't trust a file or website/webpage, then you can check it with VirusTotal.com.
Disable and Remove Web Browser Protection and other Extensions
Most antivirus programs install browser protection extensions, but you don't need extra browser protection, because most web browsers have phishing and malware protection built-in and browser extensions can actually make you less safe, because browser extensions can create security holes. If you want better protection, then don't use browser extensions.(4)
Don't Use A Windows 10 Administrator Account
This one change can make your PC instantly safer.(5)
If a hacker gets access to your system, then this person has the same rights of whatever account you're using.
If you're using an administrator account and a hacker takes control of your system, then the hacker can do anything he or she wants and have full control of your system.
If you're using a standard account and a hacker takes control of your system, then the hacker can only do things that don't require administrator permission, so he or she can't change important system settings or install malware, and malware can't install itself unless you enter the administrator password.
So use a standard account to improve the security of your Windows 10 PC.
You need at least one administrator account on your PC, so you will need to create and use a new standard account, or create a new admin account and change your existing account to a standard account.
If you're already using your PC and set things the way you liked it, then it's better to create a new account and make the new account an administrator account, because when you create a new account you will need to set things up from the start (like personal settings, start menu, desktop shortcuts, program settings, etc...).
1. Open "Settings".
2. Open "Accounts".
3. Click on "Family & other users" (left sidebar).
4. Click on "Add someone else to this PC".
5. Click on "I don't have this person's sign-in information" located at the bottom.
6. Click on "Add a user without a Microsoft account" located at the bottom.
7. Type a username, password (twice) and password hint.
Tip! If you want to use this account as administrator account, then use a strong password.
8. Click on "Next".
9. Click on the account you want to use as administrator account and choose "Change account type".
10. Select "Administrator" and click on "OK".
11. Now click on the account you want to use daily and choose "Change account type".
12. Select "Standard User" and click on "OK".
That's it. Don't use the administrator account for daily use!, but just use a standard (local) account. Whenever you need to install software or change system settings Windows will ask you for the administrator password. It's much safer this way.
Disable SMB1 on Windows 10
Even Microsoft recommends that you disable SMB1 for security reasons – especially for WannaCrypt, Petya (also known as Petwrap) and other ransomware, because they also use this to attack the Windows operating system.(6) (7)
Follow these steps to disable SMB1 on Windows 10:
1. Open Windows Control Panel.
Two ways to open Control Panel in Windows 10 Creators Update:
- Type "control panel" into the Windows search bar and click on it when it appears.
- Press the [Windows] and [pause] keys and click on "Control Panel" located at the top left of the window.
2. Open Programs.
3. Click on "Turn Windows features on or off" located underneath "Programs and Features".
4. Uncheck the checkbox associated with "SMB 1.0/CIFS File Sharing Support".
5. Click on "OK" and restart your PC.
Always keep Windows and your programs up-to-date.
Updates may include important security fixes that prevent threats from infecting your Windows operating system or programs that are installed on your computer.
Always let Windows download and install updates automatically, so that you don't miss any critical security update.
Windows System Image Backup
It's best to always create a Windows System Image Backup after you've just installed Windows and all of your 100% trustworthy software.
A system image is a backup that contains a copy of your Windows with all of your installed programs, system settings, and files.
You can use a system image to restore Windows and software when your PC or hard disk stops working, or when your computer has a virus that is difficult to remove or when Windows is not working properly anymore.
When your PC gets infected by a virus or malware, then it's sometimes better to restore the Windows System Image Backup or to re-install Windows.
You never know if your security software detects everything. Like I said before, even the best program can fail to detect new malware.
Malware can also burrow itself deeper into your system and hiding itself from being discovered by your security software.
Malware can also open doors for other malware.
The only way to be 100% sure, is to restore a Windows system image or re-install Windows 10. This is what I always do when I find out that my PC is infected.
More Important Security Tips
- Use a firewall (Windows firewall is enough).
- Always take security warnings from Windows or your antivirus program seriously. Never ever ignore security warnings!
- Don't download and use pirated software.
- Never click on "OK", "Yes" or "Run" when a pop-up window appears and asks you to download and install unknown software.
- Never click to fast on "Next", "Install", "OK", etc... when installing software, because you might install extra unwanted third-party software (like toolbars). If you see extra offers, then uncheck all their checkboxes.
- Always download software from the official link or from a trusted website.
- Don't click on links in emails from unknown senders.
- Don't download and open email attachments – unless you can verify the source.
- Check free software before downloading and installing it onto your computer. Just Google the software first and look for reviews or forums.
- Use a secure and safe web browser like Google Chrome or Mozilla Firefox and keep it updated.
- Disable or uninstall Java if you don't need it.
- Disable or uninstall Flash Player if you don't need it. You should also disable Flash Player in your web browser.
- Don't click on links you don't trust, but first check the link. When you go with your mouse-cursor on the link, then you can see at the bottom left corner of your browser window the REAL location the link is pointing to. You can also check the link using VirusTotal.com.
- Never download "codecs" or "players" to watch videos online. If you can't play the video online in your secure web browser then there's something wrong with the video or website.
- When you insert a USB flash drive or external hard drive from someone else into your PC, then scan it first with your antivirus program before opening anything.
- If you want to take risks, then at least install VirtualBox on your PC, then install a operating system like Linux (Linux Mint or Ubuntu) as a virtual machine in VirtualBox and do your risky things in there. But remember that also this is NOT 100% safe.
That's all. If you want to learn more about computer and internet security (cyber security), then please visit one of the following pages (after the ad).
Maybe you're also interested in:
How to Build Your Own PC and Internet Security Suite For Free
Important Computer and Internet Security Information and Tips
How to Remove Malware (Virus) from Your Windows 7, 8 or 10 PC
Computer Virus: Types, Symptoms, Protection and Removal
Malware: Types, Protection, Prevention, Detection and Removal
Microsoft: Windows 10
LastLineLabs: Antivirus Isn't Dead, It Just Can't Keep Up
GCN: Is antivirus now useless?
HowToGeek: Don't Use Your Antivirus' Browser Extensions: They Can Actually Make You Less Safe
TheGuardian: Is Windows 10's 'Hidden Administrator Account' a security risk?
Microsoft: Stop using SMB1
TheWindowsClub: Why and how to disable SMB1 on Windows 10/8/7
Microsoft|TechNet: Limited Periodic Scanning in Windows 10 to Provide Additional Malware Protection
Microsoft: Scan an item with Windows Defender Antivirus
Microsoft: Help protect my device with Windows Defender Offline