Windows 10 security tips and is Windows Defender good enough?

This article provides important information and tips about improving the security of your Windows 10 PC.

And this article will also show you the best free and paid antivirus software for Windows 10. Or is Windows Defender good enough and does it offer enough protection?

The best protection is YOU


Even the best antivirus programs can fail to detect new malware (computer viruses, ransomware, spyware, trojans, rootkits, etc.).


Malware threats have grown significantly in the past decade.

Malware threats grow so fast, that antivirus programs take too long to catch up with malware (even the best antivirus programs).

The best protection is you, and that's why it's important to learn about online threats and how to protect yourself from these threats.

You can avoid a lot of threats with some basic knowledge of computer and internet security and paying attention to everything you do, online and offline.

Don't use an administrator account for daily use, but use a standard account instead

This one change can make your PC instantly safer.

If malware or a hacker gets access to your system, then the malware or hacker has the same rights to whatever account you're using.

So if you're using an administrator account, then the hacker or malware has complete control over your system.

You need at least one administrator account on your PC, so you will have to create and use a new standard account, or create a new admin account and change your existing account to a standard account.

If you're already using your PC and set things the way you liked it, then it's better to create a new account and make the new account an administrator account, because when you create a new account you will need to set things up from the start (like personal settings, start menu, desktop shortcuts, program settings, etc.).

The steps below will show you how to create a new user account and also how to make an account an administrator account.

1. Open Settings.

2. Open Accounts.

3. Click on Family & other users (left sidebar).

4. Click on Add someone else to this PC.

5. Click on I don't have this person's sign-in information located at the bottom.

6. Click on Add a user without a Microsoft account located at the bottom.

7. Type a username, password (twice) and password hint.

Tip! If you want to use this account as an administrator account, then use a strong password.

8. Click on Next.

9. Click on the account you want to use as an administrator account and choose Change account type.

10. Select Administrator and then click on OK.

11. Now click on the account you want to use daily and choose Change account type.

12. Select Standard User and then click on OK.

Don't use the administrator account for daily use, but use a standard account instead.

Now, whenever you need to install software or change system settings, Windows will ask you for the administrator password.

It's much safer this way.

Keep Windows 10 and other software updated.

Updates may include important security fixes that prevent threats from infecting your Windows operating system or programs that are installed on your computer.

Always let Windows download and install updates automatically, so that you don't miss any critical security update.

Use antivirus software

Even though antivirus programs cannot offer you 100% protection against viruses and other malware, you can still benefit from having antivirus software on your Windows PC.

You can see antivirus software as an extra layer of protection.

The free antivirus programs I recommend are:

If you need more functions (e.g., multi-layer ransomware protection) and settings, then you can try a paid antivirus program.

Most antivirus companies offer the option to download and try their paid antivirus programs for free for 30 days.

The paid antivirus programs I recommend are:

Another option would be Windows Defender (Microsoft Defender).


Is Windows Defender good enough?

Windows Defender has improved significantly compared to the beginning of Windows 10.

It's well-integrated in Windows 10, doesn't cause problems after updates (unlike some AVs), and doesn't show you any advertisements.


Some people say that Windows Defender slows down their PC noticeably, while others don't even notice it at all.

You may notice it more when your PC has a normal hard disk instead of an SSD (solid state drive).

Also, Windows Defender still scans everything like an antivirus from the '90s, and this can cause slow down, and make full system scans take a long time.

Some antivirus programs make scans faster by adding clean files to a cache and will not scan the clean files at the next scan. They will remove files from the cache if someone or something access or modifies the files.


You can try Windows Defender or another antivirus program (like the ones I mentioned before) and see how it works on your PC.

Use malware scanners

Like I said before, even the best antivirus software can fail to detect malware (computer viruses, spyware, rootkits, etc.), so that's why it's a good idea to use second opinion malware scanners.

The free virus (malware) scanners I recommend are:

If you think that your PC has a virus (malware) infection, then you can also try the following free virus (malware) scanners:

You can use these virus (malware) scanners alongside your current antivirus software.

You can use these scanners to scan your PC periodically (e.g., once a week) or when you think your PC is infected with a virus or another type of malware.

Cover up or unplug your PC's webcam

Hackers can use Trojan horse malware to secretly install and run remote desktop software without your knowledge and with this remote desktop software they can turn on your computer's webcam and watch and even record you.

If you want to be absolutely sure nobody is watching and recording you via the webcam, then unplug your webcam if you're not using it or cover your webcam with tape, a peel-off sticker, or something else that can obscure the lens but can be removed easily when you actually want to use your webcam.

Create regular backups of your important files

Malware can damage, delete or encrypt (password protect) files (e.g., documents, photos, videos, etc.).

So, I don't need to explain any more about how important it is to have backups of your important files.

I recommend storing your backups on multiple locations, like on an external hard drive and a cloud storage service (e.g., OneDrive, Google Drive, Dropbox, etc.).

How to back up your files in Windows using free and reliable backup software

If you are using Windows Defender, then use ConfigureDefender

If you're using Windows Defender, then I recommend using ConfigureDefender.

ConfigureDefender is a free easy to use portable tool for configuring Windows Defender antivirus settings in Windows 10 (also hidden settings).

I will show you how to use ConfigureDefender in the steps below.

1. Go to (link opens in a new tab).

2. Click on the Clone or download button and then click on Download ZIP.

Download ConfigureDefender

3. Unzip the downloaded file (right-click > Extract All).

4. Double-click on ConfigureDefender_x64.exe (64-bit) or double-click on ConfigureDefender_x86.exe (32-bit) (depends on your system).

Note: If you don't know if your system is 32-bit or 64-bit, then right-click on the Windows start menu button, click on System, and then under Device specifications, you look at System type.


Press the [Windows] + [pause/break] keys on your keyboard and then under System, you look at System type.

ConfigureDefender will now open.

5. Under PROTECTION LEVELS, you click on the HIGH button.

Settings are now changed.

6. Click on the CLOSE button at the bottom of the tool.

Don't install pirated (cracked) software

The crack (a piece of software used to crack the software to make it look genuine) might actually be disguised malware.

Don't open email attachments from a suspicious email

Many computer viruses are spread through email attachments.

Attachments that contain viruses are either executable programs (file extensions: .com, .exe, .vbs, .zip, .scr, .dll, .pif, and .js) or macro viruses (file extensions: .doc, .dot, .xls, and .xlt).

If you don't trust a file or link, then you can also check it online using

Note: VirusTotal is not a 100% accurate solution. Even though it scans files and links with over 70 antivirus scanners and URL/domain blacklisting services, it's still possible that it misses something.

Create a system image backup

It's a good idea to create a Windows system image backup after you've just installed Windows and all of your 100% trustworthy software.

A system image is a backup that contains a copy of your Windows with all of your installed programs, system settings, and files.

You can use a system image to restore Windows and software when your PC or hard disk stops working, or when your computer has a virus or other malware that is difficult to remove or when Windows is not working properly anymore.

When your PC gets infected by a virus or another type of malware, then it's often better to restore the system image backup or re-install Windows.

You never know if your security software detects everything. Like I said before, even the best program can fail to detect new malware.

Malware can also burrow itself deeper into your system and hide from being discovered by your security software.


Malware can also open doors for other malware.

The only way to be 99% sure, is to restore a Windows system image or re-install Windows 10.

How to create a system image backup using free backup software

Enable the “show file extensions” option in Windows and always verify file extensions before clicking on them

Cybercriminals are very good at camouflaging files to make them look harmless. The purpose is to trick you into clicking on them and launch a malware infection that will take over your system.

Change your Windows settings to show file name extensions, so you will avoid clicking on shady file extensions, like .jpg.exe (.jpg isn't dangerous, because it's an image format, but combined with .exe it is malware).

Disable Autoplay on your PC

Autoplay is a Windows feature that allows you to quickly open digital media from USB flash drives, external hard drives, CDs, and DVDs with designated software.

Malware can use this feature to start running automatically and gain access to your computer.

Use caution when using browser extensions

Any form of browser integration can create security holes.

There are malicious extensions that can capture your passwords, track your Internet browsing activity, insert advertisements into web pages you visit, and infect your computer with malware (computer viruses, spyware, trojan horse, etc.).

Even a popular and widely recommended extension can one day be hacked or sold and turned into a malicious browser extension.

Always download software from a trusted source (e.g., official website of software developer)

Nowadays when you download software you have to be very careful before you click on any download button or link because you never know what you may end up with.

You might be downloading and installing crapware, adware, or even worse, a nasty piece of malware.

Pay attention while installing software

Don't click too fast on Next, Install, or OK while installing software because you might install extra unwanted third-party software (like toolbars, adware, etc.).

If you see extra offers, then uncheck all their checkboxes.

Check free software before installing it on your computer

The software could be malware disguised as software, so always Google the software first and look for reviews or forums that talk about this software.

Never download codecs or players to watch videos online

If a website asks you to install video codecs or a media player, then don't allow it.

It's not worth the risk. Most likely, you can find the video on YouTube or another video website anyway.

Don't trust pop-up windows that ask you to install unknown software

Don't click on OK, Yes, or Run when a pop-up window appears to ask you to download and install unknown software.

Malware can try to trick you into installing even more malware.

For example, a pop-up window appears with a warning message like “Your Windows computer could be at risk! Install the repair tool to clean and protect your system”, and then when you click on Secure now, OK, Yes, or Run, your system gets infected.

Don't open email attachments from a suspicious email

Many computer viruses are spread through email attachments.

Attachments that contain viruses are either executable programs (file extensions: .com, .exe, .vbs, .zip, .scr, .dll, .pif, and .js) or macro viruses (file extensions: .doc, .dot, .xls, and .xlt).

If you don't trust a file or link, then you can also check it online using

Note: VirusTotal is not a 100% accurate solution. Even though it scans files and links with over 70 antivirus scanners and URL/domain blacklisting services, it's still possible that it misses something.

Never ignore security warnings from your antivirus software or web browser

If your antivirus software or your web browser shows a security warning, then do not ignore it but investigate it.

Never click on links you don't trust

There are various ways in which a simple click on a wrong link can cause problems.

A link can be a direct download link of a piece of malware, a link can redirect you to an infected malicious website, and a link can also redirect you to a fake login page that can steal your login information.

So, when you get an email that contains a link, don't just click on the link. Same counts for links on websites, links in messages on social media (e.g., Facebook), and links in documents (e.g., Word, PDF, etc.).

If you don't trust a link, then you can also check it online using

Note: VirusTotal is not a 100% accurate solution. Even though it scans files and links with over 70 antivirus scanners and URL/domain blacklisting services, it's still possible that it misses something.

Always scan USB flash drives from other people

Never trust USB flash drives from other people - even if it's from your friend or family member.

USB plug-and-play devices are an easy way to infect a PC.

Always scan USB drives with your antivirus software and maybe also one or two malware scanners (e.g., Malwarebytes, Zemana, etc.) before opening or copying anything.

And don't get mad at your friend, family member, or acquaintance if your antivirus or malware scanner detects any malware because they probably don't know that their USB device contains malware.

Turn off “network discovery” and “file and printer sharing” in Windows when using a public WiFi network

The Windows “file and printer sharing” feature allows you to share files and your printer with other computers on the same network.

But if this feature is enabled, then some of your folders may be accessible to anyone connected to the same public network.

The Windows “network discovery” feature allows you to make your PC visible or hidden on a local or public network.


LastLineLabs: Antivirus isn't dead, it just can't keep up

GCN: Is antivirus now useless?

HowToGeek: Windows updates are breaking PCs with these antivirus programs

Mashable: Why it's a good idea to cover up your webcam

PCWorld: Why you should cover up your laptop's webcam

Bitdefender: Dangers of using pirated software

COMODO: Top 3 ways an email virus infects computers