Is paid antivirus worth it?

ceecbtg · Nov 21, 2021

OVERKILL said:
Defender on 7 was not active protection and the OS isn't receiving security updates either. That's a very risky combo.

Exactly on 7 it's not antivirus as on 8-10, is antimalware only, but it's active protection, resident works with ridiculous resources waste and fast. I have some typical captured virus for playing and it detect good. It continues updating definitions today.

About OS updates... well people like me, you? or other who did know RTB-ISDN, Win 3x, 9x, XP or IRC nukes with modems without NAT-firewall protection... it's minor issue

OVERKILL · Nov 21, 2021

ceecbitog said:
Exactly on 7 it's not antivirus as on 8-10, is antimalware only, but it's active protection, resident works with ridiculous resources waste and fast. I have some typical captured virus for playing and it detect good. It continues updating definitions today.

About OS updates... well people like me, you? or other who did know RTB-ISDN, Win 3x, 9x, XP or IRC nukes with modems without NAT-firewall protection... it's minor issue

I wouldn't trust Defender on 7, just like I didn't trust security essentials with Defender:

Now of course a keen eye will note this was 2014, but Defender, and Security Essentials on top of Defender, didn't improve any as products past that point. When Defender became its own active product, particularly in terms of the improvements baked-in with Windows 10, it became quite good, but on 7, these were extremely weak.

As soon as I could run a firewall, I did

Atguard was the first OS-level firewall I used on Windows (NT5 beta) I avoided the non-NT OS's for personal use, despite being on the 98 beta team. I eventually baked up a BSD firewall out of an old 486 SX/25 that I used for NAT when I was at uni. Stuck a 28.8 modem in it when I got back home and switched it to Slackware and used IPTables/IPChains as FreeBSD didn't support my ISA modem. Transitioned to IPCop when that came out, switching back between it and other Linux firewall solutions and PFSense, which was new at the time but showed significant promise.

I run Enterprise gear now of course, but there are some great free firewall distros available for people with obsolete gear that would work great as a firewall if they didn't want to spend the money on something that requires a subscription.

himemsys · Nov 21, 2021

OVERKILL said:
Security Essentials was borderline useless, though the current Defender product is significantly better and probably more than adequate for your typical home user.

Agreed on OpenDNS being a good choice.

I prefer Quad9 or Cloudflare for malicious site filtering, and Cleanbrowsing.org for porn blocking + malicious site blocking. I have not tried OpenDNS' free filtering servers in awhile, but I do remember as they got bigger and more commercialized, they started tightening the screws in ways that pushed users to their paid product. Quad9 and Cloudflare don't even have paid versions of their dns servers that I'm aware of. For a paid version, I prefer Cleanbrowsing.org. It's cheap ($5/mo) and highly configurable. They respond rapidly to false positives (even on weekends).

I agree on the layered approach, which is why I suggested uBlock Origin too. I think the following approach:
Filtered DNS -> filtered browser (uBlock Origin) -> A/V (built-in MS version)

Will protect most home users really well.

OVERKILL · Nov 21, 2021

himemsys said:
I prefer Quad9 or Cloudflare for malicious site filtering, and Cleanbrowsing.org for porn blocking + malicious site blocking. I have not tried OpenDNS' free filtering servers in awhile, but I do remember as they got bigger and more commercialized, they started tightening the screws in ways that pushed users to their paid product. Quad9 and Cloudflare don't even have paid versions of their dns servers that I'm aware of. For a paid version, I prefer Cleanbrowsing.org. It's cheap ($5/mo) and highly configurable. They respond rapidly to false positives (even on weekends).

I agree on the layered approach, which is why I suggested uBlock Origin too. I think the following approach:
Filtered DNS -> filtered browser (uBlock Origin) -> A/V (built-in MS version)

Will protect most home users really well.

I use OpenDNS for people who don't want to pay for a configurable filtering solution, as you can manage multiple networks with it, select the level of filtration/security you want, make exceptions, personalize blocks...etc all while just using a free account. I've been a Cisco partner for almost 20 years, so when they bought OpenDNS, it just sort of became my default pairing. I haven't tried Quad9, so thanks for mentioning that.

For a paid solution, I use our Canadian CIRA DNS Shield product, which is incredibly good, and what I use at home. It's $100/year, so not too bad price-wise. It uses preferential routing to keep traffic within Canada when possible.

Jimmy9190 · Nov 21, 2021

Third party AV's have caused more problems for me than they ever solved. I have tried Avast Free and Bitdefender Free, they were impossible to remove and required a reset and clean re-installation of Windows to completely get rid of them. I have also used the paid Bitdefender Antivirus, found it to be way too overprotective and it kept bugging me to use their password manager and safe banking browser. Free third party AV's will bug you to upgrade to the paid versions and give you a lot of scareware warnings that your system is not protected, you are vulnerable, you need to run our software and browser cleaner scans right now, etc. All of which are just tactics to make you buy the paid version. I have had enough of that to last the rest of my lifetime.

The modern built in Windows Security Antivirus is more than enough for the Average Joe home user. It ranks right up there in protection with the big boys of paid and free third party AV's:

Comparison

www.av-comparatives.org

The downfall of Windows Security is it is hard to schedule a scan and the built in Smart Screen browser/phishing protection really only works with MS products like Edge. The MS Anti-Ransomware protected folder tool is cumbersome and hard to configure and still blocks some legitimate apps. I turned it off. I use the MS Security/Windows Defender augmented with the free Configuredefender tool set on High. Configuredefender opens up extra protection modules in Windows Security.

GitHub - AndyFul/ConfigureDefender: Utility for configuring Windows 10 built-in Defender antivirus settings.

Utility for configuring Windows 10 built-in Defender antivirus settings. - AndyFul/ConfigureDefender

github.com

I also use the free Malwarebytes Browser Guard extension and Ublock Origin in all browsers. That makes up for anything Smart Screen might miss and also has good ad and tracker blocking. Those combined with common sense and using good online hygiene are all I need to stay safe online. I don't believe in over-armoring my computer. The MS Antivirus does not have a file shredder but the few times I have needed one I used the shredder included in the free HiBit Uninstaller tool.

Ultimately this is one of those "ask 10 different people the same question, get 10 different answers" questions but for a home user that knows what to look out for online and uses common sense, Windows Defender/MS Security whichever name you call it works fine. It is integrated into Windows and does not nag you with ads or scareware. No AV, free or paid will catch 100% of the bad stuff online. The key is to know how to avoid the bad stuff in the first place. Stay safe, not paranoid.

Dave Sherman · Nov 21, 2021

Meh, last time I actually paid for AV I got Norton, and it was so slow and invasive I might have been better off if I had a virus. MalwareBytes and Windows Defender and no problems.

OVERKILL · Nov 22, 2021

Dave Sherman said:
Meh, last time I actually paid for AV I got Norton, and it was so slow and invasive I might have been better off if I had a virus. MalwareBytes and Windows Defender and no problems.

Supposedly, Norton has improved, but my track record with it mirrors yours in that it was historically big and bloated and had a significant impact on system performance and this was the case for so long I swore off their products. ESET and Kaspersky were much lighter weight and more effective.

The_Eric · Nov 22, 2021

Okydoky... Well I think I'll skip the paid A/V and stick with the Windows tool. Right now I'm using Firefox with the DuckDuckGo privacy add on, Privacy Badger, uBlock Origin , HTTPS Everywhere and Malwarebytes browser extensions.

Still not really what the DNS software does precisely, but am trying the Quad9 one (really for no better reason that it CLAIMED to not collect and track data). It is evidently implemented or operated by a utility called "Stubby" Stubby

But I just watched Quad9's short youtube video on configuring it and they say to go to your network connection and under wifi property (Internet Protocol Version 4 TCP IPv4) to enter 9.9.9.9. Since Stubby is supposedly configuring it, I would have expected to already see it as such, but instead it was 127.0.1.0 (or similar). So I went ahead and changed it to the 9.9.9.9... What am I missing? Do I do it right, or did I muck it up?

OVERKILL · Nov 22, 2021

The_Eric said:
Okydoky... Well I think I'll skip the paid A/V and stick with the Windows tool. Right now I'm using Firefox with the DuckDuckGo privacy add on, Privacy Badger, uBlock Origin , HTTPS Everywhere and Malwarebytes browser extensions.

Still not really what the DNS software does precisely, but am trying the Quad9 one (really for no better reason that it CLAIMED to not collect and track data). It is evidently implemented or operated by a utility called "Stubby" Stubby

But I just watched Quad9's short youtube video on configuring it and they say to go to your network connection and under wifi property (Internet Protocol Version 4 TCP IPv4) to enter 9.9.9.9. Since Stubby is supposedly configuring it, I would have expected to already see it as such, but instead it was 127.0.1.0 (or similar). So I went ahead and changed it to the 9.9.9.9... What am I missing? Do I do it right, or did I muck it up?

If Stubby runs locally, then the computer (127.0.0.1) is the DNS server.

For network-wide DNS protection you turn off DNS proxy in your router and set the specific DNS servers you want to use in there so that every device on the network gets protected.

The_Eric · Nov 22, 2021

Sadly I'm nowhere near on par with you and your description. I just haven't stayed current with computers and their connectivity

So basically this is at our little repair shop - we have the provided modem/router and I run my laptop from that. No real serious stuff takes place here... Occasional personal banking, but no customer deets. It's only used to store spreadsheet type (Libre Calc) invoices and do basic web surfing with online vendors mixed with a little personal use (BITOG for ex)

Knowing that, what would I need to do then? I guess I will try to undo my doings in the DNS, but what else?

Thanks for taking the time to help me out!

The_Eric · Nov 22, 2021

I went and re-looked at their instructions, followed the command prompt, but got something slightly different than expected.. What is this telling me?

meep · Nov 22, 2021

Best thing I’ve done - is install windows using an administrator account, and then make a user account, and then always use the user account for daily stuff, never using the admin account. If something gets on there through my user account while I or someone else is using it, it doesn’t have admin level access. I’m also very picky about not installing anything I‘m not comfortable with - my PC is probably quite boring by most ppl’s standards.

OVERKILL · Nov 22, 2021

The_Eric said:
I went and re-looked at their instructions, followed the command prompt, but got something slightly different than expected.. What is this telling me?

View attachment 78796

That looks fine

himemsys · Nov 23, 2021

The_Eric said:
Sadly I'm nowhere near on par with you and your description. I just haven't stayed current with computers and their connectivity

So basically this is at our little repair shop - we have the provided modem/router and I run my laptop from that. No real serious stuff takes place here... Occasional personal banking, but no customer deets. It's only used to store spreadsheet type (Libre Calc) invoices and do basic web surfing with online vendors mixed with a little personal use (BITOG for ex)

Knowing that, what would I need to do then? I guess I will try to undo my doings in the DNS, but what else?

Thanks for taking the time to help me out!

What OVERKILL was getting at is, if you have more than one computer using a single internet source, you can set up Quad9 on your router and it will automatically work with any computer that uses that router to connect to the internet. No need to configure multiple computers.

Even though it sounds complicated, the hardest part is knowing how to log into the router's web interface. From there, just find the fields that are labeled DNS Servers and put in Quad9's address:
9.9.9.9
149.112.112.112

Save and possibly reboot the router and now every computer on the network is using the custom DNS servers.

But it sounds like you already got it working configured at the computer. Nicely done!

RTexasF · Nov 23, 2021

Bitdefender Antivirus Free has worked well for many years on my aging laptop with Defender on in the background. I've yet to have a problem so paying is not worth it for me.

javacontour · Nov 23, 2021

meep said:
Best thing I’ve done - is install windows using an administrator account, and then make a user account, and then always use the user account for daily stuff, never using the admin account. If something gets on there through my user account while I or someone else is using it, it doesn’t have admin level access. I’m also very picky about not installing anything I‘m not comfortable with - my PC is probably quite boring by most ppl’s standards.

Same here, in computing, boring is good.

Non-privileged account for day to day tasks.

alarmguy · Nov 23, 2021

himemsys said:
What OVERKILL was getting at is, if you have more than one computer using a single internet source, you can set up Quad9 on your router and it will automatically work with any computer that uses that router to connect to the internet. No need to configure multiple computers.

Even though it sounds complicated, the hardest part is knowing how to log into the router's web interface. From there, just find the fields that are labeled DNS Servers and put in Quad9's address:
9.9.9.9
149.112.112.112

Save and possibly reboot the router and now every computer on the network is using the custom DNS servers.

But it sounds like you already got it working configured at the computer. Nicely done!

Wow, nice post guys. I never knew about this, not that I am all things internet, not at all but loved the subject for decades and part time hobbyist reading ect for decades.
I never kept after market antivirus software on my computers going back well over a decade now.
But this is really cool, never knew about it, just went to their website, of course it comes from the Swiss just like protonmail.

Literally can set up my individual Mac in seconds (just watched their video. I like the router idea, will have to try that later, wife works from home, cant have her connection go down. But before I do, will this affect off the top of my head, the 25 devices we have connected to our router?
Will it cause any connection problems? I suspect not but ...

One concern would be my wife's office computer which connects through our router, her company computer connects via built in VPN to her corporate office. I can not risk her having issues, her workday is intense and time sensitive.

Thanks..

alarmguy · Nov 23, 2021

For now I just changed my Mac, took seconds. No change in speeds or any downside? Still not sure why other then reading their site, any possible negatives about doing this?... thanks, just leery over "sites" or companies that are going to help protect my computer with no side affect.

Screen Shot 2021-11-23 at 9.31.04 AM.png

Screen Shot 2021-11-23 at 9.29.09 AM.png

SHOZ · Nov 23, 2021

I use Bitdefender, ~$90US a year.. Works great and have not had any issues since using it for over 5 years. It will let you know when it stops something.

Peted · Nov 23, 2021

The_Eric said:
Hey guys - I've always used free type antivirus programs and have always been happy with the result (that I know of), but since really haven't paid attention to what constitutes a threat to a PC today, I'm not really sure if I should pony up some cash for a bitdefender, kaspersky or whoever

BitDefender and Kasperksy are arguably the two best AV on the market. We use BitDefender Small Business at my work.
However, what you really need is common sense and a good adblocker on your web browser. Install "Ublock Origin" and be sure not to download anything suspicious. When in doubt use virustotal.com
Brave Browser has adblocking and web protection built in.

+1 on DNS filtering.

OVERKILL said:
Defender on 7 was not active protection and the OS isn't receiving security updates either. That's a very risky combo.

I still have an old XP machines for old school games and web browsing but no personal info and no online purchasing on that machine. Otherwise I still use Windows 7 and Windows 10 of course.

Is paid antivirus worth it?

ceecbtg

OVERKILL

$100 Site Donor 2021

himemsys

OVERKILL

$100 Site Donor 2021

Jimmy9190

Comparison

GitHub - AndyFul/ConfigureDefender: Utility for configuring Windows 10 built-in Defender antivirus settings.

Dave Sherman

OVERKILL

$100 Site Donor 2021

The_Eric

OVERKILL

$100 Site Donor 2021

The_Eric

The_Eric

meep

OVERKILL

$100 Site Donor 2021

himemsys

RTexasF

javacontour

alarmguy

alarmguy

SHOZ

Peted

Similar threads