We help IT Professionals succeed at work.

Malwarebytes and Windows Defender on Windows 10

Hi Security Experts,

I've been using MSE and MBAM on W7 for many years, both with real-time protection enabled. They play nicely together and, as far as I can tell, they're providing good anti-virus/anti-malware protection.

My understanding is that Windows Defender in the current W10 (1909) is a significantly improved product. For home computers (not on a domain), do you think that WD by itself is sufficient protection or would it be better to run MBAM (with real-time protection), too?

Btw, while doing some web research before posting this, I saw that some folks are recommending MBAM without real-time protection, that is, run MBAM manually every so often (or when there's a problem) to check up on WD. But I'm wondering if it's OK to run MBAM with its real-time protection — will that conflict with WD? Thanks, Joe
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Brian BEE Topic Advisor, Independant Technology Professional

Commented:
If your system has internet access of some sort, it's not a good idea to run without some form of live protection.

So to the main point of your question, generally two security programs will not play well together. So you are lucky that it has worked for you so far. I would not recommend it going forward because the two could conflict with other and cause something to be missed and you would never know.

Having said that, Windows Defender works very well on its own in a standalone situation. Paid for product are usually better than free products, of course.
Robert RComputer Service Technician

Commented:
I have had windows 10 on my system with Windows Defender, without any issues, for a number of years. I do a manual scan with Malware Bytes from time when something seems amiss. Windows Defender does to a good job in protecting me as I never have any viruses or malware on my main computer.
Top Expert 2013

Commented:
i have been giving all my customers windows 10 without any other AV than WD - no problems reported yet
So my advice is : for standalone PC's use ONLY WD - nothing else
Test your restores, not your backups...
Top Expert 2016
Commented:
FWIW, I have joined the Windows Defender camp for the past few years and think Microsoft has done a good job making the product a solid free option that provides some good protection.  I only use other things like MB when I see something suspicious and want to get a "second opinion".

That being said, I think it does depend a bit on your environment, and your users.  While Windows and internet security is not my top area of expertise, I consider myself an "informed user".  As such the fact that Windows Defender is weaker in say preventing phishing attacks is a little less concerning for me, since I think I can often recognize a phishing attempt a little better than some other users.

Also routers have gotten more sophisticated as well, offering better firewall and other intrusion protection, so make sure you are taking advantage of that, and updating your router (firmware or hardware) if it makes sense.  Layers are a good defense strategy.

Not trying to be a Google Monkey, but when I see questions like this they often serve as opportunities for me to self-educate and get caught up on topics I may not keep up with every month.  In looking around I did find the following page that if you haven't seen may be worth a read.  As always you have to interpret how it applies to you, but wanted to pass it along.


As mentioned earlier, it's often true that paid solutions outperform free solutions, that makes sense.  But on the other hand, you do need to decide what your needs really are, do you need a Ferrari when a BMW will get the job done (insert preferred brands of your choice there, but you get the idea).  Typically more robust products require a bit more knowledge, setup and care and feeding, but that isn't always the case.

For me, this quote I also stumbled across seems to match some of my thoughts these days, I think Defender is a solid part of a defense strategy, and then you supplement it if you have extended or special needs, or want an even higher sense of security.
Honestly, if you consistently practice safe computing -- you keep your software up to date, you use strong passwords (with the help of password manager) and you steer clear of unexpected emails and links -- you probably can stay clear of zero-day attacks and ransomware attacks. And with Microsoft's free Microsoft Defender Antivirus software running on Windows 10, you have a safety net if you do let your guard down. (Note that Microsoft recently changed the name of Windows Defender to Microsoft Defender and has expanded the service to other platforms.) This antivirus program is literally built into Windows -- just leave it turned on (it is by default) and let it do its thing and this will cover the basics. Microsoft pushes new updates daily.

»bp
Top Expert 2013

Commented:
and remember - there's no AV that guarantees 100% protection
Daniel PineaultPresident / Owner CARDA Consultants Inc.
Distinguished Expert 2018

Commented:
You should never install 2 anti-virus programs, as they can fight with one another, but installing a malware program along side an anti-virus is just fine and actually a smart thing to do.  Then ensuring they are run regularly becomes critical.  Personally, I'd install and run both and yes, I'd run MBAM manually (I find their real-time mode to be a computer killer absolutely remarkable at slowing down computers to a crawl - wasn't always the case)

As for protection, I have had less clients infected running WD than many others (AVG, AVAST to name but 2).  

That said, there are always new viruses, malware so even the best software can stop everything.  The best protection is the user being responsible, not navigating everywhere without knowledge, not downloading and installing all sorts of software, not opening unknown e-mail attachments, not authorizing website pop-ups, ...
Top Expert 2013

Commented:
>>   but installing a malware program along side an anti-virus is just fine and actually a smart thing to do  <<  i don't agree - as you can read above; it "may" have been so in the past - but no more needed now
>>  Then ensuring they are run regularly becomes critical.   <<  as i know my clients - that is NOT done; may be a couple do it out of hundred
Daniel PineaultPresident / Owner CARDA Consultants Inc.
Distinguished Expert 2018

Commented:
but no more needed now
The more tools you have in your arsenal the better you are off.  No one tool does it all and there is no downside to having a dedicated malware tool such as MBAM.

Then ensuring they are run regularly becomes critical.   <<  as i know my clients - that is NOT done; may be a couple do it out of hundred
No argument on most people don't do it, but this doesn't mean it shouldn't be done.  In some instances it can be scheduled to be performed automatically.  And if your end-users can't do minimal scanning themselves, them real-time solution becomes required.
Andrew LeniartIT Professional | Freelance Journalist | Looking for Opportunities
Distinguished Expert 2018
Commented:
Hi Joe,

They play nicely together and, as far as I can tell, they're providing good anti-virus/anti-malware protection.

And they continue doing so with Windows 10. I recommend ignoring any advice given here that says you can't do this.

I have clients that use Windows Defender and Malwarebytes with all real-time protection modules turned on (both Premium and Business editions of MWB) exclusively for Anti Virus and Anti Malware protection and they have zero problems. To say it will cause problems doing that is quite frankly, from my own personal experience, wrong.

For home computers (not on a domain), do you think that WD by itself is sufficient protection or would it be better to run MBAM (with real-time protection), too?

I would recommend running both Windows Defender and Malwarebytes Premium with all real-time protection functions turned on. My reasoning is because I have personally seen malware blocked by Malwarebytes Premium that was not caught by Windows Defender until the damage had been done.

In other words, whilst Windows Defender would detect the malware, it would not do so until it had already done its damage. Having Malwarebytes Premium active on the same machine would prevent any damage from being done by the malware in the first place. The same can be true the other way too, so it's always best to have both active.

I saw that some folks are recommending MBAM without real-time protection

Certainly no harm in doing that, but you miss out on many great features provided by Malwarebytes Premium (such as Ransomware protection) if you already have a license for it anyway.

But I'm wondering if it's OK to run MBAM with its real-time protection

Absolutely OK and in fact, highly desirable to do so. As mentioned earlier, I have clients that use this combination of protection across their entire office with zero problems or conflicts. Testing response times with one turned off shows little to no difference in noticeable speed of the workstations as well. If you have both available to you, it's plain crazy not to run both in my view.

will that conflict with WD?

Not in my experience, no. As well as my experience with client setups, I personally run Avast Premium Security, Malwarebytes Premium and, SuperAntiSpyware Professional, all with Real-Time protection turned on and benchmarking software shows extremely little difference with my machine's performance unless I turn off "all" protection, including the AV.

When products are designed to run together, there is no problem, and Malwarebytes will quite happily run with Windows 10 Defender without any issue.

Hope that's helpful.

Regards, Andrew
Scott FellDeveloper & EE Moderator
Fellow 2018
Most Valuable Expert 2013

Commented:
My own experience and working with several small offices included is Windows 10 with Defender has been sufficient. The exception has been for the bored employee that does everything on the internet but their job including hitting bogus sites for things like coupon clipping that elicit a  lot of spam with links that elicit more spam and load up the browsers toolbars with junk.  Things have been easily fixed using Microsoft anti malware removal tool.  

The best protection I found has been education. Teaching users things like "Quickbooks calling to sell support" and the fake domain renewal letter. Teaching users to make sure windows is up to date but not getting the latest update right away.

I do feel a good user like yourself is going to do well with windows defender. I have used just that myself for the past 4 years or so.
Daniel PineaultPresident / Owner CARDA Consultants Inc.
Distinguished Expert 2018

Commented:
@Scott
All very valid points!
Top Expert 2013

Commented:
i believe there are 2 options : with or without AV
i have made my choice - but note that i said " for standalone PC's"
and if people want to install  an AV - that's up to them, and that will be respected by everyone
Any decent modern av has a builtin cache, ignore list, and a bunch of other strategies that prevent them from scanning one another in a loop. so, expect them to play well. Check with filemon or a similar tool if needed.

I concur that a careful user behind a basic nat router can stay safe for years. I ran a  win2k machines with a public ip for quite some time. Back then, i had to do some hackish hardening. More recent versions should not be run without at least a nat router.

That does not mean it is a good idea.

Having a browser running with low privileges in a separate session and a decent  mail filter is one of the keys to expect some safety.

whatever you setup, clicking all over the place without thinking, downloading random software from unsafe sites and other such behavior WILL DEFINITELY end up with an infection of some sort. even with the best av or avs in the world. Relying on avs only is over optimistic.
Joe WinogradDeveloper
Fellow 2017
Most Valuable Expert 2018

Author

Commented:
My thanks to everyone who participated...I'm very grateful for your feedback. Fair to say that there's no absolute answer here...some folks think that WD only is fine, others think WD with occasional, as-needed manual runs of MBAM is the way to go, while still others think that both can run with real-time protection enabled. As there is no obvious "correct" answer, I've selected what I think are the two best posts as the "solution", and marked many of the others as "helpful". Thanks again for your comments. Regards, Joe