hopmedic
Active member
It is, and they probably should have. But naming has never been one of Microsoft's winning characteristics.
Anti-virus for SP3
- Thread starter MBSMD
- Start date
It is, and they probably should have. But naming has never been one of Microsoft's winning characteristics.
EssThree
New member
Bitdefender is amazing. I've been using a free trial on my Surface Pro for the past few months now, and I'm going to get a 2 year subscription for all my PCs when my Webroot subscription runs out. All the articles I've read show that it has the lowest (tied with Kaspersky) performance impact of any anti-virus, while still maintaining top detection rates.
I just need to decide if I'm going to get the Windows 8 specific version or not...
I just need to decide if I'm going to get the Windows 8 specific version or not...
Yes, really. I'd love to read more about these 'facts' you're quoting and also which independent (hopefully) test lab was responsible but you did not link to the article, just in case that detail slipped your mind.
Even based on what you do remember:
4 or 6, suitably vague, but ok. Now I would never go with an AV ranked that low, but maybe that's just me and others have lower standards where they feel that sort of rank for a critical piece of software is some sort of great achievement to write home about. In today's world even a 97% detection rate is laughed at when the best anti-malware suites regularly hit the 99%+ mark.
Also, you want a recent result? Why selectively ignore RichardBurt's link to the AV-Comparatives test from July 2014 that placed MSE/Defender dead last?
No-one (including MS itself BTW) is denying that MSE/Defender provides basic security that's better than nothing, and for the tech savvy it may be all that's needed. However for clueless users who love to go clicky-clicky on every stupid forward/attachment/link in sight there's no way I at least would rely on it to keep them safe.
Windows Defender was originally only an anti-spyware utility. MSE was a more comprehensive solution since it included an anti-virus module too. In Win8 what MS did was basically rebrand MSE as Defender and include it in the OS (yeah, they have serious issues with naming). So today Windows Defender (in Win8) and Microsoft Security Essentials are essentially the same thing, same engine, same updates etc.
raqball
New member
Slow down there turbo.. 
It's just antivirus and I can care less which product people choose to use. Why get so upset over it? I mean its not your computer they are protecting right?
Me? I'm pretty safe on the net so I'd be fine with Windows Defender but my son is click happy and has no internet security awareness. I went with Webroot for his PC and since it came with 3 licenses, I tossed it on my SP3 as well.
Relax man, it's just a computer program. If people want to use Windows Defender and they are happy with it, then more power to em. If people want to use Webroot and they are happy with it, then more power to em. If people want to use Kaspersky and they are happy with it, then more power to em. If people want to use.... You get the point.
It's just antivirus and I can care less which product people choose to use. Why get so upset over it? I mean its not your computer they are protecting right?
Me? I'm pretty safe on the net so I'd be fine with Windows Defender but my son is click happy and has no internet security awareness. I went with Webroot for his PC and since it came with 3 licenses, I tossed it on my SP3 as well.
Relax man, it's just a computer program. If people want to use Windows Defender and they are happy with it, then more power to em. If people want to use Webroot and they are happy with it, then more power to em. If people want to use Kaspersky and they are happy with it, then more power to em. If people want to use.... You get the point.
berty6294
New member
Slow down there turbo..
It's just antivirus and I can care less which product people choose to use. Why get so upset over it? I mean its not your computer they are protecting right?
Was your reply aimed at me? A quote would have helped.
I do not care in the least what people use on their PCs. I do care about misinformation being spread on the basis of which people who come here for advice may end up in trouble. I'll repeat, if you are the tech-savvy type then you can get by with MSE/Defender just fine. Why, some people do not believe in AVs and say they have no problems surfing even without anti-malware installed! As long as your brains and common sense are compensating for an inadequate security solution that's fine I suppose.
If OTOH you are the type who fits the profile I mentioned above, I would not recommend the out of the box solution as your one and only layer of protection, as simple as that. Eventually what people choose to go with is entirely their own responsibility but at least they should make an informed decision knowing full well which category they fall into (or the system admin - who happens to be any person responsible for regular cleanup of malware - should know which category the system's users fall into).
Last edited:
raqball
New member
I tried Kaspersky, Webroot, AVG, and Bit Defender each for a few days at a time before deciding which to purchase. I went with Webroot and an happy with the purchase. Set it up, let it ride and forget about it for the most part..
hopmedic
Active member
There are two of us in this thread who both mentioned the same article. If you want it so bad, go find it. But both of us saw it, it is recent, it was independent, and MS ranked something like 4 or 6 on a list of over 20. I'd be glad to share the article with you, but I couldn't find it. But that doesn't make it untrue.
But from what I read, you definitely need something rated higher. Agreed.
Last edited:
Not interested in a wild goose chase when people can't be bothered to back up their statements with a source. What ticked me off was the tone of your reply. I at least provided links, however old. All you did was mention some article you vaguely remembered and acted as if just the fact that you commented on it was in itself some sort of stamp of veracity. How accurate or full of "facts" the article is remains in doubt when one can't even check it out, no matter what some stranger(s) on the internet vaguely remember it to contain. Not just that, even if this lab ranked MSE/Defender as high as #4, there are others, equally independent, that regularly rank it much lower. I tend to place more faith in what multiple independent labs say, over one that somehow ended up with an anomalous result.
Yes, I do, for the PCs of my parents and aged relatives. For them MSE/Defender is insufficient because it's simply not up to the task of protecting their machines.
Last edited:
She wants a 7" tablet so she can carry it in her purse. I'm waiting for some of the newer devices to be announced as I don't want to spend much on her tablet.
Wonder, why Avira was only suggested one time here. It seems to trump all test for for being able to find newest threats (even better than Panda) yet very few false positives. They for sure were resource hungry for several years but seem to have ironed that out. I will see if I can find the monthly tests for newest threats again and will post the link.
Edit: Here it is http://www.av-comparatives.org/
Edit: Here it is http://www.av-comparatives.org/
link68759
New member
As much as the advertising on AV (yes even free ones) like to mislead you, AV is only ever an after the fact, cleanup and removal tool. Whatever "active defenses" your AV claims to have, it's not worth paying money for.
The fact of the matter is, if users would just properly configure their environment, you likely would not get many (if any) viruses in the first place. Yes, I put some of the blame on the user- because while neither OEM nor Microsoft itself will configure it for you or even inform you that you really, really should do this, when I tell you the answer I guarantee there will be witching and moaning and a general refusal to do it from many of you.
DON'T RUN AN ADMINISTRATIVE ACCOUNT.
TURN UAC ON.
Do you know the real reason browser exploits are so devastating? It's because every windows user is running their browser from an administrative account and thus any given website can use a flash/java exploit to do whatever the hell they want. If you were running the browser as a standard user, you're much safer. Users are sandboxed to an extent and the vast majority of viruses will not be able to escape the sandbox. Your AV, which is running as admin, will be outside of this sandbox with the power to manipulate contents within in. The virus won't be able to infect/disable your AV or resist deletion. If your AV can't delete it, you need only to log out of your user account to stop all processes associated with your user account.
This is par for the course on linux. How many of you unfamiliar with linux have heard the term "sudo" or "root"? Root is the admin account that every linux distro has, and sudo is effectively the UAC of linux. Because linux devs are generally security conscious, many linux programs will outright refuse to work if it detects that you are trying to run it as root. If you casually use the root account, you will be laughed out of the linux community. So why is it acceptable, or even preferred, in the windows community? It shouldn't be. It's wrong. It needs to change.
Generally, what other people do with their own computers is their business. However, other people running an administrative account affects the entire windows community- so I urge you all to make this change. Too many programs require administrative access for no good reason, and don't support UAC which means you cannot run them from within a user account. Too many devs I've tried to discuss this with scoff at the idea of "wasting time" adjusting their program to be compatible with the security protocols in place, and very rudely dismiss it as not a problem.
Make the switch. Run a standard user. If a program doesn't work properly, or gives you a UAC prompt when you think it should not need one, MAKE SOME NOISE. Send a bug report to the developer. If your developer turns out to be an ***, stop using his/her software.
The procedure is simple. Open "User accounts", click "manage another account", click "add an account". Click "sign in without a microsoft account", then click "local account" and create the account WITH A PASSWORD. I like to call mine root but you can name it whatever you like.
Once the account has been created, edit that account by clicking on it from within the "User accounts" window we opened earlier, and click "change the account type". Make this new user "Administrative" (do not forget the password you set for it!). Then head over to your user account, and lower it from "Administrative" to "Standard User". Done. The changes will fully take effect next time you log out and log back in. From now on, whenever a program wants administrative privileges you will get the familiar UAC prompt requesting elevation, but it will ask you to type in the password of the administrative account you created instead of just asking "yes" or "no". As well as protecting you from viruses with proper privilege separation, this change also has the effect of requiring that you enter the password to make any changes to your computer (install/uninstall a program, change the way windows operates, etc) so you don't have to worry about someone changing a setting on you when you let them borrow the computer.
It's also good practice to turn UAC up to its maximum setting. Search start for "Change User Account Control settings" and slide the bar all the way up to the top.
There. I've invalidated this entire thread about which AV to use. Configure your computer right, leave windows defender in place, don't waste your money or time installing another AV. Spend that time changing your user account privileges.
Feel free to PM me any questions about this procedure or any program that seems to be misbehaving. One common blunder devs make that you should know about is creating start menu shortcuts only for the user who ran the installer. Since you will be running the installer as another user, sometimes only shortcuts will be placed in that other user's start menu. You can either move the shortcuts yourself or create a new shortcut for yourself by finding the program in program files.
The fact of the matter is, if users would just properly configure their environment, you likely would not get many (if any) viruses in the first place. Yes, I put some of the blame on the user- because while neither OEM nor Microsoft itself will configure it for you or even inform you that you really, really should do this, when I tell you the answer I guarantee there will be witching and moaning and a general refusal to do it from many of you.
DON'T RUN AN ADMINISTRATIVE ACCOUNT.
TURN UAC ON.
Do you know the real reason browser exploits are so devastating? It's because every windows user is running their browser from an administrative account and thus any given website can use a flash/java exploit to do whatever the hell they want. If you were running the browser as a standard user, you're much safer. Users are sandboxed to an extent and the vast majority of viruses will not be able to escape the sandbox. Your AV, which is running as admin, will be outside of this sandbox with the power to manipulate contents within in. The virus won't be able to infect/disable your AV or resist deletion. If your AV can't delete it, you need only to log out of your user account to stop all processes associated with your user account.
This is par for the course on linux. How many of you unfamiliar with linux have heard the term "sudo" or "root"? Root is the admin account that every linux distro has, and sudo is effectively the UAC of linux. Because linux devs are generally security conscious, many linux programs will outright refuse to work if it detects that you are trying to run it as root. If you casually use the root account, you will be laughed out of the linux community. So why is it acceptable, or even preferred, in the windows community? It shouldn't be. It's wrong. It needs to change.
Generally, what other people do with their own computers is their business. However, other people running an administrative account affects the entire windows community- so I urge you all to make this change. Too many programs require administrative access for no good reason, and don't support UAC which means you cannot run them from within a user account. Too many devs I've tried to discuss this with scoff at the idea of "wasting time" adjusting their program to be compatible with the security protocols in place, and very rudely dismiss it as not a problem.
Make the switch. Run a standard user. If a program doesn't work properly, or gives you a UAC prompt when you think it should not need one, MAKE SOME NOISE. Send a bug report to the developer. If your developer turns out to be an ***, stop using his/her software.
The procedure is simple. Open "User accounts", click "manage another account", click "add an account". Click "sign in without a microsoft account", then click "local account" and create the account WITH A PASSWORD. I like to call mine root but you can name it whatever you like.
Once the account has been created, edit that account by clicking on it from within the "User accounts" window we opened earlier, and click "change the account type". Make this new user "Administrative" (do not forget the password you set for it!). Then head over to your user account, and lower it from "Administrative" to "Standard User". Done. The changes will fully take effect next time you log out and log back in. From now on, whenever a program wants administrative privileges you will get the familiar UAC prompt requesting elevation, but it will ask you to type in the password of the administrative account you created instead of just asking "yes" or "no". As well as protecting you from viruses with proper privilege separation, this change also has the effect of requiring that you enter the password to make any changes to your computer (install/uninstall a program, change the way windows operates, etc) so you don't have to worry about someone changing a setting on you when you let them borrow the computer.
It's also good practice to turn UAC up to its maximum setting. Search start for "Change User Account Control settings" and slide the bar all the way up to the top.
There. I've invalidated this entire thread about which AV to use. Configure your computer right, leave windows defender in place, don't waste your money or time installing another AV. Spend that time changing your user account privileges.
Feel free to PM me any questions about this procedure or any program that seems to be misbehaving. One common blunder devs make that you should know about is creating start menu shortcuts only for the user who ran the installer. Since you will be running the installer as another user, sometimes only shortcuts will be placed in that other user's start menu. You can either move the shortcuts yourself or create a new shortcut for yourself by finding the program in program files.
Twitter@Firas_MD
New member
Well for me .. I use Avast
Its light weight, power efferent and free. You can't go wrong with that.
Its light weight, power efferent and free. You can't go wrong with that.
IE already has its protected mode and enhanced protected mode sandboxes, Flash runs in its own sandbox as well, so does Java and then you also have things like DEP, ASLR etc. Moreover even admin users since Vista cannot modify files in system directories without agreeing to the UAC prompt. Of course despite this systems still get infected due to bugs in one or more layers but mainly because people have a tendency to click on whatever the heck they want and ignore all warnings that keep them from viewing dancing bunnies or dancing pigs or dancing babies or whatever (apparently nothing trumps cutesy crap!) That said, I do agree with your advice in general about running as a normal user account, but IRL there are always caveats.
Reasons why people use admin accounts and even turn off UAC:
1. I bet 99% don't even know the difference or don't want to repeatedly see password prompts.
2. Even if they do, they use badly coded programs that are not UAC-aware or refuse to run under a normal user account for no good reason at all, and often these programs can neither be replaced nor be upgraded (say the dev refuses to update the program or worse has gone out of business).
3. Windows since forever has created admin accounts by default after Setup. Probably they introduced UAC and downgraded admin accounts a bit but did not make user accounts the default because of the reasons above.
Changing Windows user (and dev) mentality is a massive undertaking. Think about your average clueless users for a moment, for example family and relatives you often provide unpaid tech support for. I actually conducted a real-life experiment once to see how many could survive with a user account. I kid you not, before the week was up I was inundated with irritated and even angry calls about how I had 'broken' their computers, why their computers kept asking for a damn password every so often or why their favourite programs no longer worked, and no matter how much I tried to explain how secure they were now, they just didn't care. When security comes in the way of them actually using their computer, guess what's the first victim? That's why I don't quite agree with your assertion that "whatever "active defenses" your AV claims to have, it's not worth paying money for". The better lot among the many anti-malware suites are the best bet to keep such users reasonably safe while not being too intrusive, and I'm resigned to cleaning their PCs of junk (not just malware but toolbars and other trash) regularly for the foreseeable future.
The one ray of hope for me is those few who've moved on to iOS/Android/Windows RT devices for their computing needs.
Last edited:
link68759
New member
See, I told you I'd get resistance
I did simplify my explanation a bit as my post was rambling on a quite bit. I had my audience in mind, I'm not going to write an essay on security practices here
I know there's some paltry privilege separation between an admin user and an admin user elevated with UAC, created to deal with the issue of everyone and their mother running admin accounts, I know IE, flash and java are all trying to cover their exploits as they happen and create proactive defenses. But I've had a virus bypass EPM, exploit flash and in an admin account it was able to deactivate and destroy windows defender so sufficiently that I could not fix it. There is indeed privilege separation in admin accounts, but any program run from an admin account even without elevation still has more power than a standard account. I've encountered several programs that don't request UAC elevation because they use the manifest to request "highest available privileges"- these programs can operate fine under the "lower privileged" unelevated admin account but suffer access errors under a standard account. Luckily, you can simply elevate them manually and they work as expected.
tl;dr yes there are other security measures in place but that's no reason to forgo additional layers of security.
99% of users don't do anything that would actually trigger a UAC prompt on any regular basis. 100% of users should not have been exposed to such a carefree, unsecured environment in the first place.
But it is true that, because it is the way of things for windows users to simply be admin all the time, OEMs who profess to have set up the computer for you won't dare to ship a computer with a user account.
Most importantly, I think that 7 and 8 have finally gotten UAC down to a refined level where it in fact *does not* pester you incessantly. It only requests elevation when it should, and a normal user rarely would come up against it. Despite our complaints with the number of programs and devs that which won't slide 100% seamlessly into a standard account, the truth is the solutions are simple and the show stopping problems are infinitely rare- and as power users we are more likely to come into contact with that sort of thing than any normal user.
I too have cleaned many a family friend's computer of malware and then set them up with a standard account. With proper explanation, removal and replacements of poorly behaving programs and a warning to consider what they (or their kids) are trying to do before just typing in the password.. I have had no complaints.
Even myself, the power user that I am, run a standard account. I never used to- until it was pointed out to me that I tolerate it on linux, and not windows? What sense is there in that? And in fact Windows is *better* than linux's sudo because UAC supports biometrics, it's really painless. UAC prompt? Swipe finger on the fingerprint scanner. Boom. (Linux too supports biometrics, but it's unrefined, awful, not actively developed garbage).
Yes, knocking some sense into the windows community is going to be an uphill battle. But this needs to happen; the sooner the better.
I did simplify my explanation a bit as my post was rambling on a quite bit. I had my audience in mind, I'm not going to write an essay on security practices here
I know there's some paltry privilege separation between an admin user and an admin user elevated with UAC, created to deal with the issue of everyone and their mother running admin accounts, I know IE, flash and java are all trying to cover their exploits as they happen and create proactive defenses. But I've had a virus bypass EPM, exploit flash and in an admin account it was able to deactivate and destroy windows defender so sufficiently that I could not fix it. There is indeed privilege separation in admin accounts, but any program run from an admin account even without elevation still has more power than a standard account. I've encountered several programs that don't request UAC elevation because they use the manifest to request "highest available privileges"- these programs can operate fine under the "lower privileged" unelevated admin account but suffer access errors under a standard account. Luckily, you can simply elevate them manually and they work as expected.
tl;dr yes there are other security measures in place but that's no reason to forgo additional layers of security.
99% of users don't do anything that would actually trigger a UAC prompt on any regular basis. 100% of users should not have been exposed to such a carefree, unsecured environment in the first place.
Neither does your average Linux distro create your user account for you. The person setting up the computer is assumed to have the knowledge to actually see the installation to completion
But it is true that, because it is the way of things for windows users to simply be admin all the time, OEMs who profess to have set up the computer for you won't dare to ship a computer with a user account.
Changing Windows user (and dev) mentality is a massive undertaking. Think about your average clueless users for a moment, for example family and relatives you often provide unpaid tech support for. That's why I don't quite agree with your assertion that "whatever "active defenses" your AV claims to have, it's not worth paying money for". The better lot among the many anti-malware suites are the best bet to keep such users reasonably safe while not being too intrusive, and I'm resigned to cleaning their PCs of junk (not just malware but toolbars and other trash) regularly for the foreseeable future.
Where better to inform than on this rather technical forum? I think I've explained what it does, I spelled out the caveats pretty clearly. They know how to do it, likely have some technical aptitude and the ability to understand what they are doing. They know where to come get help and most of all they have to opt into it. It's not like, by reading my post I forcibly alter their PCs forever against their will
Most importantly, I think that 7 and 8 have finally gotten UAC down to a refined level where it in fact *does not* pester you incessantly. It only requests elevation when it should, and a normal user rarely would come up against it. Despite our complaints with the number of programs and devs that which won't slide 100% seamlessly into a standard account, the truth is the solutions are simple and the show stopping problems are infinitely rare- and as power users we are more likely to come into contact with that sort of thing than any normal user.
I too have cleaned many a family friend's computer of malware and then set them up with a standard account. With proper explanation, removal and replacements of poorly behaving programs and a warning to consider what they (or their kids) are trying to do before just typing in the password.. I have had no complaints.
Even myself, the power user that I am, run a standard account. I never used to- until it was pointed out to me that I tolerate it on linux, and not windows? What sense is there in that? And in fact Windows is *better* than linux's sudo because UAC supports biometrics, it's really painless. UAC prompt? Swipe finger on the fingerprint scanner. Boom. (Linux too supports biometrics, but it's unrefined, awful, not actively developed garbage).
Yes, knocking some sense into the windows community is going to be an uphill battle. But this needs to happen; the sooner the better.
Last edited:
See, I told you I'd get resistance
The resistance is not due to the advice being unsound, but that in practise it's often simply not possible to implement. Your experience with people you've tried it out with just doesn't dovetail with mine (it's not as if I'm the one in charge of day to day administration of their systems, and the password prompt did come up often enough to irritate them and in turn for them to tell me to "change it back to the way it was before"). Believe me there's nothing I'd like more than to stop repeatedly cleaning systems weighed down by malware and crapware. I fully agree that this change needs to happen but changing people's mindset just isn't as easy as you think. People on this technical forum might understand but even so I bet few will implement it (you're a real power user and look how long it took you), and if that's the case then it's sure gonna take a long time to filter down to the masses.
Last edited:
Stupid question, because I am sure it does (and I will probably look it up after asking); but can the Surface 2 run full Office?
xboxonthego3
New member
Yes. The Surface 2 runs a full office version that is complied for the arm architecture. Office comes with the Surface 2 as well.
Pete
Retired Moderator
No. It runs the ARM touch enabled version of office that is provided with Office RT, not the full Office Suite that you'd download/stream. It's good enough for most purposes though.
Similar threads
Facebook
Twitter
Instagram