Advice from surface pro 3 users needed. what antivirus?

Started Jan 17, 2015 | Questions thread
Jim Cockfield Forum Pro • Posts: 16,338
Bitdefender or Kasperky + Malwarebytes Anti-Exploit

I'd probably go with either Kaspersky or Bitdefender (and they have a variety of products to choose from).

Then supplement one of those with the free version of Malwarebytes Antiexploit (as it uses heuristics to guard against browser and plugin exploits like those that are frequently used against Flash Player to infect your system when browsing web sites).

I'd also make sure to run using a Standard (a.k.a., limited) user account without any Admin permissions. See this article on setting up an account that way:

Setting up a standard user account is as simple as searching for standard user account after clicking on the start button, then following the prompts.

But, if you already have a lot of stuff stored under an existing account, then it's probably a better idea to setup a new admin account first, then just change the account using your existing username to a limited (standard) user account without any admin permissions.

That way, if you happen to visit a web page with malicious code on it that you're not yet protected against, it won't be able to infect system level files (but, even if it can't infect system level files, some malware can compromise the files under a specific user account, so you'll want to protect against that type of infection, too)

You also want to make darn sure you keep your Operating System, Internet Browsers and Plugins (Adobe Flash Player, Acrobat Reader; Microsoft Silverlight; Media Players, etc.) fully updated. That's because as soon as new versions of them are released, criminals are going to "reverse engineer" them to find out what changed, and write new malware that targets vulnerabilities that were fixed in the latest releases.

That means you can become infected by malware just by visiting a web page with malicious code on it if you're using an out of date version of plugins like Adobe Flash Player, etc (with legit sites hacked into on a regular basis, too -- not to mention compromised flash based advert banners that the services providing those adverts to lots of web sites missed the malware in).

Read some of the articles about how the Exploit Kits being purchased by criminals work. They specifically look for what plugin versions users have installed, then infect those systems if they're using out of date versions (with Flash Player being one of the most targeted plugins):

Here's one add-on that can help you keep track of your browser plugins:

Personally, I'm using Bitdefender Total Security right this minute, combined with Malwarebytes Anti-Exploit Free.

There are many other products that do a decent job, too (for example, Kaspersky is another product I'd suggest looking into, as it ranks consistently high in the detection and performance categories, often outperforming Bitdefender in some tests)

But, no Antivirus Product is going to protect against everything, as there is just too much new malware coming out now for the AV companies to keep up with in a timely manner. So, using a multi-layered approach is a good idea, like using other products that can help protect against browser and plugin exploits like Malwarebytes Anti-Exploit.

You can get Malwareybytes AntiExploit here (one extra layer of protection I use in addition to the main Bitdefender AV product I have installed). It's designed to combat exploit code that may try to infect your computer via Flash and other plugins, using heuristics that look at web code behavior versus virus signatures):

So, make sure to install the latest Windows Updates from Microsoft in a timely manner, and install the latest browser versions and plugins in a timely manner; and make sure to run using a Standard (a.k.a., Limited) user account in Windows to reduce the chance of infection.

As mentioned, I'd use good Antivirus Protection (e.g., Bitdefender or Kaspersky products, with excellent detection rates for known and unknown malware, and also have minimal impact on system performance) combined with extra layers of protection like Malwarebytes AntiExploit.

Personally, I also set my router to use a different DNS Server, so that I get a warning if I try to load contents from a page with known malware (as many sites are hacked into on a regular basis, with "drive by" malware planted on them that is designed to infect users just by them visiting a web page).

I use Norton or Comodo DNS servers most of the time, versus the DNS servers from my ISP.

Switching your DNS server in your router means that you do not have any software to install to take advantage of that type of service, as they maintain "black lists" of sites known to host malware on their DNS servers, and those services are free for personal use.

More about Norton DNS services (Norton ConnectSafe) here:

More about Comodo DNS services (Comodo SecureDNS) here:

Basically, you just go to the instruction pages, and plug in their DNS Server Addresses into your router. Then, any computers on your LAN will use the new DNS servers by default.

You can also setup an individual computer (or tablet in your case) to use specific DNS servers (that can be handy with a portable device that you may be using with multiple routers).   You'll find instructions for doing it that way on those web sites.

It's just one more layer of protection I use to help prevent computers from loading pages with malware on them; and again, they're free for personal use.

-- hide signature --


Post (hide subjects) Posted by
(unknown member)
(unknown member)
(unknown member)
(unknown member)
Keyboard shortcuts:
FForum PPrevious NNext WNext unread UUpvote SSubscribe RReply QQuote BBookmark MMy threads
Color scheme? Blue / Yellow