The UAC doesn't really protect against malware, it's more of a measure for an admin to protect important parts of the system from users. As such, I would highly recommend enabling the password protection on it with the use of that registry tweak that you can google to find. I don't like windows defender. It doesn't just deal with the threat when it catches things anymore. To actually deal with a threat that it detects you need to open the interface to "start actions" and quite often, you get an error after doing that. If you're looking for a good antivirus. Bit defender is pretty decent, but has the same weakness to unknown threats that windows defender does. Voodooshield is an excellent addition to any setup. And that one I would highly recommend paying for. 1. It supports the development of a good product that still works just fine even if you're using the free version of it. 2. paying for it unlocks the password protection feature, which serves to add another layer of tamper protection to a lot of critical system components that that UAC also protects when password protected, thereby locking the system down even more. If you're looking for a good standalone product, comodo is damn good, even if their virus database isn't. See, comodo gets lower scores in a lot of reviews, but those reviews never talk about all of the other stuff that comodo has to make up for that lack of antivirus scan detections. I've made posts elsewhere on here about how to configure it so that it won't give you any "yes/no?" alerts. Anyway, this thread is about SecureAPlus, not either of the other two whitelisting products that still offer free versions that work.