Running Windows without anti-virus software

Good analogy, but it's more like running without ABS on your brakes. Anti-Virus is a "safety" feature, not something required for your laptop to run. My laptop runs just fine without it.

@laptopnut: can you give an example? Is there one that you use? Like the one Avast has built in? I'm assuming you're referring to something heuristics related, but tell me if I'm wrong.

 

I am referring to programs such as System Safety Monitor, Appdefend, Regdefend and any other similar ones. Rapport might be worth using as well. Those security programs never rely on signatures, instead they flag up abnormal behaviour and give you the option to allow or deny. For example, if your browser was trying to execute a program without your initiation or a program was trying to send data over the internet or read the clip board or keyboard.

No matter what malware you are at risk from, all of them will try to do something abnormal in terms of behavior whether it be reading a certain registry key, adding themselves to the start menu or trying to execute a program.

 

Well, I am running my NT-based computers for years without "security software".

My strategy is:
Never ever do your work with a privileged account.
Avoid IE6.
Make sure your system and software has latest patches installed.
Disable autorun.
Avoid Adobe Reader and use Flash only if necessary.

Occasionally, I scan the systems with a live CD, and up to now the systems looked clean.

At the moment I am using Firefox together with Adblock+ (many malware comes with hijacked ad servers, so you are absolutely not safe if you only surf on MSN, Yahoo or the NYT. Pr0n sites are sometimes safer ) and Flashblock plugins. Also I am using Opera with "plugins" disabled, Javascript disabled with some sites whitelisted.

And I am experimenting with Software Restriction Policies. Together with restricted user accounts, any malware will be prevented from being executed in case your klicky finger was too nervous

Michael

 

You might be interested in the 'Safe-Admin' project.
Check out the details on WildersSecurity.com link

 

Thanks Bookmarked

Michael

 

Awesome, this is interesting! Thanks!

 

safe browsing in chrome / ff equipped with wot +adblock helps a lot keeping threats away.. only problem is the USB drive. i simply can't plug any drive without scanning it full with avast free home edition and malwarebytes.

if i take out the usb problem..then i dont think i would be requiring any AV for my normal day uses (but how normal they would be without my USB drives :/ )

not having AV helps keeping system speed great. but having 4gigs of memory(which is a normal scene now-a-days), i wouldn't think much about the performance( AV eats ram..am i right? ). and whats the fun if i cant go to suspicious sites (you-know-what-all ) and have some fun with my AV taking care of normal threats

@mic , do you ever face any problem with USB drives ? (i think i might have skipped some pages while reading this thread )

 

Why would there be a problem with USB drives? There are no issues that I am aware of, unless you have set the drive to automatically execute Autoruns.

 

I ran Windows 7/Windows XP without AV for a while without any problems. It can be done presuming you have some internet smarts and use a secure browser such as Firefox with AdBlockPlus and NoScript.

Although I've been using Microsoft Security Essentials for a while now because it's a very lightweight and non-intrusive free anti-virus/anti-spyware solution from Microsoft and since my system can spare the few resources, I just have it as a secondary safety measure.

Nothing can beat internet, computer and common sense smarts when it comes to preventing viruses on your PC.

 

lOl ..didnt mean a problem specific to USB drives.. i meant USB drives being the best carriers for viruses, malware, crapware etc. i just had to post a new thread regarding the same in the forum last night .. finally formatted the USB stick to get rid of whatever the problem was there.

well, how would you make sure when you insert a USB stick in your comp that whether its infected or not or ll infect your PC or not ..??

 

I don't need to do anything to prevent such an infection. Inserting a USB stick will have no effect on your computer, no matter how virus-infested the stick might be. What a lot of people do not seem to understand is that computer viruses are not like biological viruses, that can infect on contact. In order for a computer virus, any computer virus, to "infect" your computer, the user must install it. If you don't install any of the viruses on that flash drive, they won't do anything to your computer.

 

Not necessarily true. The worm designed to take down the Iranian nuclear reactor was a usb jumper that spread from computer to computer to computer by piggybacking inside

 

I've been doing this for a little over a year.

No sign of viruses ever.

knock on wood

 

That's a fairytale. There is no such thing as a "USB Jumper". Well, unless you were naive enough to set your system to automatically execute the autorun script on the stick.

 

Stuxnet has used/is using several different vectors.
Older versions relied mostly on autorun.inf but more recent versions (as of March according to Symantec, link) have used several other ways.
F.i. one in Print Spooler (although it has been known extensively since it was published over a year ago in Polish magazine Hakin9), the .lnk one and more. link.

(Many security software companies have published on Stuxnet, I chose the Symantec ones just as an example.
Eset also have published a report on Stuxnet; PDF link)

 

Yes, I should have added the qualification: "On a properly maintained and patched system". Yes, these are zero-day vulnerabilities, but the probability of getting hit by one of these is extremely low, if you keep your system updated.

 

Very true.
And Stuxnet is aimed at Scada systems. Not at the average NBR poster/reader.

 

I was going to chime in that, yes, it is very unlikely the average internet user will be targeted by such a transferable virus on a USB stick. With autorun disabled, the average user should have no problems with flash drives or other external media. I use the word targeted on purpose to make a point. Highly dangerous viruses are typically targeted at corporate environments for maximum efficiency. The person who made the virus isn't going to waste his or her time with the typical consumer device as a target, no offense to all us average NBR users.

Perhaps part of what fuels the idea that viruses on external media can infect is that newer Security programs have begun building in support for scanning external storage. Yes, you can scan drives for potential threats, but this is really supposed to be used to scan a storage device on which the files are so corrupted or infected that the operating system is no longer capable of running scans on its own.

For those who have mentioned they are not using anti-virus, maybe we should start one of those clubs like Alcoholics Anonymous......Hi, I'm micman, I've been off internet security for a year....

I'm getting some really great suggestions guys, keep it up! The guide will no doubt be thorough thanks to your help.

 

mm... somehow i find it hard to digest .. may be because i didnt know this before [ a par below than an average NBR reader ] well, each time i insert my stick to my pc and avast flash a warning, it makes me feel secure that i have a safe pc here

so you'd say that next time i plug my stick and avast flashes warning and i can still go in-out the drive without getting the virus in my system (?)

if thats the case then i am happy with my browser equipped with wot n adblock

 

Already discussed, delete

 

I finally got a guide/resource up. You can see it by clicking here: http://forum.notebookreview.com/sec...-use-windows-without-anti-virus-security.html

I also updated the first post in this thread with the above link. I hope this thread and the new guide I posted are a good resource, and I can't wait to hear feedback from you guys.

 

The most-efficient replacement to an anti-virus is to use a Windows account without administrative privileges on a daily basis. Most malware can't and won't work properly if they have a restricted access to system files and the registry.

I've been using Windows for years with no anti-virus software and I haven't been harmed. Theses are the rules I recommend:

* Use a limited user account on Windows daily
* Use a separate administrative account for software installs and maintenance
* If you don't want to use a separate account, try tools like DropMyRights or suDown
* Keep your OS up-to-date
* Keep your browser up-to-date
* Keep your browser plugins up-to-date (Flash is regularly a malware vector due to security holes)
* Restrict JavaScript and ads on your browser with tools like NoScript and Adblock

thanks

 

This is blasphemy. We all know you need 3 simultaneous A/V's, a couple software firewalls, and UAC on maximum "are you sure you want to use your computer" settings, AND a shady assassin watching over you.

 

Account privileges are not a solution that replaces an antivirus... plenty of malware can run within user rights.

 

Honestly, I'm thinking about running without an A/V

Benefits:
Less Ram Consumption
Faster Startup
More Battery Life
No more annoying updating

Risks:
Of course, all those nasties that you can acquire without an av (Though a thorough and full scan with Malwarebyte's will find the problem and fix it. Why I think so? A few months back, I lent my friend my computer and he managed to acquire a virus. At the time, I was running Avast Antivirus. Avast was giving me red alerts saying that Malicious content was detected. I ran a full system scan on all the drives and Avast said everything was fine and that the system was protected. I installed and ran Malwarebyte's in attempt to remove the virus. With a simple quick scan and in less than 5 minutes, the virus was found and removed. Lesson: Never lend a mac user your windows PC )

Now, I do plan to have some sort of software that will help me remove any type of virus such as Malwarebyte's Anti-Malware. Windows Firewall will always be on. Mozilla Firefox with ad-block plus, no script, and WOT. Perhaps Sandboxie for additional protection. Has anyone tried this? Managed to acquire a virus? Was battery life and start up improved? I understand that improvements are not significant and the risks outweigh the advantages but if I don't install any software (Other than games I purchase through trusted and official retailers) How will I acquire a virus?

 

if you don't connect to the outside world, you don't need antivirus.

If your connection to the outside world is limited(say browsing only), it may actually be safer to sandbox that in an VM than having anti-virus on the hosting(work horse).

 

Using a VM is definitely great protection but it's hardly practical

 

This is a great first post IMO. I would just add anti-virus software to what you're saying. For me its MSE and Malwarebytes paid version.

 

Been using MSE and Malwarebytes...no problems as of yet.

 

Personally, I would not recommend using Windows without at least a degree of protection (Basic, even).

Why?

Sometimes, becoming struck by Malware is unavoidable, mainly because of the advent of new technologies (such as Clearclick).

Malware is on constant evolution as well, and with new technologies, there may be new ways for it to exploit its way into your system without your knowledge.

Anti-Malware software and measures should be chosen carefully, however, it narrows down to your personal necessities, activities and preferences.

There are several Anti-Malware solutions out there, some are resource-friendly, others, not quite, and there are also, several free alternatives.

For example, I use a software and hardware approach with freeware-only solutions, listed below:

Operative System: Windows 7 64-Bit Service Pack 1 (Up-To-Date and with a trimmed down Services list.)

Anti-Virus: AVIRA Free & Threatfire.

Firewall: COMODO Firewall (Internet + OS) & Router Firewall.

Anti-Spyware: SpyBot Search and Destroy, Malwarebytes Anti-Malware, Spyware Blaster and ThreatFire (Active).

Anti-Rootkit: Hijack This!

Web Browser: Firefox 8.0 (Addons: NoScript, Cookie Monster, Ghostery, Firebug, ProxyTool, AdBlock Plus, FoxyProxy, BetterPrivacy and Click&Clean) with Spyware Immunization lists and JonDoFox profile.

Proxy: TOR and JonDonym.

You should not, however, just install a bundle of software and forget. (A not quite so uncommon thought among dis-informed computer users.)

Prevention and software are merely additions to your own experience, common sense, knowledge and awareness.

 

I haven't had any anti-virus software on my laptop for years. No antivirus, anti-spam, antispyware no nothing. I'm running windows 7 with UAC turned up all the way.

 

about a year or so ago, i decided to try this, because one of the win 7 boards i was on had a guy saying the same thing. it all started well, but within a month i was plagued with spyware, and finally got a nasty virus that ended up making me wipe my entire system. afterwards i started using returnil, and it worked well, but as was mentioned earlier here, it was very inconvenient. i would forget, and make important changes that were erased as soon as i restarted. so killed that, and went back to av and spyware remover.
now, i use a standard account, have avast monitoring and use mwbamw and superantispyware. haven't had a problem in a long time now. avast is light on my system, and it doesn't bother me at all. with today's powerful computers of 16gb of ddr3, and giant dual fast hdd's, why worry about a minimal resource drain. and what do you have to do in your lives, that 20 seconds extra start up time is going to kill you?
i am on a hp dv7, with 600g drive, 1.7gh i7 and only 8gig of ram, and my system runs pretty fast with the programs i listed above running. in two weeks i will have a g74sx with an i7 2670qm 2.2, 16gb ddr3, a 750g 7200 and a 256 ssd. with all that, do i really need to worry about the resources of avast?

 

Running any OS without any security product (yes hello linux & mac osx users) is not secure. There is malware for every OS (hello again to linux & mac osx users) and it can spread so easily without any security products (no you don't have to click an .exe file or browse warez sites... joining a network at work/school/public with one infected machine is already enough + 7800 other ways).

Built-in security products are often a very good start.
E.g. UAC enabled + max settings + using a standard account, Applocker,..

How ever, 3rd party security products often add a lot of protection and have a more user friendly interface. Also they update much faster & more often which makes them less exploitable.

 

Not quite.

 

the major source of getting infection these days are via USB drives i suppose.. via internet, i think chrome n FF tackles them much better for an average user..unless the user decide to meet locals in his/her area..things are pretty much safe on browsing..may i call it secure browsing(?) but given the ratio of more than 50% users r still on IE, i better suggest to have a good AV protection

for me chrome / FF with adblock + WOT does the trick with free version of avast. never had any problem in last few yrs..

mmm..wait..i think last time when i tried updating my malwarebytes.i had a big issue dealing with lots of weird stuff..but then i ran the update when i was sleep walking/surfing the other night my fault..

 

The first that malware was able to bypass were windows fw and uac & default settings. Then after some time they added proactive defense (of e.g. kaspersky) and other stuff.. one month later kaspersky makes an update and the malware didn't work again

 

UAC turned up all the way, Autorun disabled, use a good sandboxing browser and think before you click 'yes' on those UAC dialogs. Keep a backup of your system.

Really I don't think you need a security suite unless you like to allow full privileges to p2p downloaded executables without thinking first.

I'm sure there are ways to bypass the UAC, like by forcing legit software that already has admin privileges to do the dirty work of a virus. A security suite would probably see the suspicious software and halt it.
So Security suites have their use, but not needed for everyone.

 

That's exactly what I wanted to say with my previous post

The problem I see in using UAC as only "defense" (It blocks everything that could harm you on max. settings.. atleast it should block 90% ) is that you either allow the program or don't. Some programs are coded very badly and need the admin rights altough they won't harm you. 90% of setup.exe's will need admin rights. So binding a setup.exe with a virus.exe would have the same UAC warning as a clean setup.exe (and you would press "yes" in both cases) but will infect you.

That's where 3rd party security suites are great. Also I find the UAC-information windows quite useless. I would wish a very detailed information. I want to know what exactly that file wants to do with the admin rights. That would make it much easier to decide if I want to give the program admin rights or not.