Battle Life without AV?

uduoix

Level 5
Thread author
Verified
Oct 14, 2015
236
I'm thinking about ditch AV software. I didn't get infected since win7 or maybe win vista and i can't even remember last time AV blocked malware. I don't crack games, don't visit warez sites/forums, porn sites etc.. I use Chrome with ublock origin and malwarebytes. Do you guys think ditching AV is good idea or not? i do daily backups on cloud services (onedrive and pcloud) and on external disks.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Agree.
@uduoix
...
-Install Sandboxie Free and use it always (also for open documents).
...
There are some problems with Sandboxie free as a primary protection. The user has to:
  1. Install the new applications in the sandbox - some cannot be installed in this way.
  2. Analyze what is running in the sandbox, and which files were dropped or changed. It is much easier to do when the application is installed in the system (not in the sandbox) and is executed in the sandbox.
  3. Remember to open the files via the right-click Explorer context menu and choose the sandbox option.
  4. Remember to use only one sandbox at the time.
The points 3. and 4 can be skipped when using the paid version. Furthermore, some applications can open very slowly in the sandbox. There is also a compatibility problem with Windows Updates. For example, the current version does not work with Windows ver. 1809.
 

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
There are some problems with Sandboxie free as a primary protection. The user has to:
  1. Install the new applications in the sandbox - some cannot be installed in this way.
  2. Analyze what is running in the sandbox, and which files were dropped or changed. It is much easier to do when the application is installed in the system (not in the sandbox) and is executed in the sandbox.
  3. Remember to open the files via the right-click Explorer context menu and choose the sandbox option.
  4. Remember to use only one sandbox at the time.
The points 3. and 4 can be skipped when using the paid version. Furthermore, some applications can open very slowly in the sandbox. There is also a compatibility problem with Windows Updates. For example, the current version does not work with Windows ver. 1809.
Hey Andy,

I was referring to browsing and docs mainly, not setups. However remember that if a malware accidentally run in the sandbox it cannot make damages in the host machine but the problem is that it could connect to internet (this is why is important firewall and network protection).
 

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
541
Using AV is like wearing bags by women (men sometimes?)...you can find there everything what you need but also a lot of things that are useless for most of us...although not for women :) Such bag seems to be useful but it's not to comfortable and actually allways you have to think about it. But if you are smart person...if you have some knowledge and can predict consequenses your activity...if you act in reasonable way - you will realise that not all such things are necesary and all needed/useful things you can carry in pockets :cool:
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hey Andy,

I was referring to browsing and docs mainly, not setups. However remember that if a malware accidentally run in the sandbox it cannot make damages in the host machine but the problem is that it could connect to internet (this is why is important firewall and network protection).
Understood.:giggle:
The problem with the Internet, can be solved for applications which do not need it (document editors/viewers, media players, etc.). They can be opened in the separate sandbox, with the blocked Internet connection and some other important restrictions.
On Windows 10, the SmartScreen can be used to check if the installer is OK (files downloaded by the web browser).

For the simple software configurations the free Sandboxie version should be enough. For more complicated configurations the paid version will be required because of the free version limitations (one sandbox may be used at once, and applications cannot be forced to run automatically in the sandbox).

The problems with system incompatibilities can be avoided when using the wireless Internet with a metered connection.(y)
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Op didnt mention is he/she using ssd or hdd, and talking about kaspersky slowing down pc compared to run without protection

You could first upgrade to ssd atleast

Probably panda/ immunet to replace kaspersky and add either comodo firewall or syshardener in my opinion wich i would find light

Thread is already full of good opinions and alot to choose from, but it seems OP is more than average joe so any decision will do
 
G

Genux

Windows are prone to malware. I use the default anti-virus on my HP laptop because Microsoft thought it was necessary. On iOS there is no AV, because users are protected and don't need it.
 
  • Like
Reactions: bribon77
L

Local Host

Windows are prone to malware. I use the default anti-virus on my HP laptop because Microsoft thought it was necessary. On iOS there is no AV, because users are protected and don't need it.
Protected from what? Both OSX and Linux have more holes than Windows 7 to 10 combined. Your only luck is the extremely low market share, which make it unworthy to create malware.
 

notabot

Level 15
Verified
Oct 31, 2018
703
All Windows is partially a Museum.

Sure, but ActiveX chapters are removed even from the reprints of books on ATL ( which is in the museum of development on its own ). COM cannot be decommissioned anytime soon because they effectively reintroduced the runtime a few years back but ActiveX - I’m not sure if it’s even supported anymore
 

normalizerx

Level 2
Oct 9, 2012
124
If you're gonna be curious, better just learn Linux or BSD.
Used to have dual boot for some time, tried a couple of distros - Ubuntu and Arch based but still not a 100% alternative for me, especially in the audio field. On my Win10 PC I use the built-in security tweaked together with NVT OSArmor. Istill do not feel comfortable without a signature based AV real time.
 
D

Deleted member 178

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Well, another saying goes: If it is working, fix it till it's broken.
The problem is, every AV breaks Windows. Some experts recommend not to use 3rd party AVs at all. Network protection breaks SSL and thus lowers its security, even replaces it with its own certificates making it more vulnerable to MITM. Also each AV runs with system rights and a vulnerability within AV gives malware system rights as well, though those malware seem rare. A few years ago, only 1 out of 26 AVs was 64-bit, yes it was Windows Defender, taking advantage of patchguard, the 3rd party AVs were too lazy to implement it, because it takes too much work. Not sure, how many AVs are 64-bit these days, most are just 64-bit compatible, but still not with fully implemented Windows 10 security features.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Not having Antivirus in real time for many is something psychological, when you get used to not having AV you do not miss it anymore. It has happened to me too.
The thing that makes me nervous is that many modern malwares are so good at hiding, you won't know it's even there, if you have no resident AV. So it could be exfiltrating your private data the whole time, unless you run frequent on-demand scans.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top