

Does anyone here run their PC without antivirus? - leoncrutchley

I know a few people who are so religious about avoiding unknown links and freebie downloads they feel confident to avoid using any AV. Any one else tried this approach?
======
Spoom
I run Linux now so it's a moot point, but I survived for years without any
infection or malware running Windows without an AV solution. It's all common
sense really. Of course, if you have a system where it can be used by the
public (or family members that don't know at least two programming languages),
you should have some sort of protection.

~~~
ohashi
With the new ways people come up with to attack computers... I just would
never be that confident. Sure, don't open attachments and execute stuff from
unknowns that look phishy. Don't click links from emails. Don't download
sketchy software.

But what about something like malware attacking you from an adserver that
didn't happen to get blocked by AdBlock or Ghostery and you're not running
NoScript or you whitelisted the domain (perhaps supporting a company you were
happy to help support from ads).

~~~
meowface
>But what about something like malware attacking you from an adserver that
didn't happen to get blocked by AdBlock or Ghostery and you're not running
NoScript or you whitelisted the domain (perhaps supporting a company you were
happy to help support from ads).

Assuming you are talking about a fully silent "driveby" on a modern browser
like Chrome: There's a very good chance such a dedicated and advanced attack
will also bypass all AV products at the time you are infected. To this day
it's still quite easy to bypass any AV if you know what you're doing. If the
malware author himself (I'd say "him/herself" but I have encountered very few
female authors of advanced malware, Joanna Rutkowska being the only exception
I can think of) is the one launching the browser exploit campaign, he likely
also knows full well how to get it past any AV.

Personally, I run AV just as a simple "stupidity guard" for myself. I would
pretty much never get infected with malware through regular browsing; I work
in information security and fight malware daily. But there's that chance I get
really drunk one day and do something stupid, so it's nice to have.

------
ig1
It's basically a catch-22 situation, if you don't run a (good) virus checker
you have no idea if you've got a virus or not.

It's not like in the 90s where viruses would just destroy stuff and taunt
users, modern viruses are often silent stealing data or turning machines into
sleeper cells on bot networks.

Viruses no longer rely on downloads to spread either (downloadable software is
in a death spiral), they now commonly spread through zero-day exploits in
browser software and extensions (flash, pdf readers, java, etc.)

You don't have to visit dodgy sites either, many viruses are spread through
legitimate ad networks or compromised web-servers (hacked wordpress installs
are often used).

Any software on your machine that handles data received from the outside world
(including games, word, skype, etc.) is an attack vector.

If you're not running a virus checker you're essentially just hoping you'll be
lucky. Being careful will only take you part of the way.

~~~
lgieron
I thought that novadays even the AV companies admit (off the record) that
they've lost the battle, and cannot really do a good job detecting the more
sophisticated viruses?

------
whiskers
I haven't run any anti-virus software for at least the past ten years either
at work (Ubuntu), on my laptop (OSX) or at home (Windows 7).

To the best of my knowledge I've never succumbed to a virus and have certainly
never seen any indication that I have!

I'm cautious with what software I choose to run and do cursory checks of links
in e-mail/online. I really only run business related software (Sublime Text,
CS Suite, Browsers, Autodesk Inventor, Eagle CAD, etc) and any games I do play
(rarely!) are via Steam.

All machines are used regularly depending on where I am and what I'm doing.
I'm the only person who uses any of them. I generally only re-install when I'm
replacing a machine or substantially upgrading it (perhaps once a year or so).

------
antino
Yes, I'm one of those people. Of course, avoiding dodgy links and free
downloads can only do so much to protect you. What about all the random flash
drives we put into our computers on a whim?

I do admit, I'm kind of ashamed that I don't protect my computer better - but
many AV solutions hog resources and just slow my computer to a stand-still. So
I just forgo them altogether. Running on Windows 7 or 8 does enable the
Windows Defender program by default, though, I believe. And at first glance,
it doesn't seem to be that bad a setup (admittedly, I haven't looked into it
much)

------
MatthiasP
After 10 years of not having a single positive detected by my anti-virus
program I uninstalled it. If you already have a certain amount of PC knowledge
it doesn't really improve your security any more. AV-scanner find the kind of
malware that spreads via e-mail attachments or warez downloads and those can
be easily avoided. And if someone is really after you with a hot new exploit
your anti-virus is probably the last to recognize it.

------
akulbe
I regularly switch between Linux and OS X. I don't run any AV, and haven't for
years. (on either of those platforms)

On Windows, some customer stuff scans for updated AV, so I have to run it
there.

I'd venture to say, you can avoid 90+% of viruses simply by using webmail, and
not being foolish with what you click on. If it looks suspect, it probably is.
:)

------
hackuser
Many system admins I know don't use AV on their personal computers.

My thought is that a properly secured computer and network are far better
defenses than AV. If you add to that system an expert user then AV becomes
mostly useless, creating more problems than it solves.

I think NoScript and Request Policy are much more valuable to my security than
AV.

------
majurg
The only AV 'software' I use is Common Sense™. That and frequent backups have
been pretty effective so far.

YMMV though...

------
ja27
I'd be reasonably confident running Chrome with almost every plugin
(especially Java and Adobe ones) disabled. It's been a long time since I've
had any AV alert when running that way.

I do keep a copy of Firefox with Flash and Java installed so I can manually
"whitelist" a mostly trusted URL to that browser if I need it.

------
pmiller2
I don't use AV and never have. I've never gotten a virus, or anything worse
than a driveby exploit that hijacked my browser's home page, and that was
years ago. I do semiregular malware scans, and they always come up clean, so I
don't worry about it on a regular basis.

------
BorisMelnik
I run windows and do not use an antivirus.

I monitor all files in the filesystem, and all incoming and outcoming network
connections.

I have gotten viruses and malware, mainly adware in the past but have always
been able to manually remove them.

~~~
tobylane
What do you monitor with and for? What do you remove the malware with?

------
kohanz
I've been doing this for years and it has _never_ caused me a problem. I'll
leave it up to the masses to judge how much of that is luck or stupidity.

------
emerson_
Yes, Windows XP without antivirus for more than 2 years. Once a year I install
an antivirus, full scan all drives, and then uninstall it. I never had any
problem.

------
jeffhod
I use Avira, it's free and pretty solid!
[http://www.avira.com/en/index](http://www.avira.com/en/index)

