What would be a good "No Antivirus" Windows set up?

I stopped using AV's for 8 years because they became too bloated and privacy invading. So I relied on HIPS, sandbox, firewall and VirusTotal Uploader. AFAIK, I never became infected with malware. On Win 10 I decided to give Win Defender a try and so far it's working smootly and didn't give me any false positives, so I didn't see any reason to stop using it. You can even disable cloud protection, although this will normally lower malware detection capabilities.

 

See, now we are agreeing. Programs don't have to be scanners to protect a computer. Before, you were saying that going without AV was like not having insurance. But now you are saying (in the quote above) the opposite, so now we agree.

NoScript and Sandboxie are not anti malware scanners, they don't depend on updates or signatures to protect the computer but do a better job against zero day threats.

Bill, check this out. Real quick. If you use programs like NoScript and learn how to use it properly, when you browse, when you visit websites, you ll get in the habit of only allowing to run what is necessary to get the content that you want in the website you visit. By doing this, you ll get rid of almost every possibility of getting hit by malware that is embedded in legitimate sites. This allows me to visit any website I want, and even though a site might be infected, I ll come out smelling like a rose. Like nothing happened. At the same time, next guy that visits the website, will get hit, and perhaps be infected. And he uses AV, and MB and runs scans with this and that every week, while I dont do any of that.

Regarding the infected mail from the coworker. If you use webmail, and run the browser sandboxed, on top of NoScript, you ll also be protected by Sandboxie. NoScript blocks and Sandboxie contains. Is very hard to top protection like that. Is a high bar. By default, Sandboxie protects the file system and the registry. By using Sandbox settings, you can set things up so your personal files and sensitive folders and files be unreachable to programs running in the sandbox. If the malware cant read it, it cant steal it. That is with webmail. On the other hand, if there is a mail client involved, all works the same but NoScript would come into play only if the users clicks on a link.

Bo

 

I agree. It really is not that easy - these days. That's why I say all sorts of extra layers of security with 3rd party programs is not necessary. Keeping the OS current, using Microsoft Defender, and avoid being click-happy on unsolicited links works just fine for the vast majority of users out there.

I wish others would just give it a chance. Odds are they would come to the same conclusion you and I have.

No. That's not what I said. I said, "running around without an anti-malware solution is like driving without insurance." And I later said, part of which you quoted, that your 3rd party software is an anti-malware solution, even if it does not say anti-malware in its name.

So I am not saying the opposite at all. I just did not make myself clear at first. So I say again, my bad.

 

Ah, so you too are currently tolerating Defender. OK, I recall that you did recently start with it. Very nice.

Yeah, the common thread to an AV-less setup seems to be virtualization, something I did not utilize back then. Truly, nowadays, it must be easier to keep Defender disabled and not have the operating system be sliding due south eventually because this was a problem for me back in the day. Since I'm a very low-risk user, machine performance supersedes security as a priority. But I can make a mistake like the best of them, so some kind of security software/s is a must. Doesn't have to be "anti-malware" strictly speaking.

I'm using Defender on sufferance actually, since it's not interfering w/machine performance at the moment. If it was, I would shut it off and go without, I spent enough on PC hardware to have to settle for a glob of software gumming things up.

This is my mindset. Others have theirs, it's fine.

 

Got it now. Perhaps it is my fault that I didn't understand what you meant in the earlier post.

Bo

 

I agree. I just don't like MD so I prefer using some other solutions. For people that like it it should be enough - even if they never encounter malware.

 

But isn't that a good thing? I think it is.

Way back in the day, computers were only for enthusiasts. In fact, they started out as kits sold through magazines like Popular Electronics. Only geeks had them. My first computer was an Altair 8800.

Fast forward 45 years and today, computers are simply a necessity of life. People expect them to work just like any other "appliance" in their homes. And that's how it should be. Users should not have to be computer and more importantly, security experts to use their computers.

Microsoft has put a tremendous amount of resources into W10 to make it a hands-off product. And if users would just leave the defaults alone, it does a very good job at being just that. It will keep itself updated and it will keep itself secure. And for the vast majority of users, it does that very well without incident.

The problem as I see it is there is still a lot of geek in many of us. We got used to being able to tweak and dink with every aspect of Windows.

One of Windows greatest assets was its flexibility.

But...

One of Windows greatest liabilities was its flexibility.

The problem there was, people would tweak and dink Windows to death, then blame Microsoft for Windows breaking. And they would blame Microsoft for allowing the bad guys to infect their computers.

So Microsoft decided to put security ahead of flexibility (and legacy hardware and software support). And frankly, as a tech, I applaud them for that. As a geek - well, there's still Linux.

And I'm perfectly fine with that. I like Microsoft Defender. First and foremost, it works. It is not intrusive or a resource hog. And it is already in there. And it demands none of my attention either.

But as I tell my clients, use what they want and like. I don't care. Just use something and keep it (and Windows) current.

That said, since MD really does just sit out of the way and runs way back in the background, not sure what it is you don't like about it. I never see it, except when it momentarily pops-up a notification bubble telling me it scanned my computer and found nothing. And I could turn that notification off, if I wanted to.

I've said before, I used to be very hands-on. But then I decided to configure my computer like most of my client do - which is with the Windows defaults. I soon realized I didn't need to be (or miss being) hands on to keep my computers running optimally or securely. I guess that's one reason I like MD - I don't have to do anything special with it.

 

Some scans for new files of portable apps I plan to run for testing or keeping I use Emsisoft Emergency Kit but mostly uploading a file to VirusTotal.

 

It would be nice to see an answer that addresses the actual question asked by OP. There are a couple but with so many stoics out there who say no av for me, Im surprised at how few answers.

 

Voodoo Shield and OsArmour...boom.

Shadow Defender and Macrium Refelct... Double Boom

 

I don't know if you consider my answers as one of the couple but here it is, short and easy....

If you don't share the computer with other people, if you don't plug other people's flash drives, and if you don't install programs (run executables) on a regular basis in the real system like most users do, then..

NoScript and Sandboxie is more than plenty security, with a high level of usability and convenience (the latter is, as long as the user learns the programs and knows what he or she is doing).

Bo

 

I did in post #2 above.

I note the OP considers himself an "average" user. Not an expert. Therefore my advice stands. If no anti-malware solution will be used, keep that machine off any network that has Internet access.

 

Fine combo My signature-less setup is quite similar but more unifed...focused in actualy in two applications.
Shadow Defender - exactly the same
Sbie, SF and TW - most of their features I have in SpyShelter FW and additionaly some others ones.
And like @bo elam I'm still using NoScript on Firefox.

 

Here uBo on ultraspyware Chrome lol

 

Actually I need to correct myself, I didn't use any AV for more than 10 years. I just didn't trust those free AV's, I didn't like the idea of cloud based AV's. At least with Win Defender you can turn it off and I'm already using Win 10 so I have no choice but to have at least somewhat trust in Microsoft.

Yes I was pleasantly surprised by Win Defender. But I don't really agree with your analysis, if M$ really cared so much about its users and wanted to avoid bad press, then Win Defender (MS Security Essentials) would have already been of a good quality in Win 8. But it always performed badly when it came to performance and malware detection. It wasn't until M$ decided to get a piece of the pie of the IT security market when they improved Win Defender. And from what I understood, Win Defender ATP has been a huge success.

It's very simple, if you really don't want to use any AV for both realtime and on demand scanning then you could use VirusTotal. For behavior blocking you could use SpyShelter and for anti-exploit there are several choices like Sandboxie, OSArmor and HMPA. For data protection you could use Secure Folders and don't forget about TinyWall or WFC to control outbound access without any alerts.

 

you might want to add a backup sw to that list, preferably mac-ref.

 

Oh yes I missed that, Terabyte Unlimited Image for Linux here.

 

I see no reason not to trust Microsoft - at least in this area.

For one, it is their OS. Who better to know its vulnerabilities and how to protect them from being exploited? For another, they know its their neck on the line and if they fail to protect it (and us) the IT press and MS bashers will be merciless and relentless in their criticisms.

That said, you do have a choice. Microsoft Defender will gracefully step aside if you install a 3rd anti-malware solution.

 

Slide Sandboxie in for good measure and Triple Boom

Looking forward to Voodoo Shield's new GUI and with what i'm currently running in security it may seem overkill but i always been a proponent of LAYERS (as long as the machine performance isn't stressed) So far so good for years.

Shadow Defender is the Ultimate light virtualization and still quite formidable.
Image Backups are of course the absolute failsafe