Why do some people (try to) avoid using AV software

  3GUSER

    Jan 10, 2010

    Jan 10, 2010
    As a classic protective mechanism we all know that antivirus and firewall are the very basic needs . We all know that nowadays antivirus software is not just plain antivirus software . Most are suits and include more than just scanning.

    In the forum here I see some people who (at least try to) avoid using antivirus software and use other things like just router and sandboxed browser , or HIPS and very "sticked" OS , or just on-demand scanners ...

    You can still use the above mentioned tools and programs in addition to antivirus software . My question is : why do some people don't use antivirus software at all - the most classic and still current way to help protection the computer ?

    Don't get me wrong - antivirus only is not enough but is IMO a very important part of the whole thing , of the whole "suit" .

    Don't answer to me directly - Let's make it a good discussion :)
  Kerodo

    Oct 5, 2004

    Oct 5, 2004
    One reason is just the drag and overhead on the system. When you run AV software, there is always some impact, even if slight. My personal view is, the less resident software you run, the better. That's why running without an AV is appealing to me. Just less overhead, and less to worry about....

    Also, with Win 7 x64 under LUA/DEP and with a good browser, it's questionable whether an AV is even needed at all.
  3GUSER

    Jan 10, 2010

    Jan 10, 2010
    But running anything (whatever) 3rd party - you name it , will always add some impact. With the power of today's computer how important is the little impact of the security product when it gives you better security ?
  J_L

    Nov 6, 2009

    Nov 6, 2009
    Not all programs run in the background and automatically starts up, an AV definitely does that to provide protection.
    Plus, not everyone has modern hardware

    As for the better security argument, that depends on the user. Advanced users that browse safely do not need AV's imo.
    Also a proper sandbox/virtualization or system hardening with whitelist definitely beats antiviruses.
  Cudni

    May 24, 2009

    May 24, 2009
    I think there is a minority of people who don't run an AV. That minority has grown from years ago but still is a minority. As people learn how to control and secure the computers more and more as well as being more aware of the dangers and how to avoid or thwart those, some of them can actually do without an AV.
  MaxEntropy

    May 21, 2009

    May 21, 2009
    It's perhaps not the Wilders members who eschew AVs that one should worry about. What about the hundreds of millions of people who lack the basic security to prevent their PCs from joining the massive botnets that we continually hear about? Maybe it's primarily due to lack of knowledge. Maybe it's also due to lack of money to buy security products. Whatever the reason, it's a huge (and growing) problem.

    Whilst knowledgable people on this forum evidently run their PCs securely without AVs, the unequivocal message to the average PC user should surely be to use an AV or (better still) a security suite.

    This is a message that a few knowledgable people can quietly ignore for their own machines. But I'd suggest that this is the message one should give to less experienced people, who are the vast majority of PC users.
  ALookingInView

    Sep 14, 2009

    Sep 14, 2009
    What sites are safe?
    Perfectly "safe" sites have been compromised with malvertisements and so on and you can bet that it's only going to get worse with time.
  JerryM

    Aug 31, 2003

    Aug 31, 2003
    I read a lot about drag on the system. I supose it may bother some, but I have never been concerned, and wonder what folks do that they are so bothered about an AV.

    Now with RAM at 6-8 gigs I cannot imagine what the problem would be. However, if the choice was to have less security and less draq I will take the drag.

  ashishtx

    Oct 7, 2005

    Oct 7, 2005
    AV software in general impacts the system in one way or other (Start up time, slow internet speed, lag during the start of the program). I used to love trying Av software but once I stopped using them, I do not like them on my system anymore.
    With experience and knowledge, it is possible to run the system "safely" without Av software.
  Nightwalker

    Nov 7, 2008

    Nov 7, 2008
    Are you talking about drive by infections? How can a advanced user with updated software ( Windows 7 + LUA/DEP , Internet Explorer in Protected Mode , Opera ...) be infected now days? For me drive by ,today, is a free marketing tool for security vendors.

    I use antimalware solutions just because my system can handle it so well.

    Ps: Windows 7 rulez , in my opinion of course :D
  Boost

    Feb 2, 2007

    Feb 2, 2007
    I havent run any Av for 2-3 years now. No malware to speak of on my system.

    I've always prefered the simple setups and thats what I use :thumb: with never an issue or regret.

    Have a good day!
  wtsinnc

    Oct 3, 2008

    Oct 3, 2008
    My computer is a relative dinosaur by today's standards; a nearly five year old Dell E-510 using a Pentium 4 630 Prescott CPU and 4gb of RAM.
    Not for a boost in performance but purely out of curiosity, I stopped using a resident AV or AS months ago; almost a year, in fact.

    With NoAutorun, SandboxIE, WinPatrol Plus, Keyscrambler, and some common sense, I've run XP Home Edition SP-2/IE 7 with no antivirus or 3rd party firewall.

    I have Malwarebytes installed as on-demand only.

    Not to say it can't happen, but if it does I have stored images via Paragon as well as Macrium.

    I use CTM.
  justenough

    May 13, 2010

    May 13, 2010
    As someone new to Windows, I am trying to figure out the answer to your question for myself, and am interested in the answers here. I am still working to get my system as stable as possible, and I have noticed that the more software I have installed, the more potential problems.

    For instance, I am getting an event ID 7000 pointing to remnants of Nod32, which according to what I have read don't uninstall completely on 7 x64. Now I have to figure out how to get them out of the system.

    But relying on Sandboxie and common sense doesn't seem to be enough for me, because I trusted a wargame demo from a well-known company and it had a trojan, so there was nothing Sandboxie could do about my lack of common sense.

    And even though I built this computer a few months ago with a fast multicore and really fast 4GB memory, I notice a slight browsing slowdown with realtime AV. So I now think I will need to use an AV, just the lightest one I can find that will do the job.
  ALookingInView

    Sep 14, 2009

    Sep 14, 2009
    SBIE is not able to distinguish good from bad.
    I don't understand the SBIE-only guys, unless they go out of their way to scan each and every file they download with a good on-demand scanner.
    I'll take the minimal drag of a resident AV over being bothered to initiate an on-demand scan everytime I choose to recover something from the sandbox.

    I really don't know the answer to the OP's question as I've never felt it necessary to go commando.
    I'm sure each individual has his or her own reason(s), but to me it just seems like just another e-_____ (male reproductive organ) thing.
    Ask yourself how many times you've seen someone on a forum, security or other, brag that they don't use an AV because they "don't need one", "have never been infected", "use Common Sense 2010", etc.
  Meriadoc

    Mar 28, 2006

    Mar 28, 2006
    I think for me, Cudni hit the nail on the head some what.
    edit: more though I must say and maybe not with approval I don't believe in av. Paying out for sigs, not being able to remove an infection I'm sure we've all seen, an example highlighting av failure tdl/tdss daily rebuilds make av fail miserably.
    Last edited: Jun 27, 2010
  ALookingInView

    Sep 14, 2009

    Sep 14, 2009
    Paying for gas, not being able to change a tire on its own, highlighting design failure, newer enhanced models being released all the time make current cars fail miserably.
    Yet you drive, right?

    Let's get realistic here for a moment.
    How many of your scenarios are actually likely to play out and about how often would that be?
    When's the last time you've actually known anyone to be infected by one of these scary new zero-day rootkits?
    Yeah, I suppose a couple of your scenarios could happen, but the chances aren't really that great.

    Edit: I wish you a speedy recovery.
  Keyboard_Commando

    Mar 6, 2009

    Mar 6, 2009

    ^^ that is exactly what I do. I scan every file I download into the sandbox. No problem. Right click scanning as and when needed works for me. Obviously the danger is forgetting to do it. And I have.

    You're right about the boasting thing. But why not? who doesn't get a bit of a buzz when you see people spending a lot of money on AV suites. And you're able to tweak OS settings or use highly recommended applications ... applications that are often lesser known to the wider public.

    Through excellent internet forums like this one I found out about an application that requires 1) a one off payment - for a lifetime license 2) is a multi functional application 3) that keeps crapware off my computer ... you can't help but feel a little bit smug sometimes.

    I think if anyone really wants to save themself some money they can achieve it through effort. Spending money on an AV for me is now just wasted money.
  bo elam

    Jun 15, 2010

    Jun 15, 2010
    I love Sandboxie but I think the anti virus on real time is the better and
    safest approach and I say this even though I know that it can be done
    because I have gone at times without it. On my system it makes sense
    to have it real time because it does not slow me down at all and I rather
    not use the on demand scanner for every download.
  MaxEntropy

    May 21, 2009

    May 21, 2009
    Dymuniadau gorau, Meriadoc. Iechyd da pob Cymro...
  Meriadoc

    Mar 28, 2006

    Mar 28, 2006
    Not something I'd choose to compare with.
    My intention exactly.
    Everyday unfortunetly, have a look around.
    Maybe not for you or I. Btw what scenarios?
  MaxEntropy

    May 21, 2009

    May 21, 2009
    I know what you mean, but aren't some of them free? Hard to see where the feeling of superiority comes from there.

    My security suite (kaspersky) doesn't actually cost an arm and a leg anyway. About GBP12 at Amazon using one of their offers (3 PCs for one year). Not free, but not far off it. Mind you, I'm a sucker for Sainsbury's bogof bargains too.
  Meriadoc

    Mar 28, 2006

    Mar 28, 2006
    @MaxEntropy thankyou, thankyou very much!
  Malcontent

    Dec 30, 2005

    Dec 30, 2005
    Cleveland, Ohio USA
    Also remembering to keep your on demand scanners updated can be an issue.

    With an AV running in real-time, it won't forget to scan every file and will keep itself updated regularly.

    Also, I've come across malware that was VM aware. It could detect that it was being ran in a virtual machine -sandbox. When it detect it was running in a virtual machine it would not deliver it's payload. But run it on a real machine and it would deliver it's payload.

    I submitted the malware to anti-virus venders and they would reply that the sample was either damaged or not malware. The venders were of course were running the malware on virtual machines. It tooks several submissions and emails to make them realize that the sample wouldn't deliver their payload while running on VM.
    Last edited: Jun 27, 2010
  MaxEntropy

    May 21, 2009

    May 21, 2009
    Ar groeso, 'wasu.
  Meriadoc

    Mar 28, 2006

    Mar 28, 2006
    ALookingInView, let's look at tdl/tdss for one moment. Hard to detect and hard to remove. Now it was heavily pushed around at sharing sites up to 4 times a day with different builds at one point, places you can get serials, cracks, keygens and porn sites...it is still a big problem and needs specialist tools to remove.

    If you don't think anyone is getting infected by the rootkit then you are misinformed - as I said take a look around the malware removal sites.
