I know which human behavior you were eluding to, so wear protective gear when you do that so you won't catch anything. Now Windows is much more secure than it used to be. Windows 7 is pretty good on it, and it contains a bidirectional firewall. They finally got the warning message of Steve Gibson and other security experts that outgoing firewalls have value too. Incoming helps reduce hacking attempts, while outgoing helps reduce information leakage and reduce it from installing more stuff from the web, if by chance malware does get in. That is not a guaranteed solution, since malware writers work to hone their skills.milon wrote:That's a VERY unsafe practice, especially with a Windows platform. (I could make an analogy relating viruses and human behavior, but I shall refrain.) Also, how would you know that you don't have any viruses? You have no way of detecting them. I really hope you don't do anything financial with that computer, like online shopping or banking. o_O
Also, a lot of ISPs block the worst abused ports and try to stealth most of the rest. So that is a firewall too in a lot of cases, in addition to the NAT routers that so many run or are given by their ISP. Then there is Windows Firewall. So you may have up to 3 firewalls that you didn't specifically install (the ISP filters, your router, and Windows Firewall).
Also, since XP, there has been DEP. That helps prevent certain types of attacks, but it functions best with the right hardware. In 64-bit mode or 32-bit PAE mode, the CPU itself is incapable of running certain types of code (assuming the no-execute feature is correctly implemented in the OS and software). Again, this is no magic bullet, but it certainly reduces the attack surface.
Then a lot of "bareback" computing can be done if you avoid certain sites and apps. I had a friend who kept getting stuff under XP. It turned out she was going to porn sites and running file-sharing programs. Also, the Pentium 4 lacks the no-execute instruction. I tend not to run AV programs and haven't had problems in years either. Also, I make various tweaks, like disabling all network stuff I don't need, and manually inserting DNS servers I prefer. Since I run only one machine, there is no need for file and printer sharing, the messenger service, or any of that to be enabled or running.
Often, you can get by with disabling Scheduled Tasks, as it tends to keep ports open. Instead, someone could add the RunIdleTasks command manually or add it to a boot entry. That way, the prefetcher will still work (since the scheduler is what does the maintenance for the prefetcher, despite having no entries for it - hard coded).
I do wonder what would happen if an AV could be OS-specific and tied in at such a deep level that malware couldn't tamper with it. In the more bulky AV programs, about all you have to do to infect it is disable the "watchdog" or "supervisor" service for the entire package, change the registry start bits in case it is set to reload, kill the apps connected to if they don't end on their own, and then run your own infectious code. Of course, to do it like Microsoft, they usually automatically run the latest copy of Windows Defender. It isn't everything, but it scans for the worst ones that are still around, and probably only scans within the OS files. In a way, it is like bathing once a month. Still, that is better than doing it annually or not at all.Antivirus is beyond the scope of the ReactOS project. The project aims to create an operating system that is binary compatible with Windows NT. The goal is that you'll be able to install any Windows anti-virus software on ROS such as Avast!, AVG, Norton, etc. The same likely goes for firewall software, although newer versions of Windows have some level of firewall ability so ROS may one day have a mild firewall ability too.
Keep in mind that Intel stuff seems to be the leader at the moment. I think the latest AMD stuff is better than the Pentium named chips, but they don't hold a candle to Core i7 and newer. Of the AMD stuff, the AMD FX-8120 Eight-Core is about the best bang for the buck. However, the latest Xeon can outperform it about 2.5:1, according to Passmark (if you don't mind paying over $2K, though 16 threads are nice).Maybe your system is underclocked? The last computer I build had a 2GHz processor, but it was set to run at 1.6GHz (I think) by default. A little BIOS tweaking was all I needed to run the system like I wanted. =)
Another thing of note is the power management stuff. If you want maximum performance, turn a lot of that off. Windows 7 will drop your CPU to 10% or whatever by default until it is in demand, and it will fall back on the PCIe lines, so if you have the latest PCIe 3.x video card and bus, it may fall back to 1-4 lanes at 1.x speed until you run games. Mine still won't go past 8 lanes for some reason, but it will go into PCIe 3.x mode. I think that is the power supply issue. I'm using an ATX connector in an EPS socket (which is allowable depending on the board design unless the wires get hot), so the PCIe might not be getting the voltages to come to full bus width (which is a good way to do it, to split the load across the wires and power different parts of the bus). I will need to do something about that soon since the PS fan is already starting to fail (hey, cheap case and PS combo that is geared more to AMD motherboards).