Do I really need antivirus?

[gohpep]

I'm using Firefox, with AdBlockPlus blocking malcious ads and annoying ads, NoScript blocking 0-day JavaScript vulnerabilities, and WOT so I know if I am on a safe site. Is there a possibility to get a virus if there is no route of entry through the browser or through USB flash drives (I only put drives that are my own that I know are not infected into my computer)?

[Haggis Veteran]

You dont download any files?

What about exploits in sites that attack the OS?

[Max Norris]

Just my own personal experience that I wouldn't recommend to everyone, haven't used a resident suite in over a decade, got tired of the inane amount of false positives/nags, performance drag, compatibility issues, etc.. personally if you're waiting for that "This program is malware" warning, you already made a mistake by letting it on your system to begin with.  Barring OS exploits that any OS gets and exploitable services (web servers, etc, again on any OS), 99.9% of the time malware on a desktop typically comes from user error or bad habits.. it doesn't appear out of thin air like catching a cold.  If you have internet facing services though you may want to reconsider.. that sort of stuff gets hammered all the time on any OS you can think of.

 

My neighbors for example (rank them in the "clueless user" category) have had multiple problems in the past, always due to dumbassery.  No you don't need that codec to view the video, no it's not safe because the guy said so, no you don't want to run that Shipping Label.docx.exe that got mailed to you.  With a bit of corrective training (and hardening of their browser) I haven't had to work on their system in over two years now.. but they still run resident protection just because.  

 

Obviously regular drive images are a good idea, that safety net never hurts.  An on-demand scanner is handy to have if you tend to grab stuff from random places, never mind a sandbox to run them in. If you don't have a sandbox, get a VM.  If you don't trust where the file came from, you don't run it without some sort of barrier to protect the system, period.

 

Whichever way you go though.. backups are always front and center.  Only takes one mistake to let malware in. It's entirely on you if you want to run without it, and it's certainly not for everyone.

[AMPSV]

I totally agree with Max Norris

 

[soldier1st]

I also agree with Max Norris. If a site provides some sort of checksum like MD5 or SHA1, or CRC, then that can provide a means of a good chance the file in question, is the real thing. imo WOT is not needed as if a site has been deemed safe but at the same time, the site/page could be compromised and that is another addon that if it were bad, it could do anything it wants. Also anything that can hold information such as USB/DVD/etc.. can be suspect and if your not sure, then run a VM/sandbox or a seperate testing PC. Also there are plenty of sites like virustotal/etc.. that you can upload files to or check websites and see if they are malicious or not. Also like Max Norris said, use images as they can save you.

[whs37]

I would install at least MSE. It is not the world greatest AV suite, but it helps amd is free. I also recommend frequent images so that you can easily backpaddle.

 

I run most of my web activities thru a virtual Linux Mint Mate system. That is the best protection you can get.

[simplezz]

I'm using Firefox, with AdBlockPlus blocking malcious ads and annoying ads, NoScript blocking 0-day JavaScript vulnerabilities, and WOT so I know if I am on a safe site. Is there a possibility to get a virus if there is no route of entry through the browser or through USB flash drives (I only put drives that are my own that I know are not infected into my computer)?

That certainly helps a lot. Whenever I load Windows, I use virtually the same configuration of FF + ABP + NoScript + CookieMonster. However, it's not a silver bullet when it comes to Windows unfortunately. It minimizes your exposure, and you could probably get away with it if you only download programs from reputable sources / scan them online, but it won't eliminate the threat entirely.

 

GNU/Linux is the only desktop OS I recommend for a completely secure malware-free experience. I would never do any sensitive work on Windows, nor would I store any important files there. The risk is too great.

[francescob]

I only use ablock and click-to-play on all plugins on several computers and never had malware issues. Firefox unlike IE and Chrome still lacks a lower-privilege mode so if you visit risky sites often then noscript and all its annoyances become a must.

[Som]

I'm using Firefox, with AdBlockPlus blocking malcious ads and annoying ads, NoScript blocking 0-day JavaScript vulnerabilities, and WOT so I know if I am on a safe site. Is there a possibility to get a virus if there is no route of entry through the browser or through USB flash drives (I only put drives that are my own that I know are not infected into my computer)?

 

if your asking the question, then yes

[adrynalyne]

if your asking the question, then yes

Rude.

[badb0y]

One question. Where would viruses come from? Neowin? Nope! so similarly, All reputed sites are safe. Except; Warez, Porn, Cracked Software. Don't tell me that cracked Photoshop is safe and clean..Just saying and neither is cracked/ toolkit Office 2013, no matter how many scans you run! and use worlds "best" AV/IS. If you invite Viruses yourself, you'll have them for sure.

[Krome]

You forgot one addon/plugins called "Ghostery"

[+Warwagon MVC]

One question. Where would viruses come from? Neowin? Nope! so similarly, All reputed sites are safe. Except; Warez, Porn, Cracked Software. Don't tell me that cracked Photoshop is safe and clean..Just saying and neither is cracked/ toolkit Office 2013, no matter how many scans you run! and use worlds "best" AV/IS. If you invite Viruses yourself, you'll have them for sure.

 

Totally wrong. Neowin could totally serve up a virus if they were hacked and bad code was put on the website or a malicious ad provider stuck in an Ad with an exploit on it. Happens all the time to other legit sites, heck I think Yahoo had a bad ad and infected 200,000 machines. or was it 2 million?

[.Ruby]

Do I really need antivirus?

Nope, just common sense. Install it, today.

[simplezz]

One question. Where would viruses come from? Neowin? Nope! so similarly, All reputed sites are safe. Except; Warez, Porn, Cracked Software. Don't tell me that cracked Photoshop is safe and clean..Just saying and neither is cracked/ toolkit Office 2013, no matter how many scans you run! and use worlds "best" AV/IS. If you invite Viruses yourself, you'll have them for sure.

Even so called reputable sites can contain malware. Youtube was briefly infected recently if I remember correctly. Servers can be compromised to spread it, etc. Point being, there's no single thing you can do besides completely disconnecting from the internet. For most of us, that's not an option.

 

And who hasn't clicked on a link from a search result to find it's not what you expected? It's easy to run across dodgy/less reputable sites by accident. So to suggest that the only way to be safe is to avoid them entirely is impractical.

[timster]

Do you need it? no, but it's nice to have. You know, just in case.

[+DonC Subscriber²]

Pretty much what Max Norris said. When your using Windows, you are targeted and so you need to address that. I wouldn't install an anti-virus suite because they're not worth the hassle. To be honest, I consider it *too late* by the time your anti-virus solution has actually found something. Instead I would:

• Ensure that Windows Update is switched on
• Uninstall Java
• Either keep Flash up to date or use IE or Chrome's built-in version of Flash
• Consider a sandbox technology (I use Sandboxie personally) for the times when you don't fully trust software

Think about this: When was the last time you heard of a major Windows virus / worm and any of the anti-virus companies said "Yes!  We caught that before it affected our customers!"

[adrynalyne]

All reputed sites are safe.

 

 

This made me chuckle.

 

I take it you have never heard of RIG?

[simplezz]

Uninstall Java

You may as well uninstall dotNET while you're at it. Every piece of software on a system is a potential security threat if it isn't kept up-to-date. Take a look at your next Windows update and note how many vulnerability fixes there are for dotNET.That will give you an idea of the risks of out-of-date software. This is why a good package manager is essential to system security.

[+DonC Subscriber²]

I'd also add that running a VM is an option but I think it's more important to have an environment that you can discard trivially. I used to use a VM solution that had the option to essentially commit or discard changes at the end of a session and I would always choose discard.

 

Sandboxie offers a separation facility but runs in the same run of Windows so it's more convenient for me. I run Java inside it so that my main installation of Windows does not have any Java functionality visible to the browsers. You can also set it up so that your browser always runs in a sandbox that gets discarded when you close it, meaning that whatever changes are made do not persist. You get the option to keep downloads, obviously.

[+DonC Subscriber²]

You may as well uninstall dotNET while you're at it. Every piece of software on a system is a potential security threat if it isn't kept up-to-date. Take a look at your next Windows update and note how many vulnerability fixes there are for dotNET.That will give you an idea of the risks of out-of-date software. This is why a good package manager is essential to system security.

 

Just about every time I've witnessed a successful malware attack, Java has been the attack vector. Seriously, practically nobody needs Java on a Windows machine. It's been a sorry tale of vulnerabilities, fragile update agents and extreme software engineering incompetence.

 

I don't recall ever wondering if my version of .NET was out of date. I haven't used Silverlight for a long time so it's not really relevant to drive-by attacks from the web.

[Torolol]

and when using windows explorer, turn on the "show known extension" setting, that would enable you to immediately discern any app/program trying to look like a (fake) folder or documents files.

Any apps that doing that almost positively have malicious intent behind it.

[xendrome]

OP, what OS are you running?

[adrynalyne]

Just about every time I've witnessed a successful malware attack, Java has been the attack vector. Seriously, practically nobody needs Java on a Windows machine browser.It's been a sorry tale of vulnerabilities, fragile update agents and extreme software engineering incompetence.

 

I don't recall ever wondering if my version of .NET was out of date. I haven't used Silverlight for a long time so it's not really relevant to drive-by attacks from the web.

FTFY.

 

There are quite a few reasons to have it otherwise.

[gohpep]

You dont download any files?

What about exploits in sites that attack the OS?

I only download files from trusted sources, and I do not run stupid things.

How can I get stuff onto my computer that attacks the OS?

 

 

My neighbors have had multiple problems in the past, always due to dumbassery

My point exactly.

 

 

I would install at least MSE

I am using Windows 8's Windows Defender, which is MSE. It annoys me because it seems to suddenly hog CPU and memory at random times.

 

 

Totally wrong. Neowin could totally serve up a virus if they were hacked and bad code was put on the website or a malicious ad provider stuck in an Ad with an exploit on it. Happens all the time to other legit sites, heck I think Yahoo had a bad ad and infected 200,000 machines. or was it 2 million?

But I use AdBlockPlus to block malicious ads.

 

You forgot one addon/plugins called "Ghostery"

Ghostery is proprietary. I use Disconnect. The addons I did not list are: request policy, httpseverywhere, httpsfinder, privacy badger, beef taco, betterprivacy, refcontrol, and youtube all html5 (so I don't need flash).

 

 

And who hasn't clicked on a link from a search result to find it's not what you expected? It's easy to run across dodgy/less reputable sites by accident. So to suggest that the only way to be safe is to avoid them entirely is impractical.

But I use WOT, so I know if a link is trustable.

 

 

Just about every time I've witnessed a successful malware attack, Java has been the attack vector. Seriously, practically nobody needs Java on a Windows machine. It's been a sorry tale of vulnerabilities, fragile update agents and extreme software engineering incompetence.

 

I don't recall ever wondering if my version of .NET was out of date. I haven't used Silverlight for a long time so it's not really relevant to drive-by attacks from the web.

I'm not going to uninstall Java because I develop using Java. There are no vulnerabilities in Java itself, it is just when it is used in the browser is when it is unsafe. That's why I disabled it in the browser and why I decompile Java programs and check them before running them.

 

 

and when using windows explorer, turn on the "show known extension" setting, that would enable you to immediately discern any app/program trying to look like a (fake) folder or documents files.

Any apps that doing that almost positively have malicious intent behind it.

Already do that.

 

 

OP, what OS are you running?

I use Windows for gaming, Arch Linux for everything else.