Do I still need an antivirus?
See this question [1]. Many advanced users don't run AV on their personal computers. I personally don't use an AV on my home computer.
The question is do you trust yourself enough to never make a mistake. Also, how bad will it be if you do make a mistake (or something just gets through, which is always possible). I run my system in such a way that a full format and reinstall doesn't take very long (from an image) and nothing significant is lost.
If you do decide to go AV-less consider using a white list based script blocker like noscripts [2].
If anyone shares the computer with you though, do you trust them as much as you trust yourself.
[1] http://superuser.com/questions/561/do-you-run-anti-virus-softwareThere are so many free AV (like AVG Free [1]) out there...
They are MUCH BETTER that all your procedures, let's just imagine, that your friend Annie (fictitious name) gives you a USB PEN with the latest version of your class work and, because she also don't have an Anti Virus (following your crazy process list) got if from a guy that she trusted and made the complete re-design of the presentation...
without her knowing she got a virus, and you trusted her ... you now got a virus...
in 2 days you could not even open the operating system ...
Do you really wanna trust your list?
[1] http://free.avg.com/I'd say yes if only for the increase in Trojans attached to web sites.
Now you'll say "but I don't click on dodgy links" or "I always check the destination first" & I'd say "I do that too", but with the increase of shortened URLs it's all too easy to click on one of those and land on a site you weren't expecting.
So unless you can trust yourself never to click on a link you shouldn't, or can rebuild your system in a couple of hours, install some anti-virus software.
I've just come across this answer [1] to the question " What is the best thing you ever got in trade for fixing someone's computer(s)? [2]" which, I think, illustrates my point that you can never be too careful.
[1] http://superuser.com/questions/8583/what-is-the-best-thing-you-ever-got-in-trade-for-fixing-someones-computers/13881#13881Drive by downloads and zero-day vunerabilities could become your undoing.
That said, I have AV installed but I don't have it memory resident, I pick and choose when to scan / check things and for the most part, that's done the trick.
I think this is a really funny question. Not so much the question itself as the answers it draws.
You've got the non-mission critical crowd, who are content with possible reformats and backup restores, then you have the mission-critical crowd that demands AV products.
I run AV software on my Windows installation, I do so because I hate installing windows, I hate downloading 100+ updates from slow servers, I hate downloading the newest version of the windows update activex, and I hate having to dig out dusty old driver CDs.
I do backups in Windows and Linux regularly.
Being in IT, I come across many infected computers/hdd/thumbdrives, and I know I'll get smacked with something again if I don't stay protected.
I use my computer for work, as well as programming projects and school. Therefore I require that it works all the time. The only failure I can't protect against is hardware failure, but I won't have data loss over another piece of software with ample backups.
With the crowd of people who scoff at AV software, or even claim to have not used it in years (in a Windows environment), I think they would be surprised to see what they've got running on their systems if they did run a reputable AV program.
Personally I am in the "buy a big name paid-for AV" camp. It's worth $5 a month to me to make sure my laptop and desktop are protected, and the company I use even lets me install it on 3 different computers per year for that $5 a month.
Linux is my main platform, and I never have had any virus problems ever. I've scanned with ClamAV with 0 results time and time again.
It comes down to the user, what they're doing and what they need their computer to do
Because you cant even trust brand new hardware today HP ships USB sticks with malware [1]
[1] http://news.zdnet.com/2100-1009%5F22-196728.htmlYou don't "need" an anti-virus, but as a precaution they may be useful if your internet habits lead you to dubious places.
I don't run anti-virus software, just a software Firewall and Router based NAT. In the past 10 years I have picked up a total of 2 spy-ware infections, both times by deliberately downloading and accessing items from slightly dubious websites.
I knew exactly what I was doing and realised that there was a risk of getting infected. When it happened I simply restored a previously created disk image, updated Windows using automatic updates and made a mental note not to do that again.
Over the years I've read and listened to a number of security experts say that If you keep Windows updated with latest updates and do the same with your web browser and email client you are very unlikely to be infected. Also that if you do this and can stop yourself from going downloading from "dubious" web-sites the risk is just about zero.
Over the past 10 years I have seen this to be correct.
There's a very important item missing from your list - actually it's so important that you can pretty much stop worrying about most of the other items on your list once implemented:
Do not work with admin rights!
Additionally, being behind a router should typically take care of the remaining 1% of risk that comes from potential security vulnerabilities in Windows services.
I stopped using resident AV about three years ago and only run a full scan every couple of months and haven't had a single infection during that time even though my machine is pretty much online 24/7. Even when I was still using the resident AV I was never once infected ever since I removed my primary user account from the admins group back in the times of NT4...
Working without admin rights used to be much more annoying a couple of years ago but since the release of Vista (which I do and will not use) the overwhelming majority of the relevant vendors have fixed their stuff to work perfectly fine without admin rights.
There are always a few exceptions but there are also a number of fine tools like ProcessMonitor [1] and LuaBuglight [2] out there that help you quickly identify the issues in a way that allows you to do minimal-impact tweaks to the permissions to make the idiot programs work nevertheless.
And obtaining admin rights when you need them also no longer requires logging off and back in again thanks to tools like MakeMeAdmin [3] or even better: MachMichAdmin [4] (sorry German language docs only - but works just fine on English systems as well). Just put the latter on your "Send to" menu and stop worrying.
[1] http://technet.microsoft.com/en-us/sysinternals/bb896645.aspxBecause you're not as smart, as alert, or as careful as you think you are.
That's not intended to be an insult. Most people aren't as smart, as alert, or as careful as they think they are.
Today's malware relies heavily on very sophisticated social engineering to spread. I'm constantly amazed at the tactics they come up with. Someday you'll receive what seems to be a legitimate message from a friend on Facebook, or you'll download something from what you think is a trusted source, or you'll stick your USB drive into the wrong computer, or even just buy the wrong picture frame [1]. And you'll happily go into admin to install your new software, because you trust it and can't see any reason not to. And that's how you get a trojan. Unless you have decent AV software that catches it in time.
Are you absolutely sure you wouldn't fall for the Conficker autoplay trick [2]? Even when you're tired, or in a bad mood, or something's distracting you?
Really?
[1] http://blog.trendmicro.com/yet-another-digital-picture-frame-malware-incident/I'll say it depends. If you store your valuable data on a separate hard drive or in the cloud (Amazon S3 etc), you may not need an AV. Personally, I don't run AV programs on my computer because
I don't run an anti virus myself, however, you should have an anti-virus ready just-in-case you do something stupid. Yesterday I did something stupid and a virus hit my windows OS [1].
If only I ran a scanner on that untrusted exe before opening it ..!!
Of course, I'm not suggesting you keep the AV running in the background; they tend to eat system resources. Just have it so you can right-click any file and scan it. Also, do yourself a favor and keep it up to date.
[1] http://superuser.com/questions/9385/cleaning-windows-viruses-from-linuxShort answer: No.
It sounds like you really only need NoScript for when you're browsing the web. Of course, at some point you will probably make a mistake but you can just reimage with Ghost or whatever. For what it's worth, I only have an antivirus program running on my netbook's Windows XP partition because other people use it sometimes.
I would, however, suggest that you only do important stuff like online banking or what-have-you on a Linux partition out of sheer paranoia. A lot of malware is designed specifically to hide and if you make a mistake you may not realize it (we're only human after all).
I am experienced enough to know better than to run executables, allow ActiveX controls to run, and install plugins that aren't verifiably safe. I still do it anyway. Just because something 'seems' safe doesn't mean it is. We've all been tricked I'm sure. I recently started using Avast -- I disable it when I am being safe and I enable it when I am being dirty.