MrCanEHdian :
Pinhedd :
MrCanEHdian :
So, I'm super thrilled with this PC I finished building today, it's all working right now, I almost cried when it worked because I thought I might have messed up a couple times.
Anyways, I want anti-virus, and don't mind paying for one, but I want one that is good enough and will not be too intensive on the performance. Some people suggest Microsoft Security Essentials.
I'm thinking this might be enough because literally almost all I'll be doing is Skyping and gaming, maybe some programming if I decide to learn it. Anyways, I won't be downloading much more than component driver updates and Steam games.... Do I need much more than Microsoft Security Essentials?
Thank you
The best anti-virus is a smart user. As long as you don't install software from untrusted sources you'll be fine 99% of the time. Microsoft Security Essentials / Windows Defender is enough for the rest.
That's true eh? Like, you can only get malware from downloads, so only download trusted stuff, or is there more to it?
All malicious software, whether it be classified as a virus, malware, adware, spyware, etc... need to get over several hurdles before they can actually do anything.
First, the malicious program code needs to be transferred to the target computer somehow. There are a number of ways that this can happen. It may piggyback on a user's download or software modification (such as a crack for pirated software), it may be attached to an email, it may take advantage of a vulnerability in an outward facing service to clone itself, or it may be embedded in a seemingly innocent but malforged media file such as an image.
Second, the malicious program needs to somehow redirect execution to its own program code. The easiest way to do this is stunningly simple, convince the user to run it. Simple social engineering is the cause of nearly 100% of all Windows based infections.
Click through that installer for that free download which claims to do exactly what you wanted it to do?
Congratuations, you just installed several toolbars and reset your home page.
Download a crack for that software that you were too cheap to purchase?
Congratuations, your PC is now part of a bitcoin mining botnet.
Install that browser add-on which makes your browsing experience more entertaining?
Congratulations, your PC is now broadcasting your browsing history to marketing firms.
It is much, much more difficult to infect a computer without first convincing the user to do something monumentally stupid. Doing so would require finding a vulnerability which allows the attacker to perform arbitrary code execution without the user executing that code himself or herself. For example, a webpage may contain a malformed image which exploits a buffer overrun in an image rendering library to run program code hidden as image data. These kinds of vulnerabilities used to be commonplace about 12 years ago, but due to improvements in hardware and software security they are almost non-existent. Even when the odd one does show up they are often caught and patched by the developer before they can be exploited, and when they are exploited the event is plastered all over the news.
Third, the malicious program needs to elevate its privilege level to that of an administrator in order to break out of the user's home folder and embed itself deeply enough in the system such that it can't easily be removed. The best way to do this is again, startlingly simple. Just ask. Most users have become accustomed to clicking through the Windows UAC dialogue box every time they install something. Many are less keen to click on it when it pops up randomly but most will still do so just to get it out of the way.
Malicious software vendors have realized that stupid users are incredibly easy targets and have concentrated all of their efforts on them. The odd savvy user who does manage to fall victim to an infection of some sorts will simply remove it in short order; a lot of time and effort would have to be put into something that would yield no gain. No matter how bulletproof an operating system or web browser is, there will never, ever be a patch for sheer stupidity.