Is antivirus really necessary?

Is antivirus really necessary?
For me the answer would be no!

But with 2 teenagers in the house then the answer is definitely YES!!!

 

So, you don't trust Threatfire, Defensewall and Returnil (per your sig)?

You should know that Prevx (your choosen HIPS) has a malware scanning engine alongside the behav. blocker

 

Using an AV in a frozen system partition (FSP) is superfluous as REMOVAL of malware,
because a FSP doesn't allow any change and malware are changes.

This means that a FSP removes 3 types of malware :
1. all known malware
2. all unknown malware
3. all unborn malware
Forget about viruses, spyware, trojans, rootkits, keyloggers or any other name of malware, because they are all considered as CHANGES in a FSP and that's what a FSP does : REMOVE CHANGES.
A FSP is an Anti-Change scanner with a detection rate of 100%, not 97.75%, but 100% and forget about VB100% and all these other titles, because they aren't true.

The only part of a scanner, that is still useful in a FSP, is the real-time shield, because it stops the EXECUTION of the malware IMMEDIATELY and that is the only reason : immediately.

A FSP doesn't stop the INSTALLATION of malware, doesn't stop the EXECUTION of malware, but it REMOVES ALL malwares in your system partition.

1. The INSTALLATION of malware is harmless, it only increases the volume of your HDD, more bytes that's all.
INSTALLATION = CHANGES and a FSP will remove these changes. Change & Anti-Change = nothing.

2. The EXECUTION of malware is the dangerous part and must be stopped as much as possible.
This means that you only need a special type of security softwares in a FSP,
they must stop the EXECUTION of malware IMMEDIATELY.
Once you have a collection of these security softwares, you have a very good security setup.

3. The REMOVAL of malware is already solved, that is your FSP and keep it frozen as long you are on-line.

Is an AV really necessary ? No it isn't, unless you like to have an infected system partition.
If you believe that one AV will protect you, because it says "No threats found", you are credulous. That message is a psychological trick to comfort your mind. You are malware-free in your mind (an illusion), but that doesn't mean your system partition is malware-free.

I have a FSP without scanners for more than 6 months and ran most popular scanners, listed in av-comparatives as a verification of my FSP and they couldn't detect anything, except false positives.
My FSP is only good for testing AV/AS/AT/...-scanners on false positives.
It's very logical they can't find anything, because my FSP removed them already during EACH reboot.

It's not because I use FDISR, any ISR-software can do that job, even BETTER and FASTER than FDISR, which is already proven by members.
Instead of running all these incomplete scanners, you only have to REBOOT and all malwares are gone and WITHOUT false positives.
How much time takes a reboot, compared with the total scan-time of all your scanners ?
What is more simple than a reboot, any user can do that. Configuring a scanner is more difficult than a reboot.

 

So you keep telling us .

It works for you. But I think it is too intrusive for most users. A good AV and good surfing policy is enough for most users. That is how most corporate computers. Symantec AV and clear policy on where users can't visit. The risk of infection then becomes very low.

 

i agree, i would never use one of these either.

i think maybe they should be good for certain buisinesses and some schools, but that is it.

 

Corporations have dedicated IT support staff that will re-image your drive at a moment's notice.
They also don't care if your data gets erased in the process of fixing the damage.

 

Are you saying you have tried Returnil/deepfreeze etc and "would never use One" or have never tried this approach ?

If you have tried and rejected then fair enough but if you haven't tried say Retunil ( free) than my might be surprised. You could even get your feet wet slowly by only using the session lock. Personally I am not a school but I do run a business and find it no trouble at all - in some ways less trouble than running traditional security.

 

I tend to agree, but as has been alluded to earlier in this thread and in many other threads here and elsewhere, the general question that is the subject of this thread, "Is antivirus really necessary?", really doesn't have an appropriate general yes/no answer. This is one of those cases where "unask the question" is the most apropos response.

It's like asking "I'm traveling from New York to Boston, is a train required?". If your chosen path requires a train, then yes; if your chosen path is by air, car, or foot, then no". If you don't know how you're getting there, then it's a viable solution. One of many.

Blue

 

yes long view, ive tried and rejected.

its just not for me.

 

I'm a teenager and i know my security well!
I tend to think of av's as a third need, always a solid firewall first. (like comodo), then virtualization software like safespace, then an av/anti-spyware

 

Could be true where you work but at where I am,
IT is very busy and re-imaging takes time and is a hassle.
There is very important data on computers. A lot of the files could have taken 200 man hours to complete. You don't want to just delete it.

4000 laptops. Lots of sensitive information. SAV and Cyberarmour firewall is all we have in terms of security software. However every time we access the internet, the company policy on websites and surfing is displayed. We know everything is logged. Everyone stays away from the dark side of the internet. Everything runs smooth.

 

Sorry, no offence meant.
Actually, the youngest of my two i could trust implicitly with my computer.
Sadly with the other i could not.
She is click click click without taking time to actually read what she is clicking yes to, as i have found to my cost in the past (before my current set up)