No. The last time I ran any real time detection software was in 2006. None of my installed operating systems have any kind of AV, AS, anti-malware, etc installed. I do maintain an image of an OS with multiple scanners, detection, and service apps on it. I use it to scan/service other hard drives.
I think the few reasons you posted are very good reasons not to use a Antivirus.If I only could get my kids out of install bot mode, sandbox would be the ticket.
That's the problem with parents and kids. Both can't differentiate between a fake antivirus and a real one. So if you tell them, "Hey you already got an antivirus," they won't be installing another one. Not to mention all the crap that gets downloaded and installed despite SBIE. AV's are still very good for the masses, simply because some people have no clue what they are doing.
Yes and I recommend. Main reason is, it gives me more peace of mind when somebody asks to use my machines (of course I employ various other measures such as guest accounts with very limited privileges with the right stuff ready to be used by anybody who asks). As for downloaded stuff, I have other better methods to check if they are infected, so the real time AV is like the last line (before backup).
I just use a real time scanner for the "peace of mind". Specially when i plug those damned USB sticks that i use in college. I remember half a year ago at college i asked one of my friends if his USB stick was infected, he said it was clean . . . Then i scanned it with EAM and it was infected with couple autorun malwares. (The reason why i plugged in his USB was because he wanted some files)
On Vista and higher you will prompted before running anything, so you can't be infected just by plugging in an infected USB device.
Preventing autorun malware from USB devices is simple, even on XP (just disable autorun/autoplay and, to protect your own USB devices, use something such as Panda USB Vaccination). The problem is that sometimes one may need to execute a potentially infected file of an USB device from another person, without time to do anything else but executing it.
After you manually open/execute the potentially infected file of the "sandboxed" USB drive, the file".x" and the software that opens ".x" extension by default won't get automatically sandboxed as well by SBIE AFAIK. Besides, some special infections may also work inside the sandbox at least until you delete that sandbox, right? This is another risk, even if more temporary.
Sounds unbelievable, ah. If you force your USB drives or right click on it and choose to run it sandboxed or if you navigate to the drive using a sandboxed Windows Explorer, all files in the USB drive will run sandboxed. "In this kind of situation", I don't care if something malicious runs as long as it is sandboxed. When I delete the sandbox, the infection is gone and the system remains intact. No harm done. Bo
No harm done to the system, but other harms may have happened in that time window, depending on the infection.
Sandboxie has the settings to make "other harms" very unlikely. For example, you can block or make invisible your personal files and folders so programs running in the sandbox don't have any access to them. You can also allow only a few programs to run in the sandbox, that way if program ".x" attempts to run, it wont run. But if you want to allow all programs to run, well that's OK too, because you can set the USB sandbox in a way in which all programs can run and none is allowed too connect. If program ".x" cant connect, nothing gets out of your computer. People that make the rookie mistakes of plugin friends USBs in the PC should always use SBIE when doing so. Bo
I test AVs sometimes and last time I used MSE for a week, it did not feel like it was slowing down anything, then I uninstalled it and I was amazed how fast was PC running. Indeed, it is not for everyone, but sometimes you would be surprised. I have a friend, who is not an IT expert and he uses only warez, porno is set as his homepage and he never got a single virus. On the other hand, there are people who use various AVs and they always get infected. I think, that is it as I said, they feel protected, so they are more relaxed and doing things, that would people without AV never did.
I don't think it is so much about being relaxed, although that is a part. I think in general people don't know how to avoid being infected. For example if a website wants them to download a program or install a plugin they do so without considering it may be malicious. The same also applies to links or infected attachments in emails. But, I don't think people are letting infected files run just because they are expecting their antivirus to catch anything malicious. They are opening infected files, because they don't even stop to think that the files may be infected. If you are careful about what you let get installed on your computer then for the most part it is very hard to get infected. If you are careful you can visit porn sites and use warez without being infected.
And how does he (or you) know if he never got a single virus (malware)? For example, are you submitting hijackthis logs for analysis in specialist forums and running all those other tools for detection of hidden threats? Or, are you a malware analyst expert and analyzed his PC yourself to check if it was clean ?
totally agree. i have friends that don't even know what their own paid for AV looks like. so when they see a fake AV they think it's their own AV working. i recommend to people i know to install AVAST or such but i don't want that stuff on my PC. when they ask me if they should go for the free or paid version of an AV, i tell them to get the free version. thinking that it won't matter one bit because they probably gonna get infected anyway.
