what is the point of anti-viruses any more?

it’s not like anyone uses them any more, i haven’t had a virus in years. now root kits i pick up one every couple months and i haven’t found an anti-virus that removes them yet. so again i ask, what is the point? it’s like gang bangers and guns (they gotta have what the media tells them is cool), viruses just aren’t stylish any more.

A bit of philosophy, if you will…

If no one used AV, then bad-actors would start using classic viruses again because they’re easier and not protected against. The base-line of security is sort of like having no security, because those vectors are rarely used. But if the base-line was lower, then the bar for entry is lower and would actually be used.

So to answer your question, the base-line exists merely to make the technical complexity of infection greater. My belief is that making the complexity greater does help reduce the frequency. For any single person, using AV is probably meaningless. But the Internet as a whole using it is important for raising that base-line.

I think advocating for no malware protection at all is rather unwise. For me the biggest plus of CIS is containment. IMO the way forward is to contain malware rather than try to detect it. If everyone is using containment then I’d agree that detection is old hat and quite possibly not worth the effort.

If you believe that’s what I said, then you’re over broadening my words. AV == Anti-virus. If I could turn off the Anti-virus components of Comodo without Windows turning on Defender, I would.

HIPS is off in Comodo by default, but I have that turned on to close the maximum setting. I also increase the firewall settings to near maximum instead of Comodo’s default of “safe”. I do not use auto-containment… but I do occasionally manually load a program into the container based on my own determination of risk.

So, to be clear, you are advocating turning off anti-virus and not using auto-containment. It’s your system of course, but that just makes no sense at all to me. What you’re suggesting is like advising people to cross the road without looking, on the basis that you’ve done it dozens of times and nothing has ever happened…

You do like missing the point and putting words in my mouth.

The OP said that the most dangerous things aren’t covered by AV, and I tend to agree. But the fact that AV is widespread raises the bar for entry. It’s pointless to attack a well protected vector in the same way that it’s pointless to attack a very rare case. Virus campaigns are designed to hit a wide audience and if the bar is high, fewer campaigns will be successful. Of course if you are specifically targeted, then a very rare case is acceptable and general AV won’t stop a dedicated attacker.

What I did say, was what I personally do. I gave no advice. I tried to give commentary to the thread topic. Do you really think that talking of philosophy is advice for specific people?

Hi cryofreeze666,

Please allow us to check the samples, please post undetected malware in this thread.

https://forums.comodo.com/av-false-positivenegative-detection-reporting/submit-malware-here-to-be-blacklisted-2019-no-live-malware-t123437.0.html;msg884009#msg884009

Let’s not forget that Comodo HIPS component is very powerfull and able to protect a System on its own. Also he is doing right in disabling the Container if he is willing to use HIPS instead, because the HIPS in Comodo does not monitor Contained Processes.

As you probably already noticed, Comodo is much more than just Containment based on Virtualization/Access Restrictions. You can even set Comodo as an Anti-Executable/Lockdown software.

Yep, been a CIS user for decades. Still think this is a dumb topic.

Agreed, OP does not seem to know that Antiviruses do detect all sorts of malicious software, including Rootkits, although detection is not always guaranteed. If his point is with Default Deny/Containment one does not need to use an Antivirus, then I think he is right.

My opinion:

[ol]- A good AV is still a viable solution for the average user, together with a browser addon that blocks malicious and phishing websites, for example Blocksi Web Filter - Chrome Web Store

I think Comodo HIPS might be on par with ReHIPS or even stronger than it. Matousec tests always crowned Comodo HIPS as the strongest against competition (including vs the almighty Kaspersky). Although they never tested ReHIPS for some reason. I really wish Matousec continued to do their Proactive Security Challenge tests, but that is another topic. That being said, I agree with everything else in your post.

You can prevent infections as average (target) with precautions.
Its not that you definitely get infected if you dont have an antivirus.

Also having an antivirus does not prevent any risk of getting infected.
In worst cases having an antivirus can cause an infection.

You use an antivirus if you want a reasonable protection against cases that you can not control. Not for cases where you let go all control.

You dont use an antivirus to handle an infection it let through. An antivirus should be a warning sign that makes you aware if your system needs a new state.

Sandboxing can save the day.

If you get (rootkits) infections several times, you do something wrong.

it's not like anyone uses them any more, i haven't had a virus in years.
Thats probably because your most likely an above average power user and you know what your doing :)

If you don’t think the problem is real or only happens occasionally, heres a website of some victims of malware infecting there machines and need help getting it fixed

Theres plenty of sites like this

malware can be blocked with your firewall, keyloggers can be outsmarted by copy & paste. if i notice something funky, i take the quick way, wiping the hard drive and reinstall O.S., doesn’t make any sense spending hours going through registries line by line when it takes two hours to have a fresh copy installed. hell the piece of ■■■■ O.S. created by microsoft you need to reinstall every 6 months to a year anyhow, since while its running it can’t defragment itself. which in the long run means everything slows down with it anyhow. so outside of a good firewall with a semi-knowledgeable user, why would anyone use an anti- virus? firewall, yes, i understand why.

METHINI i don’t run anything microsoft anymore, and like i said if i notice anything like higher processing needs i check to see whats running and if its not me i reinstall. so i never have a rootkit, virus or malware that survive, like i said it’s a nothing amount of time when you consider how much time i’ve had in my life.

UBUYSA i apreciate you philisophical comments, but if ya though the topic was dumb why bother at all?

MMALHEIROS so far as i’ve noticed when i used windows. if you pick up a root kit, the anti-virus only explains how to remove it. the most annoying thing about that was following the directions step by step, only to have to search line by line for the step for the entry that is always forgotten.

TO YOU ALL
this was really no more than a philisophical rant, i switched to a linux based OS about 18 months ago. i still end up getting calls from my friends who refuse to burn their copies of windows. i then laugh when their anti-viruses manage to not catch something, or catch the wrong things and completely put their lives on hold. i keep telling them back up their files, don’t leave anything in a device you don’t want anyone to see, turn off your device if your not using it… unless you want to become a porn star. but no one seems to listen, thumb drives and external hard drives are getting cheaper by the day. but their all interested in those creature comforts or keeping up with the jones’s so they can’t afford 6 to 150 bucks (depending on what you need for back up obviously).

also average users could get by with just a firewall, if they’d just invest the time in learning how to use it and having their registry backed up. but then again who wants to listen to the guy that’s keeping them from their nickel bag of weed.

if i notice something funky, i take the quick way, wiping the hard drive and reinstall O.S., doesn't make any sense spending hours going through registries line by line when it takes two hours to have a fresh copy installed
I agree, also assuming you already have backs of your important document and pictures like stuff for tax.
i still end up getting calls from my friends who refuse to burn their copies of windows. i then laugh when their anti-viruses manage to not catch something, or catch the wrong things and completely put their lives on hold. i keep telling them back up their files, don't leave anything in a device you don't want anyone to see, turn off your device if your not using it.
One of solutions I use for some people that keep getting infected is making them use "shadow defender" and enhanced security for the usb. It keep it in a frozen state and after restarting the computer it goes back to baseline. All files that need to be saved (mostly it usually documents and pics) goes to either the cloud or external harddrive (which only connects on a needed basis. Once a month its gets unfrozen to do windows updates, browser updates and extensions and anything else that needed to be added before it gets frozen again with a new baseline. :)

That’s simply not true.

My browser and my email client are allowed through my firewall, as they have to be if they are to be of any use. There is a ton of malware that can get in via the browser and through email if you’re not careful - the best firewall in the world won’t stop those.

Comodo Firewall will likely stop any malware from infecting your computer if it originated from the Internet.