and without an AV how do you know to roll back because you've been infected by something silently watching keystrokes, siphoning data or using you as a node to the rest of the infrastructure or a DDOS point?

And that's you, never mind the average user.

I'm not pro AV, but I do wear a bicycle helmet whilst riding.

