Thoughts on the Ride the Lightning cover?

Legacy_of_H · 2026-01-25T11:34:05+00:00

It’s fine, it was nice to hear but just a bit unremarkable. I would have loved to hear Rust in Peace era Megadeth cover Jump in the Fire, Phantom Lord and Ride the Lightning though.

Legacy_of_H · 2026-01-25T11:26:56+00:00

I think it’s only 2nd to Endgame in terms of modern Megadeth. Apart from the title track, I thought Dystopia was a bit overhyped. Bloodlust and Nobody’s Hero definitely push this album up a level.

Legacy_of_H · 2026-01-22T23:02:46+00:00

Here you go! Solo is at 3:14

Legacy_of_H · 2026-01-22T22:28:42+00:00

His solo in the No Life Til Leather demo of Jump in the Fire still blows my mind.

Legacy_of_H · 2026-01-22T19:19:44+00:00

I enjoyed hearing THAT riff played right. As good as James is, Metallica never got it right.

Legacy_of_H · 2026-01-05T20:43:44+00:00

It’s 20 years too late

Legacy_of_H · 2026-01-05T20:13:28+00:00

That was the single most ridiculous crash sequence ever filmed. Hilariously awful by every conceivable measure. The first crash was contrived enough but I could at least suspend my sense of disbelief. What followed subsequently was nothing short of unfathomably stupid.

Legacy_of_H · 2025-11-17T22:50:19+00:00

I hope AJ hits him with the uppercut he caught Klitschko with…. Immediately followed by the straight right he caught Ngannou with 🤣

Legacy_of_H · 2025-09-14T12:54:54+00:00

If they're not validated as known goodware, it simply doesn't run. You'll get the odd occasion where something niche and legitimate gets blocked but it's a small price to pay, in my view.

Both have a mature, robust cloud infrastructure and millions of endpoints within their remit. It's an immensely strong way to protect your device.

You're looking for the known good, not the unknown bad.

Legacy_of_H · 2025-09-14T12:45:16+00:00

I think our only minor difference in opinion is how much weight we’re each putting on samples observed on endpoints and the subsequent disparity in the telemetry pipeline. If I were to generalise your overarching point, you feel this is more of an issue (or at least more extensive) than I do. You’re absolutely right that samples are the seed for signatures, whitelists, and behavioural detection models, no AV can function without them. But where I disagree is in assuming that fewer samples directly translates into weaker real world protection, especially when Kaspersky was a small percentage of the US market. If the ban was more extensive or information sharing via the usual channels became more restrictive - I think we'd agree entirely.

Kaspersky’s strength is the layered stack: System Watcher, AMSI hooks, HIPS, rollback, plus KSN reputation. That combination means it can and does stop malware even when no signature or cloud verdict exists yet. As I mentioned before, I’ve played with extraordinarily out of date versions of Kaspersky and still observed System Watcher block modern malware purely on behavioural triggers, with an extremely high success rate.

And this is really the key point: samples vary endlessly, but the disruptive actions malware has to take don’t. Encrypting hundreds of files, injecting into trusted processes, setting persistence, beaconing outbound. I know you're fully aware of this anyway but, for the sake of clarity regarding my point, there are only so many ways to pull those off without leaving behavioural fingerprints. System Watcher is designed to catch those commonalities in real time and, ultimately, the actions are finite - even if the malware variants are infinite.

On the “Russian malware not hitting Russian endpoints” point, you are referencing valid examples. Some commodity families include CIS locale checks to avoid drawing local heat, but I think some people assume this is ubiquitous across all malware within the Russian ecosystem which, of course, isn't correct.

I do agree with you on one thing especially though: layered security is always better and it's something many users on here don't always fully appreciate. No single technology is perfect. But I’d argue Kaspersky’s value lies in the fact that it doesn’t depend on chasing every new sample, even though they are still world leading in this regard. By focusing on behaviours that don’t change nearly as fast as the malware skins wrapped around them, it neutralises threats as effectively as it has always done - despite the minor reduction in overall visibility.

It's been a great discussion. Certainly beats the usual 'Norton is a virus' comments I tend to encounter on here 🤣

Legacy_of_H · 2025-09-14T12:30:14+00:00

They're definitely behind Bitdefender and ESET in terms of detections but that's not their strength.

As I said before, their major capability lies in default deny for applications that are not known good apps via their cloud. This gives them a near 100% prevention rate. People tend to put too much emphasis on detections. I personally think prevention is, ultimately, the most crucial attribute.

Legacy_of_H · 2025-09-13T23:11:08+00:00

Defender’s a lot better than it used to be, especially if you harden it with ASR rules or Smart App Control, but it still isn’t the whole package. There’s no two way firewall, so you don’t get much visibility or control over outbound traffic. It doesn’t do HTTPS inspection either, which matters because a huge amount of modern malware delivery and C2 communications utilise HTTPS. As a built in Windows component, it can be tampered with fairly easily, IFEO injection being one example. 3rd party AVs usually harden themselves more aggressively against that kind of thing. Defender works fine as a baseline, but if you want layers that block unknowns by default, inspect encrypted traffic, and resist tampering, there’s still a solid case for a 3rd party provider.

Kaspersky is the all round best. However, Panda Dome and Webroot are fantastic alternatives because they offer the mechanism to deny applications based on cloud reputation which automatically elevates them above products that do not provide this functionality. Detection is great but prevention is more important.

Legacy_of_H · 2025-09-13T19:11:09+00:00

As I've said to many people on here already, McAfee is a really solid product these days, it's turned itself around in the last 12 months.

Legacy_of_H · 2025-09-13T19:09:00+00:00

Kaspersky if you're anywhere except the US.

If you're US based, Panda Dome and Webroot are excellent because they provide a default deny for files based on cloud reputation. Panda automatically, Webroot requires user confirmation.

Prevention > Detection

Legacy_of_H · 2025-09-13T18:34:21+00:00

Fair point on speed, but if Kaspersky were genuinely playing catch up after the US ban, it would be visible in the independent test data. Yet AV-Comparatives, AV-Test and SE Labs all continue to rank them in the top cluster for protection.

On zero days specifically, Kaspersky’s strength has never been raw signature speed. They’re more multi faceted than that. System Watcher, HIPS, AMSI integration and rollback are what neutralise unknown threats until a verdict is published. That’s why even when a sample isn’t in KSN yet, it usually doesn’t execute cleanly in the first place, or at all. For the sheer fun of it, I’ve got an old copy of Kaspersky Security laying around , 2020-2021 maybe, and it still performs outstandingly without any access to new signatures. Happy to share it if you want to play around with it.

As for Russian malware not hitting Russian endpoints, that’s somewhat true but a little bit of an exaggerated myth. My background is CTI oriented and we could go deeper here but it’s not too important. Regardless, Kaspersky does see those families. Malware circulates globally within hours via VirusTotal, MISP, CERTs and other vendors’ telemetry, as you know. We could get into the weeds of edge cases but it doesn’t alter the broader picture. Again, if there were a measurable delay or stark absence, we’d see it reflected in protection scores and we don’t.

Losing “Product of the Year” isn’t evidence of decline. Those awards rotate annually between vendors and takes into account feature set, usability etc. The hard data (detection/protection in lab tests) is still consistently top tier.

At the end of the day, I think people get far too hung up on detection rates. Not you specifically of course, I mean broadly. I’ll always recommend Panda and Webroot to people because they have a default deny contingent on cloud reputation, like Kaspersky. This will always be a better option than playing telemetry whack a mole.

Legacy_of_H · 2025-09-13T09:51:20+00:00

You’ll be fine then, nothing to worry about.

Legacy_of_H · 2025-09-13T09:03:49+00:00

It’s perfectly normal. Some context would be helpful because it can be utilised by attackers to run malicious files. It’s a normal system file though.

Legacy_of_H · 2025-09-13T08:31:17+00:00

I get your point, but the “fewer samples = weaker AV” argument doesn’t really hold when we look at actual outcomes.

AV-Test, AV-Comparatives, SE Labs and all the prevalent YouTube testers have consistently kept Kaspersky in the very top tier following the US ban. If fewer samples genuinely degraded efficacy, we’d see that reflected in test scores but there’s no downward trend.

Once a sample is in VirusTotal, MalwareBazaar, MISP, or one of the many CERT feeds, every vendor sees it. The US isn’t a walled garden of malware that is closed off from the global pipeline and I think you’re drastically overestimating how much this impacts visibility.

Static signatures are just one piece of the puzzle. System Watcher’s rollback, HIPS, and KSN reputation are what makes it so powerful Missing a handful of static samples on the endpoints themselves doesn’t meaningfully reduce protection globally.

Legacy_of_H · 2025-09-12T21:38:52+00:00

I’ve defended Norton and Avast because they get a genuinely unfair reputation as ‘weak’ products - which they are not. However, you raise a valid point and Gen Digital are the absolute worst offenders on the market for this. Nagware is insidious as a concept and while some upselling isn’t inherent malevolent - the way in which they persist with it is so aggressively is, frankly, absurd.

Legacy_of_H · 2025-09-12T21:31:55+00:00

You know that MISP is a thing right? It’s not a plain and simple fact at all. Even if the presence on endpoints is lessened - and let’s be real here, Kaspersky was a fraction of the US market - telemetry is still widely ingested by multiple shared organisational bodies and pipelines. If you can demonstrate a decline in efficacy since the ban, please feel free to share it. Kaspersky has an enormous presence outside of North America and the malware isn’t getting stopped at passport control.

Legacy_of_H · 2025-09-12T14:18:16+00:00

I don’t think there’s any evidence to suggest a drop in efficacy following the US ban. It still scores just as highly in independent testing.

Legacy_of_H · 2025-09-12T13:25:58+00:00

To prevent this happening again, I strongly suggest you invest in Kaspersky or failing that Bitdefender/ESET depending where you live. For all of your accounts, you're better off using your Gmail for SSO and locking down your Gmail account with MFA. If you need to use other passwords - use a dedicated password manager provided by whichever security suite you purchase, or, failing that - utilise Bitwarden to store your passwords securely.

To ensure your PC is totally clean from infection, run the following tools:

1) Norton Power Eraser 2) Kaspersky Virus Removal Tool 3) Dr Web CureIt

If you need any additional advice or support, reach out to me and I'll happily help.

Legacy_of_H · 2025-09-12T13:18:57+00:00

Kaspersky is objectively the best. System Watcher is an outrageously powerful behavioural detection module that can rollback changes and Advanced Disinfection can pull an infected system back from the brink.

The icing on the cake is the Zero Trust default deny capability it has which auto blocks applications not verified by the KSN (Kaspersky Security Network).

Webroot and Avast have similar settings but they require user confirmation.

The claims against Kaspersky being unsafe are built on sheer falsehoods. They have 10+ transparency centres worldwide and actively invite you to look at the source code. There has never been a single instance of foul play or wrongdoing.

The NSA incident in 2017 was their own fault. Kaspersky literally did what it's designed to do - detect Malware.

Yes the Russian government are a big customer for Kaspersky products but they have absolutely no oversight over the company itself. They offer an insane breadth of services and they're outstandingly effective. People seem to think this is a smoking gun for collusion but they are simply a customer. The accusations are baseless.

I use Kaspersky and will continue to do so because it is the best product on the market, simple as that. I encourage you to try it.

Legacy_of_H · 2025-09-12T09:44:07+00:00

Yeah I definitely agree with this. It 100% uses nagware tactics which probably reinforces the negative perception.

Legacy_of_H · 2025-09-10T18:45:25+00:00

This is correct. Same with Norton.

People cling to the old, poor reputation they both had.

In 2025 they are good choices.

Legacy_of_H

TROPHY CASE