Dear Sup Forums

>trusting AVs for anything
You and your friend are both brainlets, OP.

Its not like I didnt like it, I take one point of view and add it to the big picture.

The reason why you are wrong is because big companies need to do IR to find out what the malware is doing. If they just rebuild the system they don't know what was targeted, how it got in, where it's sending data, etc

I was not talking about companies that actually research the threats, however, I was talking about avarage Joe who happened to get actual infection instead of his AV being a little to bit eager to prove itself.

why not just send off a sample if undetected and restore from backups?

HEIL HITLER
E
I
L

H
I
T
L
E
R

You can "heal a system out of malware", because antiviruses are capable of removing run of the mill malware, because it's simply not worth the developer's time to add functionality that counters antiviruses for a small increase in the number of infected computers. Your friend is still wrong for putting himself in a situation where he is likely to get malware, and for using an antivirus instead of restoring from backups.

are you saying i should stop paying my Kaspersky licence ?

S I E G
H E I L

HEIL HITLER

We are at home . All the boards are ours

1) tell them that malware (rootkit) can hide from the OS itself. malware can teach the OS to lie about anything. Tell them that malware can insert arbitrary code anywhere.

2) show them this video and say that the virus caused this to show up youtube.com/watch?v=xXF7qHZXJ4w

Thats pretty much what both links says. But the response was still that "good AV" can remove them completely anyway.

Nobody else?

No, they are hiroshima's

By incident response you mean taking RAM dump, hard drive dump, some network packet captures then restoring the system and firmware from a known clean backup, right?

>muh incident response
>muh learning
Here's what I learned, you are a dumb faggot. removing Neshta.A caused the whole PC to be unusable and I have to format and rebuild it anyways.

>W32 NESHTA.A
fucking hell that takes me back. Fuck that thing

>not knowing about sfc

AV as just software installed into your OS is useless for malware removal. It's only useful for holding your hand (aka babysitting) and stopping you from doing something you shouldn't. Only AVs bootable from an external drive (USB/CD) will be able to clean your PC properly.

Really depends on the malware. Simple AV solutions can, in fact, remove the vast majority of malware.

If is your superior quit, is probably not the only thing they'll be wrong and in the long run they'll fuck up big time, you don't want to grab that hot potato.

And how about that argument "paid AVs are superior to free AVs"?

Whats the story about this whole "Neshta.A"?

Also, I personally had an icident with rootkit in the past and after antivirus on cd-booted linux distro claimed that it was removed, system was already basically crippled and stopped booting after few tries anyway so I had to reinstall. Thats when I started to learn more about malware.

My Kaspersky 2017 license is running out.
KAV2017 is $15 / year for 3 PCs
KAV2018 is $20 / year for 3 PCs
Are there any meaningful improvements in KAV2018, like better performance?

>And how about that argument "paid AVs are superior to free AVs"?
Most free AVs annoy the user with advertisements,
The free Microsoft Windows Defender, that doesn't have ads, frequently scores badly in AV benchmarks with detection rates under 90%.
av-comparatives.org/
av-test.org/

Russian backdoor botnet AV?

Says who? The NSA/FBI/CIA because Kaspersky detects their malware?
LOL.

But I was thinking about overall performance.

Define performance
Does it include annoying the user with ads?

>I dont listen to amerifat shills, only russian ones