For you that use Kapersky, or have used it and switched to another AV program, what do you think about it?
At the moment I am running in Administrator and Safe Mode using Kaperskys Virus Removal Tool. I need to run this tool before I can install Kapersky because even in safe mode virus problems prevented the Kapersky program from installing.
The funny thing about this new virus problem is that I apparently picked it up by clicking on either Javads video link for filtering out unwanted signals that could interfere with survey grade GPS...OR.. some job listing links for Land Surveyors in California.
Prior to clicking on the mentioned above internet areas my system was running quite smooth for the most part. This new one started out with a popup saying a problem was detected in the SATA drive I have. The drive is old, 4-5 years, and I was planning on replacing it, so I followed the message prompt and rebooted like it said. When Windows came back online all virus hell broke loose. Files enmasse were changed to hidden ones. I thought that all my cad drawings had been eliminated. Music and commercials would start playing randomly. One about a baby, another touting catfood, then an opera would start playing.
Messy messy stuff.
Anyway, here I sit while Kapersky's AV removal tool works. So far it has scanned through 144,000 files and has come up with four bad boys. Two Trojans. One is called Exploit.Java.CVE-2010-4452a and Trojan-Downloader.Win32.Dapato.a. The Kapersky tool also found two instances of HEUR:Explot.Script.Generic
I figure that in about 4 more hours the full scan should be done. So far Kapersky seems to be doing it's job but I would like to hear the pros and cons about Kapersky before spending any money on the program. I have the 30 day free trial ready to install after the AV Removal Tool finishes it's work.
My employer, the California Department of Forestry and Fire Protection (Cal Fire) uses Kaspersky. I can't comment on it specifically but it seems to work fine; better than Norton ever was. Some of my co-workers use it at home too.
I personally use Avast! Internet Security which has caught a lot of junk for me. If I suspect some shenanigans are going on then I schedule a Boot Time scan and it does a good job of killing whatever it is.
The only thing about Avast is I pay for the professional level license (the basic is free) and it always triggers a Wells Fargo fraud unit phone call because they are in Eastern Europe. It's no big deal, I just tell WF it's legit, allow the charge. WF did catch an actual theft of my credit card numbers (something else, not Avast) so we had to cancel the cards and they overnighted new ones to us.
Kaspersky is probably one of the best programs out there. The downside is that it is very aggressive in the things it scans and monitors, and will slow your system down considerably once installed. I would not recommend it unless you are using a fairly new system, probably one that is less than 3 years old and has a processor with multiple cores. Something like Microsoft Security Essentials is much more light weight (and is free) if your system is older. In any case, you downloaded and installed the virus yourself. Windows has no way of knowing when your hard drives are going to fail.
Yes it has a tendency to bog down the computer at the first start up in the morning. My brand new 64 bit computer barely notices it there though.
Even Avast! takes up a lot of resources for the first 5 minutes or so doing whatever it does plus downloading new virus definitions.
Kapersky AV programs... So far it's performing well
After I finally got Kapersky installed, I chose a Quick Scan of critical areas. As soon as I clicked the start button, Kapersky found a root kit that I knew was probably installed. I had run Bit Defender and Malwarebytes prior, neither of those programs picked the root kit up. Kapersky also found another virus in called volsnap, which it took care of.
It is now running a full system scan and the CPU usage is at 4%, which is pretty decent.
After the full scan is done I'll create a system restore point if Kapersky does not do that for me.
Edit: The root kit was TDSS and the volsnap.sys was apparently corrupted by TDSS. Volsnap.sys is a valid Windows file so I will have to get a copy of a valid file back where it should be since Kapersky nuked it. Files are easy to replace.
Edit 2: Kapersky 'disinfected' the volsnap.sys file so I am good on that. This program, so far, seems to have a lot going for it. It's not like some I have seen that kept me in the dark as to what was taking place. For instance, some of the files were cataloged as "Action taken - postponed". I had to get into another GUI menu to start the cleaning process. I think this may be a safeguard against cleaning out a 'false positive' flag by Kapersky.
Our company has been using Kapersky for the past 4 years with virtually no problems. The biggest issue we have had with it is it slows down opening CAD files because it is scanning them before it will open. However once we figured out how to exclude CAD files from getting scanned we haven't had the problem.
Cy
Kapersky AV programs... So far it's performing well
I had Alueron like you do on a customer's computer earlier this year. All known virus programs failed to get rid of it, including Kaspersky and even their custom removal tool TDSSKiller. The rootkit and various viruses, trojans, etc. it would install always came back within a few hours because of the rootkit. I assume virus scan definitions have been improved by now, or at least the virus's authors are having a tougher time coming up with slightly different iterations of the rootkit that avoid detection and removal.
http://support.kaspersky.com/viruses/solutions?qid=208280684
As I have said before on other threads on this forum, I'd recommend anyone who has had a virus as of late to run the tdsskiller.exe program and check for a rootkit. It is a very quick scan.
Kapersky AV programs... Joe
> As I have said before on other threads on this forum, I'd recommend anyone who has had a virus as of late to run the tdsskiller.exe program and check for a root kit. It is a very quick scan.
When this problem started on my system, about three weeks ago I think, I tried running TDSSKiller and it just would not run. The problem could have been that the root kit or other malware was preventing it from running, or maybe the TDSSKiller file was just out of date for the newer malware/viruses being written.
I was able to run RKill, which is a fantastic program for killing malware but it cannot get them all. Browsing the web gave me some information on where one of the other malware programs stores some of it's files. I was not able to delete these files but I was able to cut/paste them into another folder which solved the particular problem of fake 'you are infected' pop ups from happening every 30 seconds or so. Until today the TDSS root kit has resisted every attempt to find it and deal with it.
Had it and loved it, however as mentioned it is aggressive and if you use ftp it will close the port at some time.
Kapersky AV programs... Joe
Rkill is a great tool and allows you to download or run scans that a rootkit would terminate.
I keep it on a thumb drive, for emergencies.
Rick
Had it for a couple years, but as mentioned ftp access is a problem, as was working with ActiveSync.
I switched to Microsoft Security Essentials and have been please with it's performance, and it's FREE.
I also use Malwarebytes.
