clocks11
join:2002-05-06
00000 | reply to dantz
Re: The Best Free Antivirus Program?
I wish I read your post about this sooner. I have the dreaded delay now. It will be a long time before I use anything Kaspersky again. |
|
hpguru
Curb Your Dogma
Premium
join:2002-04-12
| reply to dantz
said by dantz  :...try running CHKDSK on Drive C and see if your system experiences a noticeable delay at the beginning of Phase 2 (or "Stage" 2, if you scheduled CHKDSK to run after a reboot). If you are lucky this is all that will happen, but some people experience worse symptoms. I just checked. There is indeed a slight delay over what I would expect but nothing serious. I suppose if one makes a habit of watching chkdsk it would seem like it is taking forever but it isn't but just a moment. Besides, when I have occasion to scan my disks, I schedule them, reboot and go do something else for a while.
--
The Gospel of Supply Side Jesus |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
 ·Pacific Bell - SBC
| Some people see just a minor delay, others a much longer one. Mine is about 10 minutes at the beginning of Stage 2. Some users have reported not being able to get CHKDSK to run to completion.
For many it is just a minor annoyance, for others it's a deal breaker.
Kaspersky has an excellent reputation, but their unwillingness to acknowledge the problem despite numerous documented cases and complaints is disappointing. ISwift is proprietary technology, so it's not easy for a 3rd party to devise a removal tool. In my opinion, Kaspersky really should step up to the plate and offer a removal tool for those users who are affected by this bug.
In the past they did it for iStreams, why not for iSwift? |
|
StraitShoot
Who Loves Ya Baby? - Theo Kojak
Premium
join:2003-02-08
Clinton, MA
| Well, according to this thread, if you uninstall KIS or KAV 6 the ISwift goes away, but even they in the forum seem to ignore the issue.
I will play around later and let you folks know.. and if it's true, I will uninstall KIS and go with AVG. I've had it with all these "little" surprises the AV companies play. Sometimes it seems the cure is worse than the disease with these guys...
»forum.kaspersky.com/index.php?s=···ry212917
--
"Who Loves Ya Baby?" |
|
clocks11
join:2002-05-06
00000 | I can say I have uninstalled, and still have the delay. I guess it could be something else, but I doubt it. |
|
dantz
join:2005-05-09
Honolulu, HI
·Hawaiian Telcom
1 edit | reply to StraitShoot
said by StraitShoot :Well, according to this thread, if you uninstall KIS or KAV 6 the ISwift goes away, but even they in the forum seem to ignore the issue. Nope, sorry, that doesn't work. You can uninstall KAV and/or delete the several "fidbox" files, but the so-called "NTFS identifiers" that were added to the NTFS indexes will still remain. If you are getting the CHKDSK lag, you will keep on getting it. If CHKDSK crashes after the lag, it will keep on crashing. To the best of my knowledge, the changes that were done to the NTFS filesystem cannot be undone by merely uninstalling the program and/or deleting the fidbox files.
Here's a link to the main thread on the Kaspersky forum that discusses this issue in greater detail (18 pages and counting):
»forum.kaspersky.com/index.php?sh···ic=14995
You can also search the KAV forums for "chkdsk" and find a few other related threads.
My current thinking about the fidbox files is that they are a database containing copies of the NTFS identifiers, the last scanned dates, the virus definition version in effect when each file was scanned, etc. that is used for comparison purposes, i.e. for each file being scanned, the index value of the NTFS identifier is compared to the fidbox data, then KAV decides how to handle that file. I think that each file's NTFS identifier is also updated or appended during the scan. I'm just guessing at this point, but eventually I will figure it out. I'm continuing to research this issue and will post my results on the main thread. |
|
Antaeogo
join:2002-07-13
Columbus, GA | reply to lordpuffer
A long time ago when I installed KAV (briefly), I used sysinternals "Streams" utility to remove the junk NTFS ADS. You can still get it from Microsoft here. |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| reply to dantz
dantz , I think your analysis of these mysterious NTFS identifiers is correct. Here is a link that explains about NTFS "object identifiers" and how they work. Essentially an attribute is added to each file which uniquely identifies it.
»msdn2.microsoft.com/en-us/librar···997.aspx
Here is code which will delete object identifiers:
»msdn2.microsoft.com/en-us/librar···559.aspx
What we need is a simple program that will run that last routine on every file on disk and I think we will have the problem solved.
Antaeogo , that's a separate issue. This CHKDSK problem is not caused by NTFS ADS. There were problems with metadata fragmentation, but this is a separate issue. |
|
StraitShoot
Who Loves Ya Baby? - Theo Kojak
Premium
join:2003-02-08
Clinton, MA
| reply to dantz
said by dantz :said by StraitShoot :Well, according to this thread, if you uninstall KIS or KAV 6 the ISwift goes away, but even they in the forum seem to ignore the issue. Nope, sorry, that doesn't work. I played with it and you're correct...
Jim
--
"Who Loves Ya Baby?" |
|
HA Nut
Premium
join:2004-05-13
USA | reply to jmorlan
Interesting discussion about KAV 6. I ran it for nearly a year and wondered why CHKDSK ran so slow in comparison to other PCs. Thankfully, mine never froze... |
|
RonT
join:2003-11-21
Mishawaka, IN
| reply to StraitShoot
said by StraitShoot :1. As a Comcast subscriber, I can have the "privilige" of using McAfee Internet Security for free.. » www.comcast.net/security/?CM.src=top Thanks but no thanks...I found it to be a resource hog and it keeps sending me pop ups to be stuff I don't need or want. The folks at McAfee should read this book here before making such lame attempts to sell their Comcast subscribers more crap...» www.sethgodin.com/permission/ FWIW, I'm a Comcast subscriber also and have used their McAfee offering for 2 years...have never got a pop-up from the software at all. |
|
technovert
Premium
join:2007-06-14
Canada
clubs: | reply to lordpuffer
I really like the AOL Active Virus Shield I have been very happy with it and am using it on several pcs. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to jmorlan
said by jmorlan :If you use AVS (or KAV) there is an option to turn iSwift off and I recommend that you do (see above screenshot). However, if you run a scan with it on, you will have those NTFS-identifiers forever and there is no going back. However, if your system was clean to begin with, there's really no need to do an initial scan and you will still get AVS's excellent real-time protection should a parasite get downloaded or try to execute on your system. First, I recommend Avira. It causes less problems than any other AV I have used. I did have a problem with the recent addition of the rootkit scanner so I uninstalled it. It's detection is equal to or better than KAV and it can be set to update every hour. It doesn't have bells and whistles like KAV but supposedly is getting some of those this fall (web checker).
As for the Kaspersky chkdsk problems, Lucian is saying that the only way to turn off ISwift for the file checker is to do so in the Registry (and that may not work). Evidently turning off ISwift for the file checker cannot be done from the GUI so apparently it doesn't matter if one is careful to turn it off for the on demand scanner. I never ran a full scan when I had KAV 2006 and the first thing I did was turn off ISwift and Ichecker yet I still had damage to Chkdsk which has remained after removing KAV back in Nov 2006. ISwift cannot be turned off for the file checker in 2007 version either unless it does work to do so in the Registry.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| I tried to turn iSwift off in the registry, but it wouldn't let me make the change no matter what I did to the permissions. I'm not sure how to turn off self-defence in AVS, but changing those registry values may not work anyway according to this thread. |
|
dantz
join:2005-05-09
Honolulu, HI
·Hawaiian Telcom
| reply to jmorlan
said by jmorlan : dantz , I think your analysis of these mysterious NTFS identifiers is correct. Here is a link that explains about NTFS "object identifiers" and how they work. Essentially an attribute is added to each file which uniquely identifies it. » msdn2.microsoft.com/en-us/librar···997.aspxHere is code which will delete object identifiers: » msdn2.microsoft.com/en-us/librar···559.aspxWhat we need is a simple program that will run that last routine on every file on disk and I think we will have the problem solved. Thanks. I'm not too sure that's the appropriate code, but I'll look into it. My focus is centered in the MFT's extended attributes, particularly $Extend\$ObjID:$O, as this area showed extensive fragmentation immediately after running a KAV filescan. |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| There are a number of utilities that can defrag metadata. I have at least two and they both report that my metadata is not fragmented at all. Yet I still have the CHKDSK issue. If it were just a matter of defragging metadata, I think it would be a minor issue with an easy fix.
I believe this issue is different.
We probably should move this discussion over to the new thread. |
|
dantz
join:2005-05-09
Honolulu, HI | I'm not particularly concerned about the fragmentation itself; I'm just using that as a marker to show me which areas are active during a scan, and thus a likely location of the NTFS identifiers. But yes, I'll switch to the other thread. |
|
FF again
join:2003-06-13
Finland | reply to lordpuffer
So far only SAM 2007.1 has full filled all my requirements. Multilingual, fast & easy web surfing, infection free etc.
Best regards,
FF again! |
|
lordpuffer
I Was Very Drunk At The Time
Premium
join:2004-09-19
West Hollywood, CA
 ·T-Mobile US
 ·Vonage
 ·RoadRunner Cable
·AT&T Yahoo
| I have a few questons.....First of all , I took the above posters' advice, and I disabled iSwift before I ran a C:Drive scan. So I should be fine, right? It did, however, on it's own, start scanning the startup files before I could disable it. I had no chlice. It happened on it's own. Am I still ok? Also, what is CHKDSK? How would I know if I'm having a lag. I'm not sure what it is and when you would see the lag.
I also tried to install the AOL AVS on my friend's new computer that has Vista. During the installation, I kept getting an error message and it would not install. Does it not work with Vista? |
|
dantz
join:2005-05-09
Honolulu, HI
·Hawaiian Telcom
| said by lordpuffer :I have a few questons.....First of all , I took the above posters' advice, and I disabled iSwift before I ran a C:Drive scan. So I should be fine, right? It did, however, on it's own, start scanning the startup files before I could disable it. I had no chlice. It happened on it's own. Am I still ok? Also, what is CHKDSK? How would I know if I'm having a lag. I'm not sure what it is and when you would see the lag. I also tried to install the AOL AVS on my friend's new computer that has Vista. During the installation, I kept getting an error message and it would not install. Does it not work with Vista? Chkdsk is also known as Check Disk. One way to access it is to go into My Computer, right-click on one of your drive letters (usually C), then choose Properties, then the Tools tab. Under Error Checking, click Check Now. In most cases you would also tick the "Automatically fix file system errors" checkbox. (Leave the second box blank). Then click on Start. If you are testing your C drive, Windows will offer to run the disk check at the next reboot.
Chkdsk can also be accessed via the command line, and this is the preferred method for most users.
When chkdsk is running it normally goes from the end of Stage 1 directly into Stage 2 with no lag whatsoever. If all you see is a short lag at the start of Stage 2 and nothing else is amiss, I recommend not worrying about it. However, if chkdsk has a very long lag, freezes up or even crashes, then you can start to wonder what's going on. However, the majority of users will experience nothing more than a short (and hopefully harmless) lag.
PS: I'm not sure what to tell you about AVS and Vista. A Vista-compatible version was recently released, but I have not looked into it. |
|
