poppster
Tell the truth and then run.
Premium
join:2003-12-23
Midwest
clubs:  | reply to cdbma
Re: The Best Free Antivirus Program?
Try AntiVir from Avira. I use it on all of my pc's. |
|
cdbma
join:2003-01-19
Bolton, MA
| reply to Mele20
I was about to download the AOL SW, but they apparently switched form Kaspersky to McAfee. I'm looking for an easy, intuitive, stress-free app for my daughter's new Vista laptop. Any thoughts on what AOL is now offering?
If this is not the way to go, I guess i'll check out the other free kits. I do need something that supports scheduled scans, as she will not remember to do it. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to jmorlan
I'm glad you found the workarounds. The Splash screen when updating didn't bother me but it does a lot of folks. The only real problem with the free version is that the update servers are slow. That is not a problem usually. But if Avira has a fat update or a major version upgrade like on April 19 then the servers for the free version get overwhelmed and it is a problem then. The servers for the paid versions are MUCH faster and there are no problems when major updates/upgrades happen. There has been much speculation as to why Avira allows the servers for the free version to have the problems. I assume it is to encourage users to buy Avira. It is not an expensive AV but I don't really know why they don't fix the servers for the free version.
I was using the free version, but about two-three months ago, there was a promotion in a German version of, I think it was PC magazine, some computer magazine that offered a SIX MONTH trial of the Personal Premium version. A whole bunch of us got it. So, I have the trial until the middle of October.
The rootkit detection module I think has been improved since April 19 when first released. I got it then and I believe it was at least part of the sudden printer problems I had. I haven't tried it since then.
The FP's are mainly with the Extended Threat Category of Security Privacy Risks. That was ON by default until the major upgrade on April 19. Now it is OFF by default. That is probably why you saw no FP's. If you turn that on Avira will flag stuff like Sysinternals PSTools (pskill.exe). So, either keep that turned off or exclude and exclude is not set up to work smoothly. We have asked Avira to fix that.
Avira has warts. But they all do. I think the paid version should have email support but support for both paid and free is just the forum. There are several Avira support personnel who are assigned to the forum which is good.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
 ·Pacific Bell - SBC
| reply to Mele20
said by Mele20  :First, I recommend Avira. It causes less problems than any other AV I have used. I did have a problem with the recent addition of the rootkit scanner so I uninstalled it. It's detection is equal to or better than KAV and it can be set to update every hour. It doesn't have bells and whistles like KAV but supposedly is getting some of those this fall (web checker). Avira is one of the few free AV's that I have not tried. Based on your recommendation I am giving it a try right now and have removed AVS.
So far I like it pretty well. The detection rates are good and I did not see any false positives when I let it do a full scan. I had heard that it had a high rate of false positives, but that was not the case for me. I don't need or want an email scanner or a web checker; just an unobtrusive real-time defense is what I look for in an AV and Avira offers exactly that.
However, there are a few things I don't like. They advise you to update frequently like every six hours. However the update "interval" option only works for times greater than one day. Otherwise, to set it for one hour using the interface, you would need to add additional tasks for each hour of the day and have them repeat daily. That's just stupid.
The other thing that I don't care for is the large intrusive nag-screen popup that you get when it updates. It's really unprofessional looking and I think it's likely to turn people off more than encourage users of the free version to upgrade.
Fortunately there are workarounds to both of these issues, but it took a while to find and apply them.
I did not have any issues with the rootkit detection. Are you using the free version? |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| reply to MikePal
said by MikePal :
You are wrong posting that. All technical details you posted here have nothing with iSwift technology. They are related to iStreams technology used in earliest KAV 5.0 versions.
iSwift technology used in KAV 6.0+ is implemented in different way. It doesn't create any streams in files, it doesn't modify files in any way. It uses it's own database to maintain list of checked files instead. It has no any problem with CHKDSK.
You are misinformed. AVS does not use iStreams. It uses both iSwift and iChecker but not iStreams. See screen shot earlier in this thread here. ISwift works as I described. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to MikePal
said by MikePal :said by jmorlan :said by lordpuffer :If I use AOL AVS, does it also download other AOL stuff? I don't want any other AOL stuff on my computer. One downside to AVS (and KAV) in my opinion is that it defaults to enabling the built-in iSwift technology which adds undocumented NTFS-identifiers to your NTFS indexes. It does this to speed up scanning by skipping files that have already been scanned and cleared. However, there appears to be a side-effect of this technology in that some (many?) systems will experience long pauses during or before stage 2 CHKDSK after these NTFS-identifiers have been added. In some cases CHKDSK may not be able to run to completion. ... You are wrong posting that. All technical details you posted here have nothing with iSwift technology. They are related to iStreams technology used in earliest KAV 5.0 versions. iSwift technology used in KAV 6.0+ is implemented in different way. It doesn't create any streams in files, it doesn't modify files in any way. It uses it's own database to maintain list of checked files instead. It has no any problem with CHKDSK. I don't know who you are since you posted anon but if by some vague chance you actually are connected to Kasperksy Labs which I doubt please post in the »Kaspersky, You lost me at ISwift..
thread and "enlighten" us.
Who said anything about ADS tags? We are not talking about KAV 5 but KAV 6 and 7 which have NTFS Identifiers added to each file and these Identifiers ARE causing problems with Chkdsk for a lot of us.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
MikePal
@kaspersky-labs.com
| reply to jmorlan
said by jmorlan :said by lordpuffer :If I use AOL AVS, does it also download other AOL stuff? I don't want any other AOL stuff on my computer. One downside to AVS (and KAV) in my opinion is that it defaults to enabling the built-in iSwift technology which adds undocumented NTFS-identifiers to your NTFS indexes. It does this to speed up scanning by skipping files that have already been scanned and cleared. However, there appears to be a side-effect of this technology in that some (many?) systems will experience long pauses during or before stage 2 CHKDSK after these NTFS-identifiers have been added. In some cases CHKDSK may not be able to run to completion. ... You are wrong posting that. All technical details you posted here have nothing with iSwift technology. They are related to iStreams technology used in earliest KAV 5.0 versions.
iSwift technology used in KAV 6.0+ is implemented in different way. It doesn't create any streams in files, it doesn't modify files in any way. It uses it's own database to maintain list of checked files instead. It has no any problem with CHKDSK. |
|
dantz
join:2005-05-09
Honolulu, HI | reply to jmorlan
I'm not particularly concerned about the fragmentation itself; I'm just using that as a marker to show me which areas are active during a scan, and thus a likely location of the NTFS identifiers. But yes, I'll switch to the other thread. |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| reply to dantz
There are a number of utilities that can defrag metadata. I have at least two and they both report that my metadata is not fragmented at all. Yet I still have the CHKDSK issue. If it were just a matter of defragging metadata, I think it would be a minor issue with an easy fix.
I believe this issue is different.
We probably should move this discussion over to the new thread. |
|
dantz
join:2005-05-09
Honolulu, HI
·Hawaiian Telcom
| reply to jmorlan
said by jmorlan : dantz , I think your analysis of these mysterious NTFS identifiers is correct. Here is a link that explains about NTFS "object identifiers" and how they work. Essentially an attribute is added to each file which uniquely identifies it. » msdn2.microsoft.com/en-us/librar···997.aspxHere is code which will delete object identifiers: » msdn2.microsoft.com/en-us/librar···559.aspxWhat we need is a simple program that will run that last routine on every file on disk and I think we will have the problem solved. Thanks. I'm not too sure that's the appropriate code, but I'll look into it. My focus is centered in the MFT's extended attributes, particularly $Extend\$ObjID:$O, as this area showed extensive fragmentation immediately after running a KAV filescan. |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| reply to Mele20
I tried to turn iSwift off in the registry, but it wouldn't let me make the change no matter what I did to the permissions. I'm not sure how to turn off self-defence in AVS, but changing those registry values may not work anyway according to this thread. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to jmorlan
said by jmorlan :If you use AVS (or KAV) there is an option to turn iSwift off and I recommend that you do (see above screenshot). However, if you run a scan with it on, you will have those NTFS-identifiers forever and there is no going back. However, if your system was clean to begin with, there's really no need to do an initial scan and you will still get AVS's excellent real-time protection should a parasite get downloaded or try to execute on your system. First, I recommend Avira. It causes less problems than any other AV I have used. I did have a problem with the recent addition of the rootkit scanner so I uninstalled it. It's detection is equal to or better than KAV and it can be set to update every hour. It doesn't have bells and whistles like KAV but supposedly is getting some of those this fall (web checker).
As for the Kaspersky chkdsk problems, Lucian is saying that the only way to turn off ISwift for the file checker is to do so in the Registry (and that may not work). Evidently turning off ISwift for the file checker cannot be done from the GUI so apparently it doesn't matter if one is careful to turn it off for the on demand scanner. I never ran a full scan when I had KAV 2006 and the first thing I did was turn off ISwift and Ichecker yet I still had damage to Chkdsk which has remained after removing KAV back in Nov 2006. ISwift cannot be turned off for the file checker in 2007 version either unless it does work to do so in the Registry.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
HA Nut
Premium
join:2004-05-13
USA | reply to jmorlan
Interesting discussion about KAV 6. I ran it for nearly a year and wondered why CHKDSK ran so slow in comparison to other PCs. Thankfully, mine never froze... |
|
StraitShoot
Who Loves Ya Baby? - Theo Kojak
Premium
join:2003-02-08
Clinton, MA
| reply to dantz
said by dantz :said by StraitShoot :Well, according to this thread, if you uninstall KIS or KAV 6 the ISwift goes away, but even they in the forum seem to ignore the issue. Nope, sorry, that doesn't work. I played with it and you're correct...
Jim
--
"Who Loves Ya Baby?" |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| reply to dantz
dantz , I think your analysis of these mysterious NTFS identifiers is correct. Here is a link that explains about NTFS "object identifiers" and how they work. Essentially an attribute is added to each file which uniquely identifies it.
»msdn2.microsoft.com/en-us/librar···997.aspx
Here is code which will delete object identifiers:
»msdn2.microsoft.com/en-us/librar···559.aspx
What we need is a simple program that will run that last routine on every file on disk and I think we will have the problem solved.
Antaeogo , that's a separate issue. This CHKDSK problem is not caused by NTFS ADS. There were problems with metadata fragmentation, but this is a separate issue. |
|
dantz
join:2005-05-09
Honolulu, HI
·Hawaiian Telcom
1 edit | reply to StraitShoot
said by StraitShoot :Well, according to this thread, if you uninstall KIS or KAV 6 the ISwift goes away, but even they in the forum seem to ignore the issue. Nope, sorry, that doesn't work. You can uninstall KAV and/or delete the several "fidbox" files, but the so-called "NTFS identifiers" that were added to the NTFS indexes will still remain. If you are getting the CHKDSK lag, you will keep on getting it. If CHKDSK crashes after the lag, it will keep on crashing. To the best of my knowledge, the changes that were done to the NTFS filesystem cannot be undone by merely uninstalling the program and/or deleting the fidbox files.
Here's a link to the main thread on the Kaspersky forum that discusses this issue in greater detail (18 pages and counting):
»forum.kaspersky.com/index.php?sh···ic=14995
You can also search the KAV forums for "chkdsk" and find a few other related threads.
My current thinking about the fidbox files is that they are a database containing copies of the NTFS identifiers, the last scanned dates, the virus definition version in effect when each file was scanned, etc. that is used for comparison purposes, i.e. for each file being scanned, the index value of the NTFS identifier is compared to the fidbox data, then KAV decides how to handle that file. I think that each file's NTFS identifier is also updated or appended during the scan. I'm just guessing at this point, but eventually I will figure it out. I'm continuing to research this issue and will post my results on the main thread. |
|
clocks11
join:2002-05-06
00000 | reply to StraitShoot
I can say I have uninstalled, and still have the delay. I guess it could be something else, but I doubt it. |
|
StraitShoot
Who Loves Ya Baby? - Theo Kojak
Premium
join:2003-02-08
Clinton, MA
| reply to jmorlan
Well, according to this thread, if you uninstall KIS or KAV 6 the ISwift goes away, but even they in the forum seem to ignore the issue.
I will play around later and let you folks know.. and if it's true, I will uninstall KIS and go with AVG. I've had it with all these "little" surprises the AV companies play. Sometimes it seems the cure is worse than the disease with these guys...
»forum.kaspersky.com/index.php?s=···ry212917
--
"Who Loves Ya Baby?" |
|
jmorlan
Hmm... That's funny.
Premium
join:2001-02-05
Pacifica, CA
·Pacific Bell - SBC
| reply to hpguru
Some people see just a minor delay, others a much longer one. Mine is about 10 minutes at the beginning of Stage 2. Some users have reported not being able to get CHKDSK to run to completion.
For many it is just a minor annoyance, for others it's a deal breaker.
Kaspersky has an excellent reputation, but their unwillingness to acknowledge the problem despite numerous documented cases and complaints is disappointing. ISwift is proprietary technology, so it's not easy for a 3rd party to devise a removal tool. In my opinion, Kaspersky really should step up to the plate and offer a removal tool for those users who are affected by this bug.
In the past they did it for iStreams, why not for iSwift? |
|
hpguru
Curb Your Dogma
Premium
join:2002-04-12
| reply to dantz
said by dantz :...try running CHKDSK on Drive C and see if your system experiences a noticeable delay at the beginning of Phase 2 (or "Stage" 2, if you scheduled CHKDSK to run after a reboot). If you are lucky this is all that will happen, but some people experience worse symptoms. I just checked. There is indeed a slight delay over what I would expect but nothing serious. I suppose if one makes a habit of watching chkdsk it would seem like it is taking forever but it isn't but just a moment. Besides, when I have occasion to scan my disks, I schedule them, reboot and go do something else for a while.
--
The Gospel of Supply Side Jesus |
|
