Is KAV working on chkdsk ?

Agreed.
Personally I like to hear about problems others are having with different software.
Does it stop me from using it: No!
It does make one aware of possible problems and I also know that it may not affect me cause all systems are different.
Rants carried overboard are another story.
There is no reason to tear apart vendors or other posters for expressing their opinions.
Hey, we're all different and have different ideas.
That's what makes these forums so interesting.

 

Here is my take on the whole matter - it doesn't matter if a vanishingly small percentage of users are affected. As a user, I have no idea if using KAV is going to cause this problem for me and I am not willing to take the chance, since the effects are quite extreme - messing with data structures on the file system is a pretty serious offense IMO, and I speak as a developer.

This is not a trivial programming error, its clear they knew about this in the previous versions but went ahead and wrote sloppy code and took a long time owning up to their mistake. Its quite bizzare since the actual scanning engine is top notch.

Frankly, there are many many security products with maybe a few % difference in actual performance. I'd rather choose one which is not going to have issues like this. Security is a set of practices not just choosing a single product and I don't want to take the risk.

 

Well stated.
It is a shame. I was using KIS7 and it did work very well until...
I had to do a reformat. Nice to have a computer that runs so well again.
I didn't realize that previous problems existed till all this came out.
For me the trust is gone no matter what they do from this point on.
I think the percentage is alot higher then they are saying at this point.
As time goes on this ugly problem will start rearing it's head more and more.
Users who are having problems now and don't know why and others who will develop these symtoms down the road will begin popping up.
This is just the beginning!

 

Having worked in the IT business and doing a lot of troubleshooting in my job, I can tell you that there are two standard responses when an answer to a reported problem cannot be found: 1) No trouble found and 2) Cannot duplicate problem.

 

Just some comments that seem in order....

I don't believe that there is any debate on problems being present, and serious ones at that. What remains in question is:

• Whether all KAV/KIS users will inexorably suffer the fate of a corrupted disk. People continually saying that this will happen doesn't make it so and from a distance I simply don't see a surge in what I'd call real problems. I don't know that it won't happen. However, I wouldn't expect it at this point based on the empirical evidence that I've seen.
• A connection between the stage 2 chkdsk slowdown and severe issues of disk corruption. Everyone see the former, that doesn't mean all will experience the latter. Technically, I don't see a direct correlation.
• Are the reports of what I'd call genuine problems directly caused by KAV/KIS or is it a secondary relationship. I realize, if you're disk is corrupted, it doesn't matter. However, this speaks to the magnitude of the potential issue. It may be significant, or on the same order as the usual software conflicts seen daily.

Where I start to have a significant problem in this whole discussion, are comments such as:

To be completely fair, this statement was fairly accurate when Straight Shooter experienced his problem. A complete wipe was potentially the safe solution and no others had been proposed. KL support was, and remain, all too quiet on the subject as well. However, this approach is clearly no longer the sole solution and arguably wasn't the best solution for many people who have and continue to go by this route. Whether a wipe is required depends on a lot of factors. It is not the sole solution. I realize that if you have wholesale disk corruption, it does remain the solution.

or

I've already been singled out in this thread by Mele20, so I suppose that you referring to me as a shill for, or employee of, Kaspersky. For the record, I'm neither (employee definitely, as for shill, I try not to be that for anyone). I do try to be balanced in my comments, and I expect the same from others. You might read some of the comments on this subject that I have posted to the KL forum or DSLReports, they're not the comments of a shill.

Of course, I also seem to elicit comments such as:

I'm still waiting for an example in which my comments have played out in this fashion in any thread on this or any other topic cached anywhere on the Internet. So far, none have been offered.

The fact of the matter is that this is gratuitous and, to be perfectly blunt, abusive hyperbole which underminds the credibility of those who are currently experiencing or have experienced genuine problems and are attempting to articulate their situation and describe their symptoms. The Internet is already a noisy place. It needs less noise, not more.

Mele20 then notes that

Let's think about this for a second. If you have an image, or even better, have the capability to create an image today, you can at your leisure try out that command line approach that I have apparently been carpet bombing the Internet with and actually see if it works, and if it doesn't, simply roll back the image. Of course, you'd only do that if you have a problem that you wish to resolve. If one actually believes that an inexorable corruption of a disk is in the offing, trying what's available would seem a reasonable course of action to me, but that's just me.

People can reasonably disagree with what I, or others, say, but it doesn't need to be fueled with gratuitous invective flying across the net.

Blue

 

Basically you're saying that a very serious problem exists but its not known when or if it will manifest itself. How do you define a 'real problem'? In your opinion if I just experience chkdsk slowdowns is it ok for me to keep using Kaspersky knowing one day my entire filesystem could be corrupted, but taking comfort in the fact that it doesn't happen too often?

I think requiring a reformat makes this a little bit more serious than that.

Why would anyone install a product which can cause disk corruption ?! Even if it was 10 times better (which its not) and if there were no alternatives (which there are plenty), I'd still hesitate to recommend it.

This is a MUCH more serious issue than a software crash. At worse buggy software can cause a BSOD which just needs a restart, it doesn't require me to reformat my disk. Thats the definition of malware!

 

No, I didn't say that. I said that there are specific cases present and that some of them are serious. If a person can't boot their system, that's serious. If a partition is questionable and chkdsk cannot complete, that's serious. If chkdsk takes hours to complete, that's serious.

My personal read of the reports are that they are low in number. Are these specific problems directly tied to KAV/KIS? I don't know. Now, you can obviously point to "all those time bombs" waiting to blow, but do you actually have a technically sound basis on which to make that statement? I don't and I've also been explicit in stating that I don't know if the converse holds.

Why don't you take a moment to read all my posts on this topic before jumping to conclusions? KL had not done their homework in creating iSwift, they have not performed what I'd call sufficient due diligence in investigating it from the start, and their support statement suffered from amateurish execution. Basically, they don't know how to manage this type of situation. That's clear.

At this point a number of systems that could have shone light of the issue have been wiped clean, and I don't blame the owners for doing so.

In a nutshell, this comment is representative of the primary issue I have. Stage 2 of chkdsk slows down, it has to, there is more information to process. Jumping from that behavior immediately to disk corruption is where I part company. Your filesystem could be corrupted any day by almost piece of software that touches it at a low level.

I've experienced a number of cases in which I installed program X, problem Y follows, and program X was not the direct cause of problem Y. It was program X interacting with program Z and program Z was the direct cause of the problem. Depending on who does what, without any other information, either X or Z or both could be the cause of Y, and it's the detail oriented investigation that is missing in this case. A specific example of this that I recently experienced is provided by ShadowDefender (SD) and Acronis True Image. I installed SD and was experiencing spontaneous reboots. The cause was a conflict with the Acronis TI snapshot manager - as for who is responsible for the conflict, that's up in the air at the moment.

and what makes you believe that a format is required?

You've now made that leap, this particular piece of software can cause (i.e. be the direct agent of) disk corruption. End of story. Can you please provide some definitive technical evidence of this? Not time based anecdotal time correlated suspicion as I mentioned above with SD/Acronis TI - something firm - as I did in that case - a minidump that pointed directly to snapman.sys.

Actually, any program that causes a crash while performing operations like a disk write are problematic. You should know this. If a system is crashing, the likelihood of soft corruption of the disk goes through the roof. If you think BSOD's are definitively more benign than iSwift, you have a lot to learn. The only times I've ever had to reformat were immediately following hard BSOD's.....

Regards,

Blue

 

I have always been leary of Kaspersky as a v5 Kav did take my last laptop down with a hard BSOD & yes I had to do a reformat & no I didn't have a backup but not my business machine tho I still was not happy. On the point at hand I like kaspersky's detection #'s they cannot be doubted as tests prove them to be at the top. However with that said be leary of test results, they don't always prove to be the bottom line in selection of AV protection, yes important. But itsn't the execution of the program just as important?, how well written it is, how it effects you over all performance?. What's the point of great detection if you machine moves like a slug?. The bottom line is the program really protecting your machine or making you think that it is. Companies produce what they think people will buy. So they cut a few corners corrupt a few disks, over all the % is low. Those few people can't really hurt kaspersky I think that's why it's fair to hear from those few. If 5% have the program & it causes a corrupt disk is that really acceptable?, I think not...

 

No, I cannot, since I don't own Kaspersky products.

I disagree. NTFS is quite resistant to failure and is transactional (even more so in Vista). I've suffered thru my fair share of crashes and none of them have resulted in disk corruption.

My point is there is a possibility of corruption and a format may be required as a result. Its not a 100% certainty but a chance, however small. And that is enough to stop me from using it.

You may argue that any low level disk operation carries the same risk (such as your example with TI) and I agree completely. But a virus scanner has no business doing low level disk operations, and that too in a buggy way. Thats the crux of the problem.

 

correct.

before i pay for my KIS yearly subscription, i run a lot of chkdsk to verify that chkdsk/KIS problem....negative!

i bet user who experience this chkdsk/kasp problem is less than 100user, compare to 200Million user of Kaspersky.

goodluck guys for you never ending insecurity.

 

If I had a decent sense that KAV/KIS was the determinant cause, I'd absolutely agree. However, I don't, nor do I have an obvious pathway based on a sound fundamental breakdown of the situation. On the other hand, if someone makes a determination that the possibilities are too fluid on the down side for them, that's a valid personal factor, just like many others a person weighs in rendering a product purchase decision.

How do you know their implementation is buggy? Do you even know their implementation?

To me, there are simply too many unknowns floating around and the discussion participants simply refuse to acknowledge this on either side. Separating objective facts, from reasonable speculation, from idle conjecture, and finally from technically unsound hysteria is what this discussion is all about. If you were to tally what's out there, I'd rank hysteria at the top and objective facts at the bottom with the other two rounding out the middle.

For example, in one case out there the user described what I (and I think anyone else) would term genuine issues, the user also noted frequent power drops that resulted in unplanned system shutdowns. Is KAV/KIS the cause here?

Well, iSwift comes a whole slew of file object ID creation events. Does this make a system more prone to file system corruption in the event of power drops? I'd hazard to guess probably, although it will likely depend on KAV/KIS settings and how that user runs their PC. Again, is KAV/KIS the direct cause? Clearly, one could posit a heightened sensitivity to problems in this particular case.

As I've stated explicitly elsewhere:

My own reasoning behind that statement is embedded in comments in various threads. If I thought any of my systems were in danger of a compromise, I'd pull the program in a heartbeat, but I simply don't see that as yet. But it's an issue I watch, it's why I comment on these threads, and I'll adjust my position in the future if warranted.

Blue

 

OK, I gave this a "field test"...

I ran ZoneAlarm AV for two weeks, allowed it to do a full system scan, including all hard disks, including one partition I had kept as a "test subject" for the impact of iSwift technology. After two weeks, I have reformatted every partition except my "test subject" partition, and now, whenever I scan it with chkdsk, I do notice a 12-second delay before stage 2 begins, but everything sails smoothly after that. Of course, 12 seconds may very well be normal

I have heard rumours of KAV/clones causing MFT fragmentation, is this true? I do not know. As of right now I have not had any conclusive evidence of the issue causing MAJOR problems with chkdsk (the delay is indeed there, but 12 seconds is more than OK for me). Does this mean I should keep using ZoneAlarm Security Suite? I am not sure at this point. Any advice?

 

BlueZanetti, you have obviously investigated the issue in detail and know much more about the risks involved. My reactions are not based on first hand experience (like I said I haven't used Kaspersky beyond the free trial) but on what others have reported.

So in your opinion :-

1. Do you think there is a negligible risk of serious disk problems with KAV7?
2. Would you recommend it?

 

To go from 2-3 minutes to run chkdsk to over one hour IS a big deal to me.

As for hard drives being cheap...I don't think so. The external hard drive I bought about two years ago is 80GB (largest I could get here at the time) and it cost $100. I just bought a SATA-II 3GB/s 300GB internal drive with Native Command Queuing and 16MB cache for $120. I don't consider that cheap but maybe its because I live on a fixed income.

 

I can't boot to the TI boot disk on this computer. I could on my computer that this one is a replacement for. Acronis says the reason is because I have TI8 and was using XP Pro SP1 on the other computer. This computer came with XP Pro SP2 and TI8 won't work on SP2. I was told to buy TI 10. I haven't had the money. So, I can make an image but I can't restore. I can only use the image for copying files.

So, as I mentioned in my post above this one, one reason I bought a new Seagate drive instead of some other brand was because SeaDisk now has TI 10 (not the full version, but from reading the manual, it appears the only missing is the ability to do incremental images which I think are "iffy" anyway).

Yes, I can try your command line method if I ever get this drive installed...I have never installed a hard drive before and I want to dual boot so I have to know how to set that up and it appears I also need a floppy boot disk. I have a floppy drive but most Dells don't so why a floppy is required to install this new hard drive puzzles me. Then there is problem that in order to use Native Command Queuing, I have to use the RAID drivers but I am not usng RAID. I don't how this will affect installing a second hard drive.

It is a shame that using SeaDisc's TI 10 to clone everything on the current drive to the new one won't get rid of the Object Identifiers. I have been given information on other methods of moving the contents of the current drive to the new one that would remove the object identifiers but it seems complicated and I don't need any more complications than I may have just from installing a drive after moving the current one (I don't even understand why I have to move the current drive to a different bay).

 

Currently, absolutely yes. Now, my main basis for that is the observation that initial problem reports emerged immediately during beta testing with another few on release. If this were a general problem there should be a growing surge of reports emerging. There are not. Let's keep in mind that AOL AVS (last years version) was KAV based. There is a huge installed base due to the engine licensing. All V6/V7 engines are impacted. Where is the surge in problems relative to any other AV?

If it fit your requirements, yes, but I believe that people fixate too heavily on the absolute highest level of detection as indicated by on-demand tests. As you've noted, there are plenty of options to choose from and I believe people should examine all of them. For the record, my own machines run one of the following options: KAV WKS V6, NOD32, F-Prot, or Dr Web

I do have it (KAV WKS V6 version) installed on multiple machines now. I do run it on my more sensitive machines which hold banking and tax records, i.e. PC's that are the last I would want to inflict disk problems. I do not use a default install or configuration (the web AV, antispy, and antibanner modules are not installed and/or disabled, all else is default or lower, I don't scan endlessly, and there is no scheduled regular system scan).

I believe V6 or V7 of KAV/KIS is an excellent option for anyone with the current V7 preferred.

Blue

 

Huh? TI8 works fine with XP SP2. There may be a SATA issue, but it's not an SP2 issue.

Just a comment - you seem to be planning to change multiple items at once, in areas where you're inexperienced. This is not a good combination.

Why do you think you need a floppy? I never have.

But that clone allows you the luxury of fiddling around to you hearts content without touching your primary source drive. Let's say you clone and really muck up handling the new drive. Format it and you are where you are today.

Well, if you have master/slave determined by cable select (CS), that would be one reason.

Blue

 

here's an interesting answer on Kaspersky chkdsk problem & suggests using chkdsk/l option: see this link to kaspersky...It also explains how Istreams & I swift work. I'm not sure if you should take their word for it but thought I'd post this anyway...

http://www.kaspersky.com/support/kav7/error?qid=208279501

 

Could you provide me with proof that I have been posting "day after day", "week after week"? That statement really puzzles me. There has been NO interest at Wilders for a long while in the KAV chdsk problem until this thread. The REAL interest has continued at dslreports...not here. Now, if I was posting "day after day", "week after week" here about this then where are all threads I must have started?

 

That is the infamous "hidden" report where Kaspersky admits that Microsoft slapped them down over their reckless use of Object Identifers. That is Kaspersky's pathetic "attempt" to offer a tiny bone to those of us with the problem rather than produce a tool to get rid of the object identifiers. It was that report and admission that Microsoft had officially stated that Kaspersky was wrong to do what they did (and they knew they were wrong but continued the wrong in the 2007 version) that restarted Straitshoot's thread at dslr. It also got the KAV fanboys saying really nasty stuff about dslreports security forum at the KAV fanclub forum and me and Straitshoot. I don't mind. I am warning folks and if I can save one person from this mess then I don't care how many fanboys say nasty stuff about me.

 

Mele20, believe me,and i know because I was declared dead at the hospital a few years ago (luckily I survived!) life is too short to keep struggling over a piece of Software.
Have a nice day.

 

sorry wasn't trying to refan the fire here...

 

I agree.

It becomes useless to keep ranting about something even if the rants have merit - because if the involved company clearly doesn't care, then they cannot be compelled/forced to change. In today's world it is sales and business and marketing that induces changes and drives companies, not the resolve or determination to do something good that will help a lot of people.....

In any case, it is clear that this chkdsk issue is indeed something worth raising an eyebrow at. Now whether Kaspersky wants to do something about it is their call.