I wanted to find out what Kaspersky antivirus is really like. Read on to learn about Kaspersky’s security features, ease of use, customer support, and more.
www.safetydetectives.com
I am using Kaspersky Internet Securtity and I have no issues that it is run from Russia. I don't really care as I have used KIS for the last 10 years
made an account just for this because I was looking back on my old dism/admin logs I pulled before I got my pcie drives fried off my motherboard, and decided to see if anyone had the same issue recently after a massive cyber breach at a hospital I work for on almost this very date of feb - same name on the trojan found by windows. Just my 0.2, Kaspersky failed to detect any intrusion or notice any hardware changes - worst part about it was until VM Carbon Black stepped in since I offered them the bounty - kasp sat totally useless. After 9 remote sessions into my pc telling me every time that everything was fine, logs were good, and that nothing had been changed around - a full network compromise came right back through infected appx packages delivered through the gpu's driver update (Nvidia rtx 3080ti - yes we've already contacted them about this and sent them the card and files for an additional analysis) and brought everyone and everything down again at the end of march. After 6 loyal years its safe to say they're not on their A game anymore, all of the malicious payloads and changes occurring while Kaspersky was "monitoring" slipped right past them, a shredded dsim log off of a now dead pc spelled that one out for us. Additionally, for op
@RedLad - it literally took VM CB working hand in hand with them just on a personal level not even enterprise since I have family who work for them, 4 full days to even get something with endpoint detection, some of this firmware / bios malware is so advanced right now that half of whats being deployed looks damn near state sponsored to the untrained eye. If you were the unfortunate one to get hit with what we got, its much deeper than just a trojan, expect a rootkit and more, almost every part of the host machine(s) operating system that could be was hit with another backup dll or something of the nature to keep all the cogs in motion even if one was taken out of the picture. Also - after this trojan hit, despite coming back (most likely due to other processes) the rootkit and everything else was 100% able to survive bios writes and flashbacks / forwards if using an asus board (i've tried it on 3 separate boards with the same result - only had asus on hand though - Z590a gaming wifi, z590a-II gaming wifi, B550). Was extra tricky to find too because even the firmware for the corsair fan controllers on multiple pcs was modified using some new POC form of a much more invasive nLite / MSIX package injection tool coupled with MDM/Host Processes all being configured to hide themselves upon any sysinfo / task manager execution, constant log deletion, and executing commands that would increase cpu / network utilization to mask activity. 100% get a malware specialist for this one, even my hospitals network admin had to call in for extra help on this one. Granted I'm sure it's much less severe on a personal front, but I got hit just as hard as my work did. Stay safe and if you happen to be in the same boat I was - pm me and if it's not something that's already fixed, I'd be happy to provide the contact info to some great pen testers / bounty hunters working with Cylance and VM Carbon Black who would love to help out if they see some value in it.
Easy way to know is if they were able to drain all your accounts in minutes, bypass authentication on your own accounts using cookies, steal fingerprinting data stored by browsers (other than brave). Within 5 min - bitlocker was cracked wide open, kasperskys pass manager was clearly ripped apart as about 20 of my logins changed in succession for all banks - i store nothing outside of a pass manager ever) , travel or other sites that might've contained any sensitive info and blockades were set up around emails to prevent entry and closure of the accounts while passwords and user emails were all swapped. Ultimately it provided a breach which we were able to help work to close (ios 16.4.1 release) but allowed full screen sharing and swipe function shortcuts to be executed at any time. By far the craziest thing I've ever seen but these guys are getting crafty and AI fed malware is here and coming fast.
TLDR: OP GOT A NASTY TROJAN THAT IS 99.999999999999% COUPLED WITH A SUITE OF MALWARE AFTER INITAL BREACH -- GET MALWARE PROFESSIONAL HELP -- THESE GUYS ARE SMART, ALSO AI IS A FACTOR NOW WHICH TURNS EVEN SCRIPT KIDDIES INTO SOMEONE WHO CAN BRICK A COMPUTER EASY AS CAKE - F**K KASPERSKY - YOU WANT RESULTS? AND DONT WANNA RISK COMPROMISE FURTHER THAN WHAT'S BEEN DONE? GET END POINT DETECTION! IT IS WORTH THE MONEY - AND FOR ANYONE WHO SAYS "bUt ItZ eNtErPrIsE sOfTwArE - I can't get that" yes, yes you can make a damn llc, I can promise you now after having seen something like this and the wonderful identity theft that followed, id pay whatever to not have to monitor my credit 5x a week for the next 7 years (fun fact getting your identity stolen doesn't qualify you for a new social security number :) )
