0

I've been using Kaspersky Total Security for quite some time even though I'm not an Information Security professional, I heard it was considerably efficient. Yesterday, though, I was navigating through some suspicious websites and I'm afraid my PC might have been infected by something (mostly because of a weird task in my Task Manager named KMS Connection Broker as well as a weird app named only "Program", with no provider informed, being initialized with my PC).

By only using Kaspersky Total Security and executing some verifications, can I make sure my PC is clean and safe from viruses? And if not, what should I do to solve it?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Pedro Martins de Souza
  • 103
  • 2

2 Answers2

2

My question is: by only using Kaspersky Total Security and executing some verifications, can I make sure my PC is clean and safe from viruses?

No you can't. Especially not if you are running the security product from inside a potentially compromised system since in this case you (and the security product) can not really trust anything what the system reports.

Apart from that no security product is perfect. They might cover most of the normal non-risky behavior but if your are deliberately increase your risk (i.e "navigating through some suspicious websites") don't expect them to rescue you in all cases.

If you don't want to avoid such sites use another level of separation like a virtual machine - which is not totally secure either but much safer than using the normal system. See Does a Virtual Machine stop malware from doing harm? for more.

And if not, what should I do to solve it?

Unfortunately the safest way is to burn or at least reinstall everything which might have been affected and restore from the latest known good backup (which you hopefully have). This not only includes the current system but also the router (which is a common target for infection) and also any other system which is connected to yours or to the router.

A less destructive option would be to boot from a definitely not infected medium (i.e. CD-ROM) and do the analysis from there. Since this only looks for known bad things this is not as safe as restoring from a known good backup. But it is definitely less destructive which is important if you don't have a current known good backup. Kaspersky offers such an analysis medium too (Kaspersky Rescue Disk).

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
1

Not long ago a friend of mine got an email with a malicious attachment. He had one of the most popular antivirus applications installed, but I don't remember which one. The antivirus didn't detect anything, and he ended up opening the attachment and only then he realized it was malicious. He sent it to me, and I uploaded it to a service like VirusTotal. The result was that none of the popular antivirus solutions were able to detect it, and only a couple of the less common ones (maybe Baidu Antivirus or something like that) actually reported it could have been malicious.

So antivirus software can definitely help, but it's not enough to prevent new kinds of malware (which is released continuously every day). Chances are that a few hours or days after new malware is discovered the antivirus databases are updated, but you are likely going to be vulnerable between the time of new malware release and the time when your antivirus is updated.

Antivirus software cannot guarantee that you are not infected, and cannot guarantee that they are able to get rid of infections completely. Once your computer is compromised the only real way to fix it is to format the disks and reinstall everything. When you restore data from backups you must be sure it's clean, for example because you stored it on an external hard drive that was never connected after the supposed time of infection, or for example because you have other ways to make sure it's clean (comparing checksums, etc.)

reed
  • 15,398
  • 6
  • 43
  • 64