Jump to content
Posted 31 October 2017 - 12:48 PM
Posted 02 November 2017 - 05:02 AM
Today I released a new version of Kuranin Anti-Ransomware, where the following bugs were fixed:
1) Fixed the problem of working in English-speaking operating systems (now when you start Windows, the program is launched first without any problems)
2) Updated antivirus signatures for November 1 state
3) The program self-protection error has been fixed (currently unauthorized unloading of working processes is impossible)
4) Fixed the issue of "crash" utility when Trojan programs are detected, encryptors.
5) Reduced CPU load during operation
Here is the principle of work:
After the first start, the anti-virus database is unpacked, which can cause a load. It takes about 2-5 minutes, depending on the configuration of the computer. In the future, the database will download and add records from the server. During unpacking, on-demand scanning will not be available.
Kuranin Anti-Ransomware checks files for signatures, but I recommend scanning particularly suspicious objects through the control center. In the process of running the analysis of the behavior of running applications in real time, resulting in the detection of suspicious activity, which can be expressed in the implementation of direct access to the disk, changing the user's files. In this case, the potential threat is blocked, the changes are rolled back, and the user is presented with a corresponding message.
There is also a function to create system restore points on a scheduled basis. By default, it is disabled, as this may require additional space on the hard disk. But I recommend that you use it, because it's not just recovery points, but smart ones, that is, the whole configuration of the computer is kept, starting from the file system most often affected by viruses, and ending with system settings and Windows registry entries.
The program fights especially well with standard cryptographic programs that do not affect the MBR partition, however, as mentioned earlier, you can enable the creation of recovery points on a schedule.
The anti-virus utility already has a firewall, so there is no need for the Windows firewall. In addition, the antivirus requires access to the network for updating, so that certain conflicts may arise. However, you can enable the firewall from Microsoft manually, in the future it will not be turned off.
UAC disconnects due to the fact that the utility requires administrative rights to run the utility, and it is inconvenient to allow the program to run at every startup, despite the fact that the components have a digital signature ... An inexperienced user can answer "no", so the Kuranin AR simply can not perform their functions.
Currently I checked my software Ransomware Jigsaw, Kangoroo, as well as Exploit-CVE-2012-0158 and a fairly common encryptor from Vazonez (XOR / TEA methods).
The application was designed in a minimalist style, in the main window you can perform the basic configuration and view the report, perform a scan, and restore objects from the quarantine (if any).
The package includes a mini utility Registry Cleaner to clean the registry from residual infection.
The program disables the standard Windows firewall because it already has network security components. But you can also use other firewalls and antivirus software by adding KAR to the list of exceptions. This is necessary because in the case of limitations the application simply can not perform its work correctly, or it will not be able to update. UAC is disabled due to inconvenience, but you can turn it on and it will not be turned off any more.
As for detection, these are false positives. Every day there are new versions, the components and files of the utility are completely changed, so I do not have the opportunity to notify the anti-virus labs daily, because the answer comes only after 2-3 days ...
Here are screenshots of letters confirming that the utility does not contain any malicious code:
By the way, today, according to numerous requests, the possibility of automatic updating of all modules of the program has been added, so I highly recommend that you delete the old version and install a new one. After you reinstall the application, it will be updated automatically (not only the anti-virus databases!).
Also, a section "About the program" was added, indicating the version and information about the publisher.
Posted 04 November 2017 - 01:54 PM
1) The update module is rewritten, now when the processes are loaded the anti-virus utility is loaded correctly
2) Fixed a problem with the ActiveX component (buttons with the appearance of Windows XP)
3) Updated the component to clean the registry OS, now select or cancel all items by right-clicking on the list
4) Accelerated scanning on demand, reduced CPU load (now the core takes up no more than 7-8% of resources)
I would like to draw your attention to the fact that you must download the distribution kit from the official website, because it's the newest one! On other resources, the installer may be out of date.
0 members, 0 guests, 0 anonymous users