Slashdot Mirror
AVG 2011 Update Causes Widespread Problems For 64-Bit Windows
phx_zs writes "Last night's mandatory update of AVG 2011 Free edition has caused most 64-bit Windows 7 PCs to fail while loading Windows. On their website they have an FAQ with instructions on how to repair the problem using a boot CD or USB device."
The irony is that you need to find another computer to read up on how to fix the issue.
Jumpstart the tartan drive.
Does anyone actually use AVG anymore? There was a time when it was awesome, but it just got crazy bloated and slow...
Living With a Nerd
AVG is trash and has been since at least vserion 8. We're using the enterprise version 9.0, with the 2011 management console at my organization, and today it started pushing out its AVG toolbar to everyone.
I used to recommend AVG as the free anti-virus solution to people, but Microsoft Security Essentials has a much smaller footprint, it doesn't harass you to upgrade to a paid version, and it has a better detection rate.
AVG isn't particularly great when comparing free or paid products these days.
http://blindscribblings.com - Tasty pop-culture in conceptual fashion.
I used to recommend AVG, and have since switched to telling family members to use Windows Security Essentials. AVG isn't the lightweight, unobtrusive piece of software it used to be.
I run AVG but not the default versions. Well, it's the same except I disable the link scanning, tool bars, and id protection crap and it seems to be smooth and light.
I've been discouraging my friends/customers from using it for about 18 months now.
Agreed that it was once awesome, but they took a dive when they starting including that crappy IE plugin tool that pre-verifies all the results of your searches.
They also make it nigh on impossible to find the free version on their site (or it was hard last time I looked, which has been a while).
While all AV programs are prone to screwing something up, this one won't help their already soured reputation.
I've been using Avast and Sophos for a while now and had little issues with either of them.
-JJS
Of course something like this would happen with a free program, you get what you pay for. Nothing like this would ever happen with one of the quality anti virus programs, like McAfee...
"Sic Semper Tyrannosaurus Rex."
No. Just no. I'm a Windows hater too, but no. It's simply not THAT bad. It's really easy to catch something, but simply existing on the web isn't enough. You are making "magical" assumptions.
Microsoft Security Essentials. It may be from Microsoft, but it's a good piece of software. Licensed for home users and businesses with 10 or less computers- it's what I've been pushing my small business customers to lately. It's lightweight, unobtrusive, and performs checks well.
Sure they are tested. The problem ONLY occurs on rebooting. Who ever has to reboot a Windows computer?
Power tends to corrupt, and absolute power corrupts absolutely.
I might try that --- though, admittedly, if Microsoft is so good at detecting the viruses, why don't they just prevent them better?
But, AVG has really become obtrusive and annoying of late. Forcing it to not install toolbars, telling it I don't want to install "PC Analyzer", having it whine that I should upgrade to the paid version, constantly asking to reboot, and now hosing my machine ... well, they're running out of goodwill.
Lost at C:>. Found at C.
You don't get them by opening email or surfing the web these days. Tracking cookies are not viruses.
You absolutely CAN get an infection from simply surfing the web. I was one of the people affected by the AVG Update Of Death, but I recovered and I will continue to use them in part because it integrates with Firefox and has stopped numerous attacks by intercepting seemingly innocuous sites. If you're not aware of the danger involved in simply surfing the web, you should do a little honest research.
*** *** You're just jealous 'cause the voices talk to me... ***
Well it isn't exactly hard to kill the majority of the virus's propagation vectors. I haven't run a "real-time" AV program on my windows machine regularly since 2000 or so. I have caught 1 (detected) virus in that time, and that was from a USB fob a friend plugged into my PC. That actually failed because I was running under a restricted user account when it happened (win2003) and the autorun on the fob simply started up and then didn't have permissions to write to the registry location in wanted. Caused some strange behavior and I said "that's weird" and promptly dug into it. Found it, and had it removed in about 10 mins.
Before that I had autorun turned off, but failed to realize that it wasn't a binary on/off, instead there are further controls which needed to be set to disable it for USB mass storage, and other types of media (fsking M$).
So, for a start..
Plain text email.
Restricted user account (can't modify the system settings).
Updated Browser with noscript/flashblock/adblock/etc.
virus total (upload everything there before you install it).
autorun disabled on all devices
restrictive firewall, traffic monitoring
etc..
That said, I do periodically run some scanners, so its not like I never check, but I don't like any of the run all the time scanners.
So while its possible I have a virus, it doesn't seem to have done any harm yet, and none of the mainstream scanners I sometimes run against system images seems to be able to find anything.
NoScript and AdBlock Plus are your friends.
If you have Adobe Reader or Flash installed you absolutely DO get them by surfing the web. Go to a site where their ad network has gotten either hacked or just had a bad ad get by their "review" and it is a done deal. Turning on DEP for all processes, installing EMET (video on it here http://technet.microsoft.com/en-us/security/ff859539.aspx) and configuring it to protect acrord32.exe and your browser, installing Adobe Reader 10, keeping Flash up to date and using something like FlashBlock to control when Flash can run, etc. can all help out in this space. But for the average user who doesn't update Flash or Adobe Reader - they absolutely get infections just browsing the web. My boss and my brother in law both got a fake AV from reputable sites recently - the ad networks had served an Acrobat Reader exploit. I'll recommend MS Security Essentials as a free as in beer, low impact AV product. But I'd look into EMET if you haven't already.
Hogwash.
I've tried installing a number of different anti-virus utilities over the years to check my system from time to time, but never used to have any permanent anti-virus protection in the background. In the 12 years I've been using Windows, I've never gotten a virus. Earlier this year, I tried Security Essentials and liked it, so I started using it permanently. Visiting a web site will occasionally warn that the site is trying to set a tracking cookie, but that's it.
The only real difference in my system usage is that I favor open source apps, I don't run any games newer than 8 years old, I never use Internet Explorer, and I have JavaScript support disabled in my PDF reader.
I also fix other people's computers. It's very rare that I find a virus, but common that I find multiple anti-virus programs fighting with each other, or massive amounts of bloatware installed. I usually replace the bloatware with open source apps, use "Autoruns" to disable the crap, and replace the mess of security suites with Security Essentials (largely because it doesn't nag about updates and fees, and updates silently). Reinstallation of Windows is almost never required. Amazingly, most people already know that they should avoid IE. I see a lot of people using Firefox, and haven't seen much of Chrome or Opera.
Frankly, the only time I saw viruses in the wild was at the class computers at my college campus. Those machines were overrun with crap. PCs are almost always unstable due to bad drivers, unnecessary background tasks, or mal-ware that must be explicitly installed.
You don't get them by opening email or surfing the web these days.
Not true for 'average' computer users. I think many are dubious of email, but if a web site offers an installer package available via a button that says 'your system requires a critical flash update' or 'we have detected a virus, click here to install a removal program', you bet way too many people click and trust.
XML is like violence. If it doesn't solve the problem, use more.
No. Just no. I'm a Windows hater too, but no. It's simply not THAT bad. It's really easy to catch something, but simply existing on the web isn't enough.
Existing, no, browsing to, yes. What if you simply browsed to a page with a trojan PDF for example...
That would be enough.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I don't care if I turn out to be wrong
GASP. You do realize you are on the *internet* and therefore you *can't* be wrong?
XML is like violence. If it doesn't solve the problem, use more.
Or, you could drop a few dollars on a vanity domain name. I own the .org domain for my last name (it's a four letter last name, so that was lucky).
The other option is gmail, which allows you to use webmail and/or an email client like Thunderbird.
Help! Help! I'm being repressed!
I'll second this. I'm reasonably careful - browse only with Firefox and a handful of extensions, don't use bootleg software, careful about executing anything (unsigned or unknown), and typically stay out of the darker areas of the net. I'd even go as far as to say I think I know what I'm doing.
I still got hit.
Back before Steam switched to webkit, I joined in a random game of counterstrike. The embedded MOTD screen used some flaw in the embedded IE engine that was able to infect my system. Fortunately some of the follow on setups had issues on XP64 and some of the locked down settings, so I discovered what was going on right away.... but I did nothing but view a HTML page from inside a video game to get infected.
PDF, flash, JRE - all sorts of bits on a machine that might just expose you where one might think they are practicing safe hex. It is not just the browser, but all the net enabled applications installed (possibly by default) that should make a person worry.
+++ UGUCAUCGUAUUUCU
Yes, and we'll also never be able to play the majority of PC games ever again.
I really wish people would stop saying "lololol get Linux no more viruses". No shit, I think by now a lot of us know that Linux has far, far less in the way of viruses and malware compared to Windows. The problem is that it also has far less software that some of us want to use.
Random Thoughts From A Diseased Mind (Not For Dummies)
See if you are prompted for this.
I just got a box with a small icon in the top corner. No PDF there. This is with IE8 on XP (without antivirus).
Hang on, I will try it in my trusted sites zone. Again, no. Different icon this time - was the red X one. Wait, I will have a look at Tools->Manage Addons. Ah yes, some clever bunny has disabled anything from Adobe. It is amazing how much more secure ANY operating system is once you get rid of software from that company.
Obviously I have fiddled with my system. An easier way to do it would be to use an alternative PDF viewer that doesn't want to be one with the web browser. It is a multitasking, windowing environment - I can handle a PDF popping up in another window rather than overwriting my current web page.
Still, if you are not comfortable changing the browser settings, then AV software is the way to go.
No file association or handler for PDFs on this machine.
Which is unlike 90%+ of the Windows systems in existence, so it doesn't say much.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
"you are just using the eyes of other programmers as your antivirus."
Yeah? So? And how is that bad? I also use MD5 sums to compare what I downloaded with what I was supposed to download.
"i am not saying this happens every day, but it has indeed happened before and ProFTPD isn't the first time."
It happens once every few years. I literally can't remember specifically when the last one happened, but I have a vague recollection of it.
Googling, I can find 3 instances, including this ProFTPD one in the last 10 years. Gentoo and Debian were at fault in the previous two.
That's how rare it is.
Compare and contrast this situation with the Windows situation, where there are literally millions of malware signatures, and the number keeps growing every day.
"but ultimately how is that so different than a binary?"
Because *someone* can look at the code. If not me, then someone else. With a binary, you get *zero* chance.
You're really fighting tooth and nail to hold on to that false equivalence fallacy. Sorry, but that's a load of bullshit.
"eyes of the developers and hoping they find the issue in a timely manner."
It's worked pretty well so far. Obviously trying to catch it all at the client side (Windows) hasn't worked at all over the past decade and a half.
--
BMO
The problem is many of your favorite *safe* websites use advertising networks. Some of the networks have virus infected ads without Google or the site owner knowing before it is too late. It has been on slashdot a year or two ago.
More than likely this is when you would haveNoScript off because you trust the site. The malware writers know this and are taking advantage of this too. Even that is not 100% secure.
http://saveie6.com/
Hello, Mr underscore-ook?
(If it does not sound like fuck, the only other pronunciation I can think of is ook.)
Also I'm pretty sure you don't own _uck.org, you liar! ;D
Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
I haven't run antivirus software in years and I've never had a virus.
I've heard that one from Windows users before. You know what happens when I look into that claim? I find viruses every fucking time.
I haven't had one virus in years. There is no infection vector you can attack me on either. I used to build some for fun in my pre-teen idiotic years (from my own version of pong using the 21hz INT, to some which self replicated on COM, and later EXE). Today, from time to time I download one of the anti virus & anti spyware and test my machine. In the last 10 years the results has always been the same : Zero Trojan, zero Virus, zero everything. it takes discipline and knowledge but you CAN be without any virus whatsoever.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org