back to article Horror AVG update ballsup bricks Windows 7

An update from AVG on Wednesday night rendered 64 bit Windows 7 systems unstable after it was applied. Several Register readers have been affected by the problem, which leaves machines in a continuous reboot loop. AVG has pulled the problem update (3292) and published an advisory apologising for the cock-up and providing …

COMMENTS

This topic is closed for new posts.
  1. Tom_

    Register's Round Up?

    How about The Register doing a round up of free AV products? I've used AVG for a few years, but they're getting more bloated over time. It'd be good to see what's the best alternative.

    1. DrXym

      Would be worth seeing

      But I suspect MS Security Essentials would win.

      1. Anonymous Coward
        Anonymous Coward

        MSSE

        I dumped AVG after many years for MS Security Essentials, on both a Vista 64bit box and an XP x32 Thinkpad. I now find both machines faster and MS' software found a few nasties (nothing particularly serious, mind) on my Vista box that AVG didn't.

    2. DMSlicer
      Thumb Up

      I can get behind the round-up idea.

      I've presonally used AVG on a few PCS, as well as Avira and Avast. Some are more effective then others at certain things, but on average they're all pretty much the same level of protection. OKish, but not a "catch all". AVG does seem to guzzle slightly more resources than the rest, but it's not a huge amount.

      All of them have created problems though when I've recommended them to other users - they keep getting plagued by the ads along the lines of "your computer would be more protected if you paid us money and moved to this option", or couldn't work out the subscription renewal process. So in past years I've been recommending MS Security Essentials instead of the other offerings. Although it's a MS product it's roughly as effective as the rest, not particularly resource hungry and doesn't show unsolicted ads nag you for subscription stuff. (and as a bonus, updates itself using the Windows Update process so it means the users are forced to keep their PCs properly patched!)

      Since version 8/9 AVG has become quite bloated and prolific with Ads. And it's not the first time they've had bug trouble either. I remember a version 9 iteration that used to switch your PC's focus to the AVG application approximately every 30 mins regardless of whatever you were working on at the time (like, Full Screen games, which tended to crash every 30mins like clockwork). Fixing that one required scrubbing the AVG installation combined with multiple registry hacks...

    3. MrT

      Yup, MSSE would be my choice...

      Okay, when it came out Security Essentials had a lot of catching up to do - but recently it's been catching more than AVG Free (I run both on different VMs).

      Just glad I switched family members from AVG to MSSE a month or so ago - 64-bit W7 is more common these days.

      1. frymaster

        shouldn't need catch-up

        "Okay, when it came out Security Essentials had a lot of catching up to do "

        shouldn't have. Certainly when it first came out, the virus definition files were identical to those of its big-brother product Forefront. (which is the domain-controlled, central-reporting, costs-you-money version)

        it's also both inconspicuous, AND doesn't have a "please ignore and run the virus anyway" option on its pop-up

        for anyone saying "just don't get infected", remember you can get infected from flash. Before someone mentions noscript, remember there have been cross-side scripting exploits on youtube before. Just because you browse legit websites only doesn't mean you're safe, that's like saying uprotected sex is safe as long as you stick to "nice girls"

        1. MrT

          Catch-up: Just speaking of personal experience

          I had a beta copy over a year ago (July 2009), which was somewhere around 60% catch-rate - it was a lot better when finally released in around Oct 2009, but AVG when through a major release during the same time and kept ahead of MSSE until about Easter 2010.

          Virus defs aren't the only aspect - the defs didn't change massively between beta and release, but the detection engine obviously did. The final release was about 90% and it's now in the high 90's depending on your test of choice.

        2. Anonymous Coward
          Gates Halo

          You forgot to mention

          flash running on Windows

        3. Rune Moberg
          Flame

          avoid getting infected

          "remember you can get infected from flash"

          ...and you can get infected by something that is yet not covered by the most recent AV patch!

          I've effectively walked the 'noscript' route for the better part of the last decade. The result: I got infected once, because I trusted eset's virus scanner when it said the executable I scanned was clean. Of course, a few months later eset changed its mind, but luckily I had managed to clean myself minutes after running the trojan. (the executable installed by the trojan was also deemed 'ok' by eset at the time...)

          You don't have to run everything as 'administrator'. You don't have to run a browser that doesn't run as 'guest' by default. A couple of simple precautions goes a long way to make sure your local ecosystem just works.

          In my case, I would have wasted a lot of resources on AV systems had I used them.

    4. Gerry Doyle 1

      Best alternative

      The best alternative to all AV products is to look at what causes infection - and stop doing it.

      1. Anonymous Coward
        Anonymous Coward

        @Best alternative

        Have you unplugged your airbags and drive without a seatbelt too?

        1. N2

          think about it

          There is no substitute for good driving & some drivers are often put under a false sense of safety by them.

          Just like the complete dick head that followed me at a distance of less than 6 feet this morning when the temperature was minus three.

        2. Gerry Doyle 1

          Prevention v mitigation

          Do you drive without a care because you think your airbags and seatbelts will save you, or do you drive carefully so as to prevent an accident in the first place?

      2. Michael C
        Megaphone

        here, fixed it for you.

        The best ADDITION to all AV products is to look at what causes infection - and stop doing it.

    5. Apocalypse Later

      Nothing is best

      I used to write AV software, but I don't use it now. Oh maybe once in awhile when I think there is something odd going on, but not as a regular installation. It's just more trouble than a virus- as this story illustrates.

      Viruses used to be found, disassembled, and the AV updated before they became widespread, so it was worth the regular update as it actually had a chance of keeping you safe. Now a new virus is all over the web before the AV people get a chance to analyse and update, so it's firefighting rather than prevention. You can do that after you have a problem. No sense continually slowing down your computer and suffering all the false positives for no protection.

      1. Anonymous Coward
        FAIL

        So what you're saying is....

        You can't protect against new Viruses immediately so there's no point having AV software. Even though that means you're vulnerable to Viruses that ARE protected against by AV software. So you're machine can regularly become infected and spread the virus for a few days before you notice it and then clean it. That's like saying we don't need an army until we've been invaded. I bet you don't even do updates because you think your PC is running fine so obviously you don't need updates. Get protected or get off the net.

        1. Wayland Sothcott 1

          There are no viruses that AV protects against

          That's the point. All AV protects against all know viruses, everyone has AV, so there can no longer be any viruses that AV can catch before they catch you.

          They will only catch the new ones and only after you already got infected and then only after the update.

      2. Wayland Sothcott 1
        Big Brother

        The most popular one is the most useless

        Any virus that is successful is going to have to get past the most popular AV. Therefore your popular AV is not going to be much help.

        As for updates, imagine if you wanted to maintain a backdoor into everyones computers but did not want to be discovered. Simply switch the location of the backdoor once per month, hence the monthly patch cycle. The backdoors have plausible deniability in that they are "oops a security valnerability" we need to patch.

        What a perfect system, and the users do their part to maintain it. The virus companies are kept in business (I am assuming the same people write them as write the AV) and the hardware manufactures can keep supplying more powerful kit to combat the ever bloating software. Oh what a wonderful industry, I think I will become an arms dealer, more ethical.

    6. Anonymous Coward
      Paris Hilton

      or

      get a mac

    7. UBfusion
      Thumb Up

      Please do, and test 64-bit as well

      Very good idea, but please put equal weight on 32-bit and 64-bit testing, since the latter are getting more and more popular. I am using 64-bit since XP was out and I'm never going back, the stability it offers is vastly superior from anything 32-bit.

      1. yeehaw....
        Thumb Down

        Fail.

        On the first part you're ok.... Then you mentioned 64-bit XP.

        64bit XP was something to toy with but couldn't be used in a normal office environment - it was a 64bit driver wasteland, none to be found anywhere.

        Even today with oh say SONY(!), zero support for most things - had to pull a 32bit Vista Business boxen out the other day so the little wife could do her transcription thing, not even Win 7 Pro 64bit drivers.

        Unless you were lucky enough to have one of the three printers HP supported back then, I call bullshit.

        ------------------------------------------

        The post below me?

        ESET is a good antivirus/antispyware product and when my clients insist (the theory that anything you pay for is better - I used to try and point out the benefits of Security Essentials, but they evidently get that with their mothers' milk so it's a pointless endeavour (( "our" for our Brit cousins - yet the Reg's spellcheck wants American English lol)) ) on buying AV, that's what they get.

        However.

        I posted something here somewhere last night about my longish day yesterday - I was doing a job for an adult education center installing new GED software on a new 2008r2 server and......... sigh...... this is why I dread going there: THESE SO-CALLED STUDENTS F-UP ANYTHING THEY TOUCH...... ahem excuse me. I have to clean and update a mix of XP Pro/Win7Pro and one lone Win98 (don't say a word!) BEFORE I can do a damn thing. <blood shoots out eyes> the fun part? No common virus/trojan/etc, everything from everywhere, things I've never seen before, errors never seen before..... all different, all requiring a different response/software. Sigh. Little wife understands why I might come home late and sometimes maybe a little cranky - took her with me as an assistant last night... and she got edumicated. (bwaaaahahahaha bout time!)

        Moving on.

        The machines with XP have full-on ESET protection and they were the worst of the lot - one had like 38 infections (bastards) etc etc according to NOD - why? ESET knew about it, warned about it, logged it, and the miserable bastards clicked through it... The machines with Win 7 ran Security Essentials - yeah clogged with bs these folks find and install, but no ohfuckware. SE pretty much lets those same miserable bastards understand that cleaning is better and no option to click-thru. That helps and was proven to me last night.

        It's no damn wonder Apple and iGod Stevieboy do what they do with a walled garden - people evidently have to be protected from themselves.

        And that's just a crying shame - Think I'll stay home today and contemplate that reality.

        Sigh.

    8. Wombat

      Not free, but

      I've used NOD32 / Eset for perhaps 3 years now, after having tried many others. Very small footprint, low processing overhead, effective and reliable.

      1. Paul Boocock (UK)

        Couldn't agree more

        NOD32 is an amazing product and doesn't get mentioned enough when discussing AV solutions.

        I've installed it on mine and all my families computers and I've never had any problems from anyone since upgrading them to NOD32. You don't even notice its there, its doing its job in the background without bugging me, exactly what I want my AV to do.

  2. Dez666
    Unhappy

    Oh Dear AVG :-(

    To be honest, I switched to Comodo/MSE (Advanced/Basic users) a while ago, and am happy with those solutions. But I was a long term fan of AVG.

    I thought that these 'brick-your-pc' AV updates were more the domain of McAfee / Symantec / CA. Come on AVG, keep up the standards!!

  3. Daniel 1
    Joke

    "Leaves machines in a continuous reboot loop."

    So, they've reproduced the Blaster worm, basically, yes?

    1. Anonymous Coward
      FAIL

      Re: Blaster worm

      Worms self-propagate, so no, nothing like it really.

      1. Andy Enderby 1

        maybe not

        the AVG update server did it for them.....

  4. The Cube
    Thumb Up

    Hey, now AVG users can pretend they paid for McAfee!

    On the upside at least (some) AVG users have not paid for the privilege of their "anti virus" software buggering their machine up, it must sting less that way than if you handed all that money over to have McCrappee take out your Windows OS or your Office suite as "malware" every couple of months.

    1. Tom 13

      Actually I'd say AVG did better than McAfee

      McAfee's last problem ate a Windows system file. Looks like AVG only ate their own files.

      Of course, I'd still hate to have to clean it up.

  5. Anonymous Coward
    Gates Halo

    clamwin

    Normally at this point we're urged to use open source stuff instead....

    We use Clamwin, but they had their own problems couple of weeks back.

    A bad update meant that the thing went nuts and sent every DLL and EXE on your server to the quarantine folder. First thing we knew was when the server was rebooted due to Windows updates and would not come up again.

    I expected to see something in the Reg but either i missed it or they missed it!

    At first we thought we had a very bad virus, but it turns out it was an issue with Clamwin - seems we were not the only ones...

    http://ftp.clamwin.com/viewtopic.php?p=13279

    They wrote a batch file that could look at the logs and restore the files from there, but unfortunately the default log size is 1mb - not nearly enough to hold the details of tens of thousands of files that were quarantined.

    Can't blame Microsoft for these issues....

    1. Anonymous Coward
      Anonymous Coward

      I had this too

      Though I run a script that merely logs the "infections" so nothing was quarantined, but I did find myself quite surprised at the thousands of lines worth of log files I was greeted with in the morning.

      My conclusion: ClamAV was designed for *nix mail severs and that's probably where it should stay. Also handy to help disinfect bricked Windows systems, via a live CD. But don't bother using it to scan your Windows machines with any regularity or you're just going to spend the rest of your life looking at false positives.

  6. Richard 31
    Paris Hilton

    Kaspersky..

    .. quarantined the call tracking software we use this morning.

    As a result productivity is up!

    1. asdf
      Joke

      Demotivators ftw

      Apathy

      If we don't take care of the customer,maybe they'll stop bugging us. [Picture of old dust phone with cobwebs].

      1. CD001

        I've...

        I've actually got that mug on my desk at work :)

  7. Martin 63

    No problem here

    Updated AVG about 11 pm last night (UK time).

    I run windows 7 (ultimate) 64, but noting else

    1. Spanners Silver badge

      Ditto

      Same here. Maybe it is only certain versions of W7 and we are safe?

  8. Anonymous Coward
    Happy

    Glad I jumped ship when I did.

    I got fed up with AVG - it's got too big and flakey, so I ditched it to give MSE a try (so far so good). Looks like the timing of moving my Win7 x64 box was crack on.

  9. Bo Pedersen
    Gates Halo

    Moved from AVG a while back

    AVG 2011 slowed my gaming pc to a frustrating crawl, increating boot time, and the time it took to launch browsers.

    they really do need to take a look at themselves and realise they dont have to be Symantec.

    The linkscanner is pretty good, though and you can run that alongside another product to keep things streamlined.

    I have moved to MSE for the time being.

    Had to recover a customers pc from this, although in his case we could get into safe mode, go figure. Uninstalled AVG, restarted, everything fine, installed MSE until AVG fix things.

    1. Wayland Sothcott 1

      PC World advert on Dual Core

      Customer: What's this dual core technology?

      PC World: Well sir it means you can be scanning your PC for viruses at the same time as getting on with your work.

      I'm thinking: Oh so half the reason I buy a computer is to scan for viruses? Maybe I could use my old PC to scan for viruses whilst I get on with my work on the new one?

  10. Rick Brasche
    Thumb Up

    that explains my morning.

    fired up the laptop this morning only to see the recovery screen. Fortunately letting that run to a previous restore point and a bunch of other background auto-wizardry had the system operating properly after about 15 minutes.

    Was wondering what had changed since I hadn't installed or messed with configuration in almost a week, but I did recall seeing the 'you need to reboot" window from AVG's update manager last night.

    And here on the first page of El Reg- news I can use. Once again beating the so-called Mainstream Media by providing useful information instead of political propaganda.

    1. DannyAston

      RE: that explains my morning

      Hear Hear!!

    2. Japhy Ryder

      aha

      That explains my yesterday when Win7 64 Pro went into recovery screen - and recovered, thank god. However there is now another little window from AVG saying a reboot is required. This one is 426/3293 - so my question to the assembled is: how safe is this one? This has all occurred while travelling and is something I could really do without. Additionally, has occurred having replaced the even more painful McAfee which came pre-installed, following years of trying new avs when the previous became to bloated, too naggy, missed things, whether paid for or free.

      The moral of this story really is that everything will let you down or annoy you in one way or another sooner or later and whether you can do without as an alternative depends on how well you can control your environment. As a teacher and a traveller, moving rapidly between network environments and with ever promiscuous USB ports and devices, my requirement is that I have to have some defence and I would prefer that that some defence would remain simple and effective, not feeling the need to load up on "features" and complexity as a way of justifying its existence, retaining existing users and gaining new ones.

      This may well be the rub - that everything which starts out good will inevitably fail as a result of market pressures rather than simply technical problems...

  11. Mage Silver badge

    The Winner?

    Of test of AV products?

    User training + Properly setup PC + External to PC Firewall and Zero AV software.

    1. Anonymous Coward
      FAIL

      things that make you go Hmmmmmmmm

      I am surprised you didn’t put "ditch windows and install Linux" in there too..

      No matter how much training you have, no matter how good your firewall is, and for the general population or SOHO, the expense of running an external firewall and subscription is not really a viable option....

      Anyone on occasion can get duped into clicking on the wrong link, or opening the wrong document so running a AV program is essential... although not necessary, but if there is a safety net available, use it... only a dumbass wouldn’t.

      1. Anonymous Coward
        Troll

        Ditch windows and install Linux

        What's "anti-virus software"?

        Don't have any... but then I run Linux.

        1. Wayland Sothcott 1
          Linux

          I got ClamAV and SpamAssasin on my Linux box

          It stops a lot of the email viruses.

          If you try and run an original Cobalt Raq server it will get hacked in days, that's Linux. Even that needs updating :-(

          They've got us both ways, do the updates and you have the official backdoors installed. Don't do the updates and all the hackers know where your backdoors are.

    2. Michael C

      Wow, so AMNY holes to pick from

      First and foremost, does no other device, even a mobile phone, never connect to the same subnet as your machine?

      Can you actually trust the users to not click on links (no amount of training can fix stupid, and even the best fall for extremely convincing and well played phishing attacks).

      Does nobody ever make a typo in a URL?

      Do you trust the server you;re sharing a connection with to be infection free? some of the worst ones were spread by "KNOWN SAFE" sites who were the victims of SQL injection.

      Being secure and having trained users, better still web filtering and white-lists on top, is great, and we all SHOULD do that, but lacking AV entirely is just plain stupid. no levels of security can protect you from even someone walking in the door with an infected disk or drive and plugging it in. Even commercial software IN THE BOX (including popular software from big names) has contained viruses on disk. Some "blank" hard drives even contained viruses from the factory, and PCs often do as well.

      Do you not get e-mail at all? There are a thousand e-mails you don't even have to PREVIEW to get the virus in them.

      All it takes is a single machine in your VLAN to get infected, and it could spread to the entire network in minutes.

    3. Steve X
      Unhappy

      well...

      That presupposes that your users are trainable. I've met very few that are.

    4. TheOtherJola
      Joke

      Go on, I'll bite

      Add to that list No keyboard + No mouse + No media drives + No network connection and you've got yourself a 100% secure system!

      1. JustMathew
        Joke

        100%??

        Not if you have a usb port, an infected pen drive and you haven't disabled auto-run. The only 100% secure system is one that is never turned on, these bloody users can be devious bastards at times and do things us mere mortals couldn't imagine... ;-)

    5. Spanners Silver badge
      FAIL

      No

      That will only work if you remove all networking devices, floppy drives and USB sockets.

      Probably safest to remove the PS/2 ones as well in case someone connects up a keyboard that way too.

      With no AV, you can get infected, so give the bad advice a rest please.

  12. JeffyPooh
    Pint

    MS Security Essentials - free and good

    After Norton Internet Security died and went to hell (Google: Symantec Sucks), I moved to AVG free which was very nice. But circumstances led me to try MS Security Essentials and it seems to be essentially perfect. I've now switched all of my several PCs to MS SE and life is good. The comparison from Symantec's NIS to MS-SE is like night and day.

  13. BillG
    Go

    Our Story So Far...

    O.K., so the antivirus programs out there that have released bad updates that brick PCs are:

    - McAfee / CA

    - Kaspersky

    - AVG

    The two best free antivirus out there seems to be Microsoft Security Essentials and Avira AntiVir Free.

    Although it's not free, I won't use Symantec because of past pain.

  14. LesB
    Headmaster

    Pedantic question

    "Both server and desktop versions of Windows 7 are affected by the bug."

    Say what? Do you mean Windows Server 2008 R2 and Windows 7 are affected, or is there some new server OS Microsoft neglected to mention to me?

  15. Anteaus

    Affects most AV software.

    It's getting to the stage where most AV programs give a fair few false positive these days, plus there is a fair amount of malware around which isn't detected by most AV programs. So, either way, you can never be entirely sure.

    May be we need to switch to a fundamentally different way of ensuring computer security than looking-for specific byte-sequences in executables.

    1. Captain TickTock

      New wave in anti-virus...

      ...Whitelisting, anyone?

    2. Anonymous Coward
      Anonymous Coward

      Er.. huh?

      "May be we need to switch to a fundamentally different way of ensuring computer security than looking-for specific byte-sequences in executables"

      Anti-virus products haven't relied on that technique since perhaps the 80's.

  16. NocturnalTendencies

    An Explanation From AVG

    "Unfortunately, this was an issue with our infrastructure serving incorrect file :( No excuse, I know, just explanation why it has not been spotted during testing."

    http://forums.avg.com/ww-en/avg-free-forum?sec=thread&act=show&id=133069#post_133069

    Two of my x64 Windows 7 machines were as dead as Julius Ceasar this morning as a result of this.

    Cheers from Cali

  17. Anonymous Coward
    Anonymous Coward

    MS

    Security Essentials is what I'm currently looking at. I've installed it on several machines so far and I have to say, it's a very decent product. I like AVG, but it is getting a little bloated and the GUI on the latest version just doesn't seem to work the way I like.

    MS security Essentials is good, but there are a few quirks with it that seem to need ironing out.

    for example, when I first turn on my PC, the red "you are at risk" shield pops up telling me that I am not protected and have no AV software installed. after a several seconds, MS SE loads and all is fine.

    Also, sometimes when I have no internet connection, MS SE will go red on startup stating it is out of date, thus causing the red "you are at risk" shield" to display, even though everything was green 10 minutes ago and the software is up to date.

    I'd like to see a list of software for detecting Rootkits. I recently had to troubleshoot a PC that had a nasty rootkit installed and no AV software would detect it at all. Even the few rootkit detectors I found online were out of date and would not recognize it. after searching for a few hours, I found a thread that had the same symptoms this PC had, the rootkit name, and what was used to find and nullify it.

    I finally used HitMan Pro, which is a cloud based scanner, and it fixed the problem completely.

    I'm not sure what category that it falls under, I don't think it's independent, seems to use several online databases, maybe not, didn't research it, just used it.

    I even used it on a few other PCs and was surprised at what my AV software had been missing.

    1. Steve Roper
      Thumb Down

      Had a look at HitMan Pro

      and I can't say I'm impressed. Program starts up, fetches an automatic update, and exits without doing anything. Pretty bloody useless if you ask me.

    2. Anonymous Coward
      Anonymous Coward

      not app specific

      re: "for example, when I first turn on my PC, the red "you are at risk" shield pops up telling me that I am not protected and have no AV software installed. after a several seconds, MS SE loads and all is fine."

      I have av2011 (or whatever its called this week), and occasionally, my old dell lattitude laptop does the same thing... but not on every boot.

  18. FreeTard
    Thumb Up

    funny

    ...reading all the commentards on the avg forum.

  19. Chris Harden

    I use

    Linux! AHA! I am safe! My computer is the best in the world with Linux! It's your own fault for being Microsuck whores!

    *runs and ducks* I'm joking, I'm on Windows 7 64-bit (with Comodo) and it dual boots Linux so I'm totally nonpartisan, please don't hurt me.

  20. Anonymous Coward
    Anonymous Coward

    Moved from AVG a while back

    I used to use AVG on all of my machines but changed to Avast a few months ago. Seems good so far. I did try MSE but it ran like a dog and slowed all of my machines to a crawl (all high-spec machines running 64 bit Windows 7 Ultimate too) with scans taking several hours to complete and updates taking an age. Switched to Avast and even when I create a custom scan looking within archives it is still done within an hour, even if I run a Malwarebytes Anti-Malware full scan simultaneously to look for spyware.

  21. Anonymous Coward
    FAIL

    Deluded?

    The Winner - "User training + Properly setup PC + External to PC Firewall and Zero AV software."

    yeah right and all your users do exactly what you tell them, never click on a dodgy link, open an attachment or stick a usb stick in and no one they know sends them something from an infected machine.

    Good luck with that attitude, you will need it.

    1. Tim Brown 1
      Grenade

      I may be wrong but...

      I think what the original poster was suggesting (possibly in a too succinct style) was that the external firewall should stop any nasties getting in / out of the local network - or in the worst case spot an infected PC on the local network and limit any damage it can do. I can see the benefits of this approach rather than letting some dubious AV software bork machines.

      1. Wayland Sothcott 1
        Thumb Up

        William Gibson: Neuromancer

        They called that sort of firewall ICE in his books. I seem to remember talented people were employed to break through the corporate ice.

    2. KarlTh

      Well...

      ..."properly setup PC" would mean autorun turned off and user having minimum possible permissions. No Net Localgroup Administrators "Authenticated Users" /add going on! (Yes, I have seen this.)

      But they can still infect their user profile. Fake AV is very good at doing this to limited users. AV is, IMO, still a useful tool in ensuring that the user training + properly setup PC etc. prevention method is working.

    3. Anonymous Coward
      Linux

      (untitled)

      By "Properly setup PC" I suspect he means one where Windows is not installed.

    4. Mage Silver badge
      Boffin

      "User training + Properly setup PC + External to PC Firewall and Zero AV software."

      Has worked for 20+ years for me and the users.

      No autorun

      No remote content or vulnerable email

      No clicking on attachments.

      There has been Zero infections. I'd actually have expected one or two.

      *FACTS*

      ALL AV fails.

      ALL AV hurts the system with false positives

      AV gives a false sense of confidence

      Many AV damage productivity and make PC slow

      AV is NOT a substitute for best practices of PC, email and Network set up.

      All the most successful attacks con the Mark into deliberate install (This content needs codec, click to install)

      If you are insecure in your abilities or the users, fine install AV and have EXTRA trouble that can outweigh the risks. But PLEASE research how to setup PC, Networks, Applications properly. The defaults on most things are wrong.

      Yes PROPERLY setup PC, Network and Training of users is NOT perfect. But lower TCO and less damage (none from AV products). We have a WSUS running, but that's just to save WAN bandwidth. We may junk it as Linux use rises.

      The way AV works is inherently going to fail, especially if it's a substitute (which it usually is) for proper setup and training. Our mail server blocks all executable attachments. not just exe, com, cmd and bat but all the less well known ones. The users are trained how to spot camouflaged filenames such as mypartypics.jpg_____________________________________.exe where ___ is loads of spaces.

      I've removed viruses from MANY PCs over last 12 years. All had AV products. Some up to date (How up to date is up to date? Daily? Hourly?)

      I check our systems periodically with script from silentrunners.org and various root kit detectors such as gmer and others. Any unusual traffic on Router is investigated (usually a teenager watching video at 3am and never has been a zombie bot or mailer). Even if you have AV you absolutely should do this.

      The real reason fewer Linux servers than PCs with cable modems and no firewall are compromised is the training and expertise of the setup. Not just size of target.

      ALL the setup, training etc is not optional. It should be done even if you do have faith in AV.

  22. gef05
    WTF?

    AVG's reaction in the forums

    Good grief, did you read their forum? Some AVG mod jackass decided to start being a policeman in the thread. I read several pages into the thread and they were offering no advice/direction. No wonder the users are pissed.

  23. Lee Taylor
    WTF?

    Which versions?

    "Both server and desktop versions of Windows 7 are affected by the bug."

    Could the reg hack tell me where to buy Windows 7 Server.........

    1. Dave Cradle

      The server version of Win7 is...

      ...Windows Server 2008r2

      1. yeehaw....
        FAIL

        lol - in the age of Google

        There is - hold on - a Windows Home Server for Win7 (now with Power Pack 3! lol).

        Total Google Fail. Please return your carts to the Apple Garden.

        ;)

  24. shade82000
    Thumb Up

    Title

    It has affected most if not all of the other vendors in the past and if I still used Windows then I would definitely still be using AVG. As far as I'm concerned it's the best AV product for personal desktops and has been for years.

    ...but from what I have seen lately it is beginning to get a little bloated and seems no more to be just a plain old AV program.

    Still the best though.

  25. Colin Critch
    Happy

    Avira Better than AVG

    I have been steering home users away from AVG for some time now. Avira is quite nifty as AV and Firewall ( but you have to pay for this ). It plays well with Security Centre and has OESIS OK Certification.

    Comodo is good for paranoid people like myself but I only install the firewall on home users machines as the defence notifications tend to confuse most users.

    The problem with Security Essentials is the infrequent updates ( if it's not frequently updated you could be more insecure)

    1. Paul Shirley

      Comodo has different but less severe problems

      Yeah, Comodo can be a royal PIA at times and its far from beginner friendly but so far its regular screwups have been localised - mostly forgetting my safe list with every damn update.

      Had to give up AVG several years ago, didn't get my system nuked but it regularly had bad updates that left it sucking 100% CPU. Sucking so hard I couldn't even start the taskkiller to escape. Couldn't risk letting that loose on the family's PC's. Completely clueless, they never seemed to learn.

    2. Anonymous Coward
      Coat

      ha

      >The problem with Security Essentials is the infrequent updates ( if it's not frequently updated you could be more insecure)

      hmmm The sigs are updated like 3 times a day, and the engine once a month. As for the app/drivers, it's sex so doesn't need constant updating itself. lol

    3. westlake
      Pint

      Re: Avira Better than AVG

      "The problem with Security Essentials is the infrequent updates"

      What I see are typically daily or more frequent updates.

    4. Anonymous Coward
      Anonymous Coward

      are you sure?

      Comodo used to be home to the "any certificate you want to pay for, we'll sell you". I see they've left that reputation behind.

  26. Lewis Mettler 1
    Go

    what is a virus?

    What is a virus anyway?

    I have not depended upon any antivirus software or seen one in 15 years. I have not wasted hours screwing around with that crap either. It has been nice.

    Oh, but I switched to Linux in 95. I guess that explains it. Just think of all of the hours I have not had to waste.

  27. Panix
    Heart

    No Anti-Virus is the way to go

    Personally, I've been running XP Pro 32-bit and now recently, Win7 Pro 64-bit without any anti-virus software (or UAC turned on) and I don't have any problems. Then again, I know where to get my warez/music/movies and where not to and I use common sense.

    For people at work though, I've been trying to steer people away from AVG and more to Avast! or MS Security Essentials if they're too cheap for BitDefender or Kaspersky. AVG's detection rate just fucking blows.

    1. Anonymous Coward
      Dead Vulture

      Re: No Anti-Virus is the way to go

      "without any anti-virus software (or UAC turned on) and I don't have any problems"

      Have you seen alligators in your garden ? No? It's because they hide themselves too good to be seen.

      Seriously - do you think that latest virus let you know that you are infected? Play tunes, show banners, erase files? Where have you been last 10 years ?

      IMHO the MS OSes are to risky to use... Move to apple, *nix.

      Can't play games ? Buy a console!

      1. CD001

        IMHO the MS OSes are to risky to use

        ... hmm - sort of. The thing is you CAN reasonably well secure a Windows machine (it was even possible on XP) IF you're prepared to the the time and effort into it (and not install shonky apps that require admin level privileges).

        The problem is the only people that do that are those that have an interest in computing - most people treat their PC much the same as their dishwasher - it's a "white good" that you shouldn't have to think about. Most people are ideally suited to going Mac - most people.

        Bear in mind though that it's also possible to feck up *nix. The difference is that you have to do some work to secure a Windows system whilst you have to do some work to utterly shaft the security on a *nix system. Oh - and there are more things to secure against on a Windows system of course.

    2. bexley

      how do you know?

      When you say you have no AV installed and you have no problems, how do you know you dont have any malware running, if you have nothing to check for it?

      Same question goes to all of you who say you have no AV.

      Also, the guy that said his network in a corporate environment has no AV because he takes such precautions as not allowing email attachments etc..

      Mate, it's 2010, people want and need to have email attachments to work. You have to balance security with useability.

      It's no good having a 100% locked down uber secure nework if people cant actually use the network to do their jobs.

      I worked in one such environment where it was so restrcive that we just could not do our jobs, so we found ways to circumvent the security, just to get be able to do our jobs.

      I would say that your users will probably be doing the same thing, behind yoru back.

      1. Panix
        Grenade

        Just because I don't have anti-virus software on my PC

        ...doesn't mean I don't do other things to secure my box. Hell, when I was still using XP, I had 0 ports open to 'net that I didn't open myself. (The only things people could see were the 3 honeypots running on my box). No, I didn't use some lame software firewall to make this happen. The box is still online (I'm using Win7 now for my main PC) running the same config and the only time I worry about malware on either of my PCs is when I have someone over at the house who likes to get on Crackbook and nonchalantly click links sent to them. That's why I've finally dedicated one PC to visitors and another to myself.

        Anti-virus software gives one a false sense of security to most people. I deal with people who'll shell out $40 or whatever for BitDefender or Kaspersky and STILL end up bringing their PC at some point in the year because even though it auto updates and auto scans everything, something will still get through and they have no idea how to handle it.

        I agree that some work goes into securing a Windows machine. I just don't believe as much is required as you guys think.

        Sorry for late response. Busy at work cleaning up poorly maintained Windows machines. ;)

  28. Anonymous Coward
    Terminator

    Don't use Windows

    Use an OS where there is a cryptographically signed set of software within the distribution repositories that have all the applications your users need. This OS should check the certificate chain on everything it installs. Stuff doesn't get into the repository from untrusted developers. This only works with either a walled garden (Apple) or open source licenses giving redistribution rights to your repository/community. Use an OS where in order to install anything else your users need enough of a clue that there is a fair chance that they will know what they are doing.

    Then your users won't need to download 3rd party apps from untrustable sites just in order to get basic stuff done.

    If you have to use Windows I guess you'll have to keep taking the AV pills, but don't expect these things to come without nasty toxic side effects, and don't expect any AV product to know immediately about every piece of software in the world that is bad.

    1. CD001

      Hmmm

      You mean like ProFTP on Ubuntu then?

      http://sourceforge.net/mailarchive/forum.php?thread_name=F03531B7-7956-4F8B-B916-E416CA73D5CE%40amd.co.at&forum_name=proftp-devel

  29. Fluffykins Silver badge

    If AVG would actually concentrate on their products.........

    .......instead of acting like a frikking malware punter; pushing marketing popups and foisting bloody Yahoo/Bing parastieware on all and sundry , they might have just caught that one.

    I'm sick to the back teeth with AVG, its popups and it's parasiteware as it is, so the comments about MS SE are very welcome. I'll be giving it a try.

  30. Dan Paul
    Jobs Halo

    Used to use AVG till they became "Symantecized", Now I use Avast Free

    I agree that AVG used to be good and now it's CRAP! I've been using Avast (free version) and quite happy so far.

    I also used to use Zone Alarm Free until they joined the "Scareware" marketing group. Now I use windows firewall and other than the fact that MS can't seem to make a firewall that tells you anything, so far so good.

    Honestly, if Microsoft could ever figure out the fact that they could easily make a FAR better product than any AV/FW company, they would be unstoppable. (they know where all the little pitfalls are)

    The fact that they don't, proves they aren't stifling competition.

  31. theSensibleGeek
    WTF?

    Jacka$$ M$

    The thing that annoys me about Microsoft's Security offering is this:

    Microsoft builds operating system that has security holes, and you pay to have it.

    Microsoft builds software to plug security holes in it's own operating system, but you have to pay for that too.

    WTF? If you can make software that plugs the holes in your OS, just effing plug the holes in the OS!!

    1. kain preacher

      @theSensibleGeek

      Please tell me the software that MS is charging for to plug the holes .

    2. Anonymous Coward
      Anonymous Coward

      you hit the nail on the head

      I was reading down to the end of the post and was going to add this very idea if noone else had.

  32. Anonymous Coward
    Anonymous Coward

    How do you know how good AV is?

    Recently, we got hit with a couple of viruses. Some were detected by our AV product, some were not, but it was easy to see the files were malware.

    We submitted the samples to various places which ran scans on the files. Most of the files were detected by most of the big name vendors, some were not detected by any.

    One particular nasty variant was detected by our AV product, but NONE of the products named above. At least not at that time... maybe a few hours later it would have been.

    It's all a matter of luck. Company 1 uses X, company 2 and 3 use Y. #3 gets infected, and submits samples. The udpate to detect and clean is available just as 1 and 2 are starting to see infections. If you're company #2, you're lucky. But sometimes you're Company 1 or Company 3.

  33. blackworx
    Joke

    So...

    They've accidentally enabled Norton mode?

  34. Anonymous Coward
    Joke

    How could they tell?

    obligatory text required

  35. JaitcH
    Happy

    Never have accepted upgrades on the first day

    Nver have accepted upgrades on the day of release, just as the company refuses to install OS major revisions until the first 'Service Pack'.

    Seems the policy proved correct again.

  36. Cowardly Animosity
    Happy

    Smug bint

    Ditched AVG in favour of Avira about three weeks ago. Phew!

  37. bexley

    I used it once

    The thing is, i dont want to know anythign about my av solution, i dont want to even know it is there, i was to install it, configure it (once) and have it run in the background and let me know if there is a problem.

    And that is it, i dont want to see or hear anything else from it.

    Thats where the big players lost me, Macafee i spent more time trouble shooting performance problems on my machins as a result of it protecting' me, the reams of others are so hellbent on gettign me to buy something else from them or slowing my machine down until i cant use it anymore.

    So i settled in Avast, which once configured, just runs in the background, quietly (once you have turned off the update notification voice) and i dont think about it at all.

    Anti virus should be just that, not a bloated nagware ridden resource hogging pain in the ass.

    And now this, an update that actually causes more damage than the majority of viruses currently doing the round.

    Oh the irony

    1. Smallbrainfield
      Thumb Up

      Have had problems with Avast before though

      A year or so ago, one of their updates started recognising every .exe file as a problem and wanted to hoy them all in he virus chest. It was easy enough to stop however and didn't brick the machine.

      I do like Avast for the same reasons you mention.

  38. Anonymous Coward
    FAIL

    AVG Fanboi says "FAIL"

    I used AVG for years, but AVG2011 is a complete dog! I had to manually remove it after it also got stuck in an infinite reboot loop when updating from the previous version.

    The latest update is also buggering up XP SP3 systems, our work PC's AVG system bjorked after the update this morning.

    Sorry AVG, you have lost the plot, and Elvis has left the building!!!

  39. Dougal 2

    I'm still waiting to read a post from Dougal.

    It always makes me laugh when 'IT experts' start blabbering on about which security product is the best. It doesn't really matter which one you use, none of them work properly in the real world. Every day I collect suspect files from PCs, and as a test, upload them to virustotal.com and get a very low positive result from the various security scans. Wait 24 hours, and it's a different story, but by then it's too late.

    In this case we're talking about AVG Free, so that should be a domestic environment. I can say, as I do this for a living, that 15 minutes is all that's needed to explain to customers how to avoid infection because in 9 out of 10 cases, it's preventable. Expecting a security product to protect you is the biggest mistake, which only encourages users to take risks.

    In a business environment you should have in place company procedures concerning computer use that make the employee responsible for their actions. In other words, stuff up you PC by visiting a porn site and you get sacked. Very effective and can be used to control facebook addiction too.

    For what it's worth, I prefer Security Essentials too, mainly because it won't con customers into upgrading to a paid-for version and hopefully, Microsoft, will be the last company to false-positive a Windows system file.

  40. Russ Tarbox

    I don't run AV on my computer.

    I can't stand it, performance sapping, update requesting pain in the arse. I find some common sense and a nice VM for any, er, questionable software sources does the trick. Obviously this isn't a solution for most users though.

    But this is another occurrence where I see the AV software causing more havoc than any virus I've experienced. A great one was Norton AV breaking POP3 accounts in Outlook Express (going back probably 6 or 7 years ago) and an AV update crippling all the XP-based tills in a well known theme park. That was a fun day...

  41. Dennis Healey
    Pint

    Review of security solutions ?

    Don't forget Commodo if you plan to review security solutions. AV & Firewall all free, has been faultless so far, and from the point of view of someone who is not terribly techie the help is exceptionally informative

  42. John Sanders
    Troll

    TROLL ALERT!!!

    The Winner - "User training + Properly setup PC + External to PC Firewall and Zero AV software."

    TROLL ALERT!!!!

  43. Anonymous Coward
    WTF?

    LMAO

    Well that's one way to drive away users. hehe

  44. Anonymous Coward
    Anonymous Coward

    So if I paid for it....

    and it bricked my rig, I should get my money back. Right?

    Right?

    Anon now due to rise of comment trolls, even in the sanctity of el Reg. No wonder AMFM isn't around much more. *sigh* for the good old days of 2006.

  45. Neal 5

    re The winner/ perfect solution

    No Av is the way to go, yep, but not using your solution entirely. I would venture to add, using a virtual machine of some variant for your internet activities. That way you've only to reboot a clean virtual OS when it all goes tits up. If you keep a clean version available, takes what, 30 seconds.

    So long as you do use a virtual machine for internet, there would be no need for firewall either, theoretically. Although of course one may wish to sandbox their virtual machine software as an added precaution, or if they have enough RAM, run it inside another virtual machine of a different make.

  46. Mike Lovell
    Alert

    Erm

    Assuming you have more than one PC or Internet capable device and can reach the advisory web page to fix your machine they bricked in the first place!

  47. Martin Maloney
    Go

    It takes a geek to clean Windows

    Boot an infected machine with a live WinXP CD. If it asks when booting, tell it to enable networking.

    Access a free scan-and-clean site, and follow the instructions. You might have to visit more than one site.

    After rebooting to the hard drive, if you have an AV program installed, scan with it. If you don't, install one (like others here, I am partial to MSS) and run a scan with it.

    If you have a register cleaning program, run it. If you don't, then install one (I am partial to jv16 Power Tools) and run it.

    In most cases, you will end up with a fixed machine.

  48. bigfoot780
    Alert

    AVG doesn't know what a usb hard drive is

    I have stayed clear of AVG since it missed conficker completly. It also didn't scan usb hard drives on access. Glad I stay clear of it. Avast, MSE both seem to be good.

    I am sick of this stupid idea of no-antivirus is a good thing. How about win vulns, flash adverts running who knows what code etc ?

    If your running any OS you should have AV (cue the *nix fanboi replies).

    Its bad practice for any malware/virus' to be on your computer even if they are for another OS.

  49. twunt

    MrT - What are you doing

    The fact that MSSE is 'catching more' than AVG suggests you are regularly taking dangerous and stupid risks on your PC.

    I run MSSE on both XP and 7 and it has never stopped or found anything. That's because I'm not a moron and I don't visit sites are infested with Malware in the first place.

    (For a Second and Third opinion I run Malware Bytes and Super Anti Spyware every couple of weeks - never found a single issue, other than 'tracking cookies' which are not malware anyway).

    Your AV software shouldn't be regularly finding anything, unless you are deliberately and wilfully acting in a dangerous manner - in other words, you are a moron.

    1. MrT

      Well, either that...

      ... or carrying out performance testing to evaluate these things before rolling them out. That's why I was in the beta program, not just of MSSE but of several other security titles (TrojanHunter, ZoneAlarm, etc) and why I have, in times past, been staff editor of a US security website.

      You know, there are two sides to every story, and if you check back I did say I ran them on VMs - nothing risky about this at all. A good proportion of the malware was collected and used off-line, which is how most of the comparative tests are done these days.

      Now put your name-calling to bed. As noted by others here, even YouTube got spiked by an XSS exploit - play their videos and you got a hidden extra without even going anywhere deliberately.

      Can't believe I bit this time...

  50. Black Betty

    Bricked Vista (64) Utimate yesterday.

    And my BIOS can't boot a G15, so fun, fun, fun finding a PS/2 keyboard.

    And fun, fun, fun fixing all my game clients broken by System Restore.

    Avast you get your chance to disappoint.

    1. theido

      g15 keyboard

      don't know if it will help, but if i unplug my mouse, my g15 will respond before windows loads the drivers.

  51. Zog The Undeniable
    FAIL

    Just wait until you try uninstalling it

    The latest versions of AVG are Norton-like in their tenacity, like a floater that won't flush. I ended up having to delete folders and run msconfig to stop remaining bits (hidden somewhere on the hard drive) from loading at startup. Awful. I must wipe and rebuild that PC.

  52. Anonymous Coward
    Anonymous Coward

    Re: Register's Round Up

    I did quite a bit of research into antivirus software a while back. Read a lot of in-depth stuff and test results. My conclusion was that AVG was the best. I'm currently using the free AVG on Windows 7 64 Bit and it works a treat.

    However I'm not all that prone to catching a computer virus due to basic cautiousness. If a file is slightly suspicious and returns a false on AVG I'll normally upload it to virustotal just for thoroughness.

  53. JDX Gold badge

    re:Jacka$$ M$

    "Microsoft builds operating system that has security holes, and you pay to have it.

    Microsoft builds software to plug security holes in it's own operating system, but you have to pay for that too."

    Fail. MS' MSE is free.

  54. Anonymous Coward
    Anonymous Coward

    Used to be good...

    And jumped the shark years ago, with the introduction of Linkscanner, which is too stupid for words. (Clue for the clueless: this is a "security" program that goes out of its way to download potentially dangerous material).

  55. Elmer Phud

    Awfully Vast Gunk

    Having had issues with AVG ever since the 2011 'update' I was going to do a wipe and reinstall.

    Since AVG 2011 arrived it's struggled to connect to the update servers, argues with the Firewall despite manual intervention and AVG's discussions are full of people with sreious issues with the SW.

    Yesterday I downloaded the 'remove AVG completely' file and the 'recommended new AVG' release but hadn't got round to sorting it out.

    Now I'm not too sure whether to just remove and bin AVG and go for Avast - which I got rid of a while back as it behaved a bit like AVG does now.

    Or there's MSE.

    I don't really mind whatever I end up with as long as windows stops bloody telling me the latest update is out of date despite me having done a manual install.

    AVG has turned in to the bloatware I was escaping from -- bah.

  56. TonyT
    Happy

    Another AV Suggestion

    I have used Bullguard for many years on various different systems. It has to be paid for but web search for OEM versions at very low cost works for me. Vary rare problems, updates at logon, finds and blocks problems regularly, seems stable and low overhead.

  57. Tigra 07
    Happy

    No Tit Required

    This is exactly why my AVG, Windows and Spybot are only updated on a sunday.

    My 64 bit Windows 7 is fine =]

  58. Fluffykins Silver badge

    Oh, the irony!

    Did anyone else notice the Google ad for AVG on the side of these pages of comments, most of which being along the lines of "AVG is shite"

  59. Anonymous Coward
    IT Angle

    BLOATED AV - A thing of the future?

    Submit post: Horror AVG update ballsup bricks Windows 7

    There are some problems with your post.

    Your username and/or password are incorrect. Need a password reminder?

    (no handle yet)

    NON BLOATED AV - a thing of the past?

    Posted Friday 3rd December 2010 09:52 GMT

    I love reading these comments, however reading about bloated software just makes me laugh...

    Pre 2001 - Airport Security:

    We always had xray machines,but you could still take whatever you wanted on the plane with you...even people used to smoke on the plane!!! So you could clear airport security very quickly... but we still saw the atrocities and attempts because we weren't secure...

    Post 2001 - Airport Security:

    X-Ray, Body Scanners, frisking, no liquids over 100ml, check it really is a laptop, security, police, locked cabin doors.... Very cumbersome and time consuming....however very secure or more secure...

    So maybe think about it with any AV that you are using, expect it to take a little longer - we're no longer dealing with 16yr old kids having fun....

  60. Ben Rosenthal

    AVG

    AVG went shark jumping at least 2-3 years ago now, Avast is just starting to follow the same path and will send me off for a replacement that just does what I ask it to soon enough.

  61. Anonymous Coward
    Anonymous Coward

    Easy fix...

    I had this issue on a workstation yesterday. Inserted Vista install media and ran a repair, problem resolved.

  62. Matthew 25
    Headmaster

    Desktop Windows 7

    "Desktop versions of Windows 7 seem particularly prone to the bug."

    Aren't all versions of Windows 7 for the desktop then?

  63. Doug Glass
    Go

    Peresonal Choices

    Avast and Comodo. When they blow up, Microsoft Security Essentials and Windows Firewall. There's not a security product out there that can stop all threats all the time. So install what works and have a system restoration plan that fits your needs. Everything else is pure corporate grandstanding and bullshit.

This topic is closed for new posts.