Saturday, May 17, 2008

Simple thoughts on AVG Free v8

I really don't feel I should even be making a post on this.

However, I just can't help it.

Recently Grisoft made a major update of it's anti-virus product "AVG Free".

The previous version was 7.5. The new one is 8.0

The old one was free, pretty light on resources, scanned email attachments, did an acceptable job with system-scan speeds, and had a Windows 2000'ish GUI. It was pretty simple to use and configure, effective in protections, and had a knack for coming up with periodic false-positives. It was highly recommended. It was loved by masses of geeks and home users.

The new one remains free, is still fairly light on resources, still scans email attachments, does acceptable system-scans, and has a heavily re-worked "Web 2.0" GUI. Out of the box it remains easy to use, and now is even more configurable. It still is effective in A/V protection and now includes anti-malware protections. It still generates false-positives, but includes an internal mechanism for submitting to Grisoft Labs for review and correction. It now is recommended with caveats. It is now scorned by masses of geeks and former home users.

What happened?

How could something so right become the source of such frustration and ire?

This is a difficult question to answer, even for me.

I'm still running it on my home systems. I haven't tossed it out; yet. But it is clearly is being abandoned by users who were great fans of AVG Free v7.5.

My first post of AVG v8 was back in March. I had gotten hands on a beta version and loaded it into a Virtual PC session of XP. Like many, many, many other geeky computer security minds, we were quite shocked to see the inclusion of a toolbar that provided "safe link scanning" and "Surf-Shield". While this feature does have great benefit with the growing number of malware-laced websites springing up on the net, browser toolbars just grate against the craw of many of us.

My second post on AVG (Free) v8 was in April. It had just been released and with excitement I downloaded it on my Vista system....and quickly felt burned. There was the toolbar being offered in the setup. I deselected the option, but it installed anyway. The AVG Security Toolbar showed up. Ughh! It was deeply embedded in both my IE and Firefox web browsers. I worked out a way to disable it and the "Link Scanner" component. However, that uglified the AVG system tray icon leaving it in an error state. Otherwise, I was OK with the look and performance of AVG Free v8.

My third post on AVG (Free) v8 came quickly on the heels of that previous post. A wonderful commenter dropped a tip on how to install AVG without the Link Scanner component. Worked perfectly! Only, see, you have to run the setup file from a command-prompt using some special arguments. Not something the average home user is going to feel up to doing. And geeky AVG fans are now put off having to jump through hoops just to get their favorite AV application slimmed down. I took a closer look at the advanced options and really liked what I found. Much more degree of control and tweaking. Lots to like.

On my systems it has run very well once I took off Link Scanner/SafeSearch/SafeSurf features.

Email still scanning well.

Anti-malware scans are appreciated; however the PUP's are pretty aggressive and have been triggered on a number of my trusted sysadmin utilities.

A/V scans are fine. Yep. Still finding about one false-positive every week or two. I have tried to send to Grisoft Labs using the internal submission mechanism, but it appears either my HIPS program, my firewall, or a configuration problem between AVG Free and my email client is preventing them from leaving my PC. Will need more time to troubleshoot. Something I don't mind doing, but I shouldn't have to and something most home-users will scream about (rightly so).

Updates are automatic and fast.

Can I Have a Comment Please?

What has amazed me is that these posts have generated an unexpected amount of comments; seeming evenly divided between tips by hard-core users who like me, soldier on getting AVG Free v8 back to the usable state we prefer and those who are fed up with it. I appreciate all of them.

I move my notebook between home and work networks, which have different IP ranges. When I moved the notebook with AVG8 freshly installed to the other location my network was completely dead. No ping, no IP, no DNS, nothing. So I removed it.
AVG tech support, when I complained, had the gall to ask if AVG 8 was "still installed" - I said no, since it makes it impossible to use the computer, and I'd said I uninstalled it.
Anyway, I'm not sure if it was a one-off problem or a generic issue, but you might take a look at what happens if you connect your notebook to a different subnet.
As for myself, I dumped the last 9 months of a 2-user subscription and moved to NOD32... -- Gary Berg

Just upgraded to AVG 8 on XP, and found it made Firefox (2.0.0.14) hang. I disabled the AVT add-on to firefox as you describe, leaving the link scanner enabled in the AVG settings, and now AVG is happy and the scanner doesn't run in firefox. -- Shad Sterling

...likewise for me upgrading to AVG 8 on XP, has made my Firefox (2.0.0.14) hang too. problem was fixed once AVT add-on was disable as mentioned. -- Jacques

It is too bad how they force feed the LinkScanner bar install and while the instructions you provided are indeed clear, most users will be scared off trying it. To make matters worse they then make its removal darn near impossible to either find and execute, opting for the extra $$ for each install. This has been a matter of contention on several forums, COU and mine as well as others. As good a review as you give it, I'll still steer users away from it based on the forced toolbar install. Companies going for the easy money as they've done don't deserve ME pointing users to it. -- TeMerc

...upgrading to V8 from V7.5 seems to be a problem causing downgrade.
Under V7.5 I had a system that seemed to scan Thunderbird emails and had a taskbar icon that changed whenever a virus update failed, now it says the Thunderbird email scanner is not working and the taskbar icon is always showing an error even when the virus defs have updated. -- greenbandit

I've noticed one more problem I think you haven't addressed here. In the previous versions of AVG, whenever you requested a scan from the shell extension, a small window would open and resolve the whole matter in and of itself -- scanning, informing, self-imploding and all. Now, I don't seem to be able to stop the whole freaking AVG window to come up every time I call for a shell scan in just a one file. Absolutely incomprehensible, isn't it? You call for a shell extension scan and it turns into a full window scan. So why bother with a shell extension?? -- RSeabrea

I had been a happy AVG Free + Thunderbird user. When I upgraded to 8.0, AVG found a virus in an email attachment, and then deleted the entire email folder - not just the attachment or just the one message. To make it worse, it is completely deleted, ie not in the virus vault. -- Anonymous

AVG 8 would have to be the biggest, bloated POS since Windows ME.
.... Link scanner? who made them the defacto net nanny of anyone who installs this.
Good one Grisoft. How to piss off 70 million users with one program. - Anonymous

Being on a capped plan, I watch my downloads closely. After installing AVG Free 8.0, I noticed that my downloads had increased quite a bit, and I suspected that Safe Search was the culprit. My suspicion stems from the fact that while SafeSearch is working out the safety rating for each link, my download indicator keeps flashing, which it never did as much with the previous version. -- Albert

I cannot use avg 8.x because it won't allow my RAMdisk. - DonH

It destroyed my RAMdrive, corrupted my Registry, disabled my OEM Recovery Wizard, and did something that prevents me from successfully reloading the 7.5 version I had used previously. Shows ERROR in system tray unless all bloatware is enabled. Downloads bloatware updates even if disabled. AVG 8.x *IS* a virus. - Anonymous

one thing i've found is that safe search slows down browsing considerably,even accessing my router/modems configuration pages is noticably slower. disabling it returns browsing to normal speed. -- Doug

I think they (Grisoft) have missed the whole point about "User Friendly". I wrote them several days ago about 8.0 making my RAM drive "unavailable" and changing my Registry so 7.5 cannot be reloaded no matter WHAT I do, and making "unavailable" all my OEM Recovery Backups prior to installing 8.0 as well. They apparently could care less. ... I just spent 2-3 man DAYS trying to undo what their 8.0 did to my computer in less than a minute. I'm done with them. - DonH.

Why do AVG include the link scanner component for firefox and IE when both already have things like anti-phishing protection anyway? E.G. Firefox either downloads a distributed DB from google in the background or sends every link clicked to google for comparison with their DB. Strange. Have I missed the point somewhere? -- Zapf

Wonderfully useful tips have included the following contributions:

The LinkScanner and Firefox add-on were bugging me too. Check out http://free.grisoft.com/ww.faq.num-1241 and open 1338 which details the switches to run the installer with to not install the crappy components. -- Anonymous

a few other switches:, TSCC_DLG_DISABLED, CURRENT_ONLY, ON_RESTART_UNINSTALL, NOAVGTOOLBAR, PROGRESSONLY, UPDATE_SERVER, NO_VC_REDIST, DONT_REPAIR_FILES, KILL_PROCESS_IF_NEEDED, NO_AVGW_STARTUP, NO_CC_STARTUP, DONT_START_APPS, USER_ENUM_MODE, QUIT_IF_INSTALLED, REMOTE_LOGIN_AS, REMOTE_INSTALL_TYPE, REMOTE_SETUP_PACKAGE, OLD_TARGET_DIR, REMOVE_FEATURE, REMOVE_FILTER, MACHINE_LIST, SKIP_ROLLBACK, RESTART_IF_NEEDED, UNINSTALL_OLD. -- Pavel

choosing Custom during the installation process, you can choos if you want the toolbars and other stuff. All without touching the "Run" box. - marontiveros

If anyone gets annoyed with that "Did You Know?" pop-up that appears at the bottom of the AVG 8.0 User Interface, there's a way to get rid of it here (from "toastycheese678"). Basically just remove the \Program Files\AVG\AVG8\avgmwdef_us.mht file.-- Zapf

Zapf's comment links to a great series of steps worked out by "tastycheese678" that covers not installing the toolbar, as well as SafeSurf/SafeSearch which we have covered here. It also shows how to do a priority AVG silent update, the config file for AVG, and removal of the annoying "Did You Know" notifications.

Speculations

I have several thoughts on why Grisoft went this way.

  • They saw the ongoing trend of home pc security companies to bundle every feature they can consider into a single product for "ease of use." This probably makes them feel more "competitive" against each other. When lined up feature by feature, these suites look pretty good. However, they tend to add "bloat" and feature-creep. Grisoft and others forget that many fans like their products because they are simple, light and feature limited to begin with.

  • Many home pc users are not very sophisticated. Many don't have a clue about CPU utilization rates, process threads, and memory threads. They don't know what HIP's methodology is, and the discussion about which provides better protection, signature-based AV protection or heuristics-based scanning (I like a combo). So pc security vendors toss it all in there, appearing to provide a "more-secure" product.

  • Providing a feature-rich security product might entice home users to make the jump from a free product version to an even more feature-rich paid product. Many A/V vendors who offer "free" A/V" products have a hard-time converting these users into paying customers. This is unfortunate, but at the same time, they do a great and honorable public service by keeping many user's who wouldn't otherwise pay for A/V protection safe (along with the rest of us).

  • Looks are important in marketing. A clean and beautiful graphical user interface (GUI) may attract more customers than a geeky (but "easier" to access) techy interface which may confuse non-technical users. See: "The Dumbing Down of America - John C. Dvorak"

  • Despite the almost universal description seen on software vendor's product description pages "Compatible with Windows XP and Windows Vista" there are very few computers that are in an almost pristine "post-OS setup" state with sufficient free RAM and hard-drive space. My Windows computer systems at home and work are in truth Frankenstein'ish monstrosities of complicated drivers, multitudes of sub-system and kernel-level processes, a hodge-podge of applications and utilities all working hard to do their own thing irregardless of anything and anyone else; sometimes including the user! Add in specialized virtualization software and applications and introducing a hard-core application whose primary task is to be a security enforcer for the system, and there is a very good chance there will be a fight the likes of which have only been seen in Wild-West-Westerns when John Wayne deals with surly drunk range-hands. (Care to have a BSOD with that whisky, Mr.?) In all fairness to Grisoft, it is impossible for them to make sure their application works perfectly in all possible conditions that exist for all potential (and former-version) users. It just can't happen!

Am I defending Grisoft? Not really. Just trying to take a step back from the fray.

I hope they continue to tweak and adjust AVG Free v8 as it continues to mature. Grisoft is a mature company and I have few doubts they spent many a long night in development and planning, working out just which features to include.

I really want to believe the changes were sincerely made by Grisoft for what they thought was best, and there will only be a temporary disconnect between the AVG Free v7.5 we all loved and appreciated, and the new AVG Free v8 that we want to admire, but is still shockingly alien and exotic.

Might end up making a great love affair, or being carted off by the Men in Black to Area 51; never to be seen again. Jury is still out.

Alternatives? You've still Got' Em!

So what about the folks who don't enjoy the pain and frustration that I (and a few others) do of tweaking AVG Free till it finally bends to our will, becoming a beautiful example of software bonsai?

Dump it. Go get another free A/V program.

There remain a number of them that are pretty good (though each limited in their own way).

AntiVir PersonalEdition

Avast! 4 Home Edition

BitDefender 10 Free Edition

ClamWin Free Antivirus

Comodo Antivirus 2 (beta)

PC Tools AntiVirus Free Edition

Dr.Web CureIt!® Utility Version 4.44

In addition, there are a wealth of vendors who make quality "free-to-try, but $ to keep" anti-virus products.

Find a good source to compare efficacy: Most Effective Antivirus Tools Against New Malware Binaries - MTC Rankings, AV-comparatives.org, or the ISCSA Certified Anti-Virus Product page.

For now I'm sticking with AVG Free v8.

But I'll be keeping an open mind....and an eye on the options....

--Claus

6 comments:

Anonymous said...

Stopped using Avg many, many year ago. Just never cared for it, cain't explain why. I've been a happy user of Avast! 4 Home Edition.

Anonymous said...

Claus,
thanks for your blog posts, very interesting reading. I just wanted to say that we hear users' complaints and we are working hard on fixing the bugs and adding features based on user feedback. With software that is installed on more than 70 million workstations worldwide, the possibilities of collisions, conflicts with other apps or different system configurations are endless. I am not saying that as an excuse but rather as an explanation. Several thousand beta testers helped us test AVG8 but still not everything was discovered and fixed before the final release. My apologies to all who have been hit by some of the bugs.
I hope that the upcoming service pack 1 will help solve all the issues discussed here and in the previous post.
As a side note - I noticed a slight confusions in some of the posts regarding the LinkScanner technology. I think that Roger Thompson's blog provides some really interesting information about exploits and the necessity to protect while browsing

Anonymous said...

Karel,

Thank you for taking the time to stop by and leave a comment.

It's nice to hear confirmation that Grisoft is working hard to fine-tune AVG. I (and many others) know it will be a work in progress. It would be nice if Grisoft had a blog where they post development updates and news/tips regarding AVG v8 ($/free). I think everyone would find this deeply beneficial. If your company already has such a blog-page, could you share the weblink?

I get the Linkscanner feature.

Your FAQ also does a great job summarizing it: AVG Free FAQ's #1338 I had previously posted a link to it in one of my posts.

Yes, Roger Thompson's blog (and many others like it) point out the hazards that lurk behind many innoculous-appearing web-links. It takes a second to click but hours to clean and recover a system after a bad jump. Many (but not all) geekier-minded security folks already are cautious and security minded with link-hopping. However, as I have said before in my posts, a great many home-users are not so sophisticated and would find great-benefit in the LinkScanner feature of AVG v8.

The biggest hurdle for the rest of us is convincing us 100% that web-surfing performance is not impacted at between using/not using LinkScanner. And that AVG isn't doing any "data-collection" based on those checks...regardless if it is anonymous or not. Current discussion and comments from "power-users" is that they don't want to see a tool-bar, that LinkScanner feature does take a toll on system and web-surfing performance, and that for many folks, it is more of a burden than help.

Please bear in mind, that many users of AVG Free are running your product on older systems that have much more sparse resources (CPU/RAM/HDD space) than more modern pc systems bring. That is one of the very reasons they love and have turned to AVG is that it runs so very well on these older systems. As AVG version 8 adds more features and performs more functions those are bring a noticable impact to their beloved (and outdated) systems. They see and feel the difference and this leaves a poor taste in their mouth. Some even feel "betrayed".

It would be REALLY nice if the AVG installer provided a number of installation options for the user to select:

Minimal: For older laptops/workstations with minimal resources--provides basic email and A/V protection only.

Regular: For moderate laptops/workstations that will provide email/malware/A/V protection.

Full: Complete AVG feature installation (email/malware/A/V/LinkScanner/SafeSearch/SafeScan.

Custom: Pick and choose element installation.

That alone would probably win back many of your AVG/Grisoft product fans.

Anonymous said...

Claus,

Thank you for your four articles on AVG. I came across the second and third ones in early May when looking for information about whether the free edition was defunct because the question came up a few days apart in two discussion groups. (At the time I provided those two links to the two groups.)

On Saturday, checking those two articles for additional readers' comments, I found the first and fourth ones.

I really appreciated your in-depth reports and the comments from others -- so much so that I passed them on to Windows Secrets via an online submission and to Lockergnome as a comment on one of Ron Schenone's articles. (See http://www.lockergnome.com/blade/2008/05/30/avg-8-free-edition-try-a-different-download-site for that article, my comment, and his reply -- including a link to his further article at http://www.lockergnome.com/blade/2008/05/31/avg-8-more-helpful-information with your links.)

Thanks again for the AVG items -- and in advance for the other posts I'm sure I'll enjoy in your blog.

Merna

Anonymous said...

@Merna, you are too kind!

I've hopped over and checked out the links you left. Neat stuff!

I'm feeling very humbled by the number of comments and links that folks have been making to these posts.

I was just venting and trying to offer others some guidance on issues related to AVG Free that tarnish an otherwise fine product.

I'm going to be making another post tonight on AVG based on the links you shared.

I hope you find some more content here to enjoy. I love writing and technology so it's especially rewarding when someone finds my humble little blog useful.

Working on this blog has become therapeutic and helped to sharpen my skills and focus as a sysadmin.

Sunbar said...

Hey Claus

Stumbled on your Blog in the quest for AVG v8 info. Great stuff here....love the Firefox favorite extensions list. I'll keep checking back.

Thx
Rob