Major flaw in AVG8, it's slowing down the internet! Don't use it!

[Guest]

[mystuff]

Just read this story on slashdot.org first:
http://it.slashdot.org/article.pl?sid=08/07/03/1411254&from=rss

Basically because AVG since version 8 has taken it on themselves to scan every link in the user's browser before they even click anything (it's called Linkscanner), as a result AVG users have been generating a lot of unnecessary traffic. Just imagine doing a google search and AVG downloading the 20+ websites google is linking to rather than just the one you click on.

I'd say if there ever was a good time for the upgrade to CPF3, Comodo Integrated Security to be released, now is the time.

_{PS: for Melih, read this post: http://it.slashdot.org/comments.pl?sid=603045&cid=24045961
/. seems like a great place to start promoting your A-VSMART technology because apparantly they are unaware of it.}

[Vettetech]

I heard about this. I haven't used AVG in over 3 years and never intend on it. I love my NOD32. Avast is a better free choice over AVG.

[Dennis2]

From AVG 7.5 to 8 it is one step down not up I have disabled linkscanner and webshield waiting for CAVS3 to be released.
Dennis

[Japo]

Basically because AVG since version 8 has taken it on themselves to scan every link in the user's browser before they even click anything (it's called Linkscanner), as a result AVG users have been generating a lot of unnecessary traffic. Just imagine doing a google search and AVG downloading the 20+ websites google is linking to rather than just the one you click on.

That's insane, like the page prefetch Firefox extension. In my book that's illegal.

[Osage]

I have been hearing nothing but bad reports about AVG in the last six months or so. While I have never used AVG,
I have had friends that have used it and they used to be happy. But still, in the AV product market, the best performance is only to be found in a few of the paid AV's and no full featured freeware AV has ever been in what I would call the top tier of AV performance. And sadly unlike the firewall market where the best product, IMHO, is Comodo3, and thus freeware tops the list.

And in many ways, the AV avast freeware and the AVG freeware versions were very similar in terms of virtues and detection rates. But the key word is WERE in the past tense. And not only that, both AVG and Avast as freeware
versions were full featured AV's and in terms of freeware, they both used to lead the freeware class. Out preforming many paid AV's but still not quite the equal of paid AV's like Kaspersky, NOD32. and Antivirus. Nor are the paid versions of AVG or Avast much better in terms of performance.

But AVG, for whatever reasons, has really taken itself out of the AV market in MHO. First, the freeware version has opted to become not full featured and hence crippleware. Because after 30 days, the prescanning of incoming email stops. Thus putting AVG on the same footing as the Avira antivirus personal freeware version. But AVG can't
come close to competing with the much better Avira in terms of performance. Second, AVG 8 has gone the bloatware route without gaining any performance to justify it. I am also hearing reports that AVG is not compatible with firefox3 to go along with just a flood of negative reports on many forums.

Meaning Avast is now, IMHO and also backed by testing organizations,  the best full featured freeware AV and Antivirus personal edition freeware, is the best preforming AV even though it lacks incoming email prescanning. IMHO,  the choice is now depending on how much a  given user needs incoming email scanning if they want a freeware AV.

The sad implication is what happens if Avast, due to lack on paying subscribers, is forced to to go the AVG route,
and it least drop some of its full features to get more to pay?

But I am eagerly awaiting any comodo entry in to the possibly freeware AV market. But before I make any decisions, I will have to see the unbiased tests to show comodo can run with the performance leaders.

[normishmael]

Osage said: "and no full featured freeware AV has ever been in what I would call the top tier of AV performance."

Not Quite your stance on the Avira forums I thank.

[Kyle]

Why even bother with websites and email scanners.. they are just a marketing ploy.   I'm probably going to get some response to this to let me try to explain.

With a websheild on, Try to download Eicar.     Get's deleted
With a websheild off, Try to download Eicar.     Get's deleted

With email scanner on, Download an attachment.      Now read the email scanning, the file has been scanned.
With email scanner off, Download an attachment.      Now read the real time scanning, the file has been scanned.

They are just more un-needed services that are eating at your CPU.

[3xist]

AVG 8 is worse then AVG 7.

More bloated, More Heavy, Looks prettier but under-the-hood isn't a good sight. Reminds me of Vista. IMO...

Josh

[Osage]

Kyle is correct in writing---I'm probably going to get some response to this to let me try to explain. So I will try to have a go at it, but I do like the Kyle disclaimer, I too am not a computer tech but this is my basic forum understanding.

But in terms of the active antivirus class in general, some versions lack email prescanning. And citing a non malicious test virus like Eicar is a very poor comparison with the active antivirus programs that have email preascanning.

An active antivirus that has email prescanning should detect the virus as the email is coming in and before it is opened. Be the virus somewhere in the email itself, or in an attachment, and the better ones will detect it even if its comes a a zipped file. And way BEFORE you can even think of opening the email, the active AV will have stopped and prevented the threat.

Those AV's that lack the email prescanning will wait until the email is opened, and then should, QUICKLY detect any malicious viruses. The point being, how quick is quick? Because in that small gap in time before the active antivirus can react and basically say, eeek its a virus, stop it, there are some are forms of viruses that can beat your AV to the punch, and in a matter of mere millisecond it can install, and then start executing its program to shut down your AV, shutdown your software firewall, and then start merrily downloading all kinds of malware. Not to be an alarmist, these type of exploits are rare, but they do exist and are documented on various reputable security forums.

But if you happen to download Eicar in an email with a non prescanning AV, its will execute nothing giving your active AV infinite time to react.

[Vettetech]

Main reason I use web based email and not POP3. Yahoo email now scans all files with Norton 09 before you can open them. Then on top you still your own av.

[Kyle]

Hey osage,

Realtime scanner scans the file as soon as it is accessed, a virus coming through an email would be scanned by the realtime scanner anyway, it's being written on your disk.

Example, I'm guessing you have CPF3 D+, when you finish downloading a file D+ will ask you if Firefox is allowed to add a new file, (the one you downloaded). It will then be scanned.   There are alot of viruses on Limewire\frostwire etc..if you have Avast! turn your P2P sheild off.. it will still detect and remove it.. and it's saving you resource usage..

[Vettetech]

If you use NOD32 it has an active mode to filter web browser or any other program.

[Dennis2]

AVG 8 is worse then AVG 7.

More bloated, More Heavy, Looks prettier but under-the-hood isn't a good sight. Reminds me of Vista. IMO...

Josh

AVG 8 is also not bug free more like a Beta makes you wonder if they tested it.
One bug during scan pause then stop without restating now after I scan it takes 100% cpu have to reboot.
Waiting for CAVS3 please soon.
Dennis

[Japo]

I've never seen the point in email scanning because of what Kyle says.

Those AV's that lack the email prescanning will wait until the email is opened, and then should, QUICKLY detect any malicious viruses. The point being, how quick is quick? Because in that small gap in time before the active antivirus can react and basically say, eeek its a virus, stop it, there are some are forms of viruses that can beat your AV to the punch, and in a matter of mere millisecond it can install, and then start executing its program to shut down your AV, shutdown your software firewall, and then start merrily downloading all kinds of malware. Not to be an alarmist, these type of exploits are rare, but they do exist and are documented on various reputable security forums.

No, it is not a race against time. An AV will have a global hook installed, what means that Windows won't process the file until the AV is done scanning it:

A hook is a point in the system message-handling mechanism where an application can install a subroutine to monitor the message traffic in the system and process certain types of messages before they reach the target window procedure.

[Osage]

To Japo,

1. What I posted is my general understanding of things, you post that a global hook will always get around that possibility and I am not sure you are 100% correct in stating a global hook is impossible to get around.

2. We must always realize we are competing with very smart and devious people, namely the people who write malware, and they keep refining their wares until they can successfully penetrate our defenses. The less devious
capture enough PC's to keep them busy because the security clueless are in almost infinite supply.

3. To a certain extent, there are other things besides AV global hooks that can prevent new unknown software from executing and comodo3 is one of them. But perhaps another good defense is using an non administrative account with a full software restriction policy.

[Tags:]