Beware! Avast is at it again


S

Stan Brown

When I started the program update (by using the program's own
Maintenance tab and selecting Program Update), I got the promo window
shown at:

http://tinypic.com/r/14scxdw/6
You mean: http://i48.tinypic.com/14scxdw.jpg

The URL you gave is for some sort of toolbox or setup screen and
doesn't show your actual image.
I only want the free version so I clicked the Essential link. I then
got prompted with:

http://tinypic.com/r/afc1er/6
You mean: http://i47.tinypic.com/afc1er.jpg

And I never got that page or anything resembling it. I can't account
for why you got it and I didn't, but I would have remembered that
page. There's just no way I would have clicked Finish on such a page
without reading it, because I knew Avast had a history of foisting
Google on us and I was hyper-alert during the update.

Maybe there are several versions of the updater, bizarre though that
seems. Paul reported that the Avast forum reports some screen
appearing with the option to uncheck Google, but disappearing too
quickly for anyone to exercise that option.
 
Ad

Advertisements

S

Stan Brown

I just let Avast install its update. It downloaded it, then asked to
reboot the computer. After the reboot, a screen came up asking if I
wanted to install Chrome. The two option boxes were checked by default.
I left the box sitting for at least 5 minutes before responding, so I
don't think it was planning to proceed until I answered. I unchecked
the option boxes, clicked next, and the new version of Avast is running
as I expected. There is no sign of Chrome on this computer.

I don't know why your experience was different.
Thanks, Nil. That's the $64,000 question. Apparently different
people have different experiences of this, which is awfully hard to
account for. I am 100% certain I did not click any kind of Finish
button as shown in Vanguard's pic or as described by you.

I do seem to be in a minority, but not alone, as witnessed y Bob
Henson's report.
 
V

VanguardLH

Stan said:
You mean: http://i48.tinypic.com/14scxdw.jpg

The URL you gave is for some sort of toolbox or setup screen and
doesn't show your actual image.


You mean: http://i47.tinypic.com/afc1er.jpg

And I never got that page or anything resembling it. I can't account
for why you got it and I didn't, but I would have remembered that
page. There's just no way I would have clicked Finish on such a page
without reading it, because I knew Avast had a history of foisting
Google on us and I was hyper-alert during the update.

Maybe there are several versions of the updater, bizarre though that
seems. Paul reported that the Avast forum reports some screen
appearing with the option to uncheck Google, but disappearing too
quickly for anyone to exercise that option.
Both the link I gave and the one you gave work for me. Yours just shows
the image (their direct link for layouts). My link gives you their
general page (for links in e-mail and IMs) showing the image along with
all their other content (banner ad, frame ad, login fields, tools pane,
and social links). I don't have an account there so I wasn't (and
can't) login. Don't know why you can't see their general page with the
image.

What I don't like is that the Finish button is selected by default.
That means the Enter key will select that action. If anything emulates
an Enter key, or you hit it during the install (like you thought you hit
it for one dialog but hit it twice so it got buffered), then the Finish
button gets selected and all you might see is a momentary flash. A
proper installer would NOT have the Finish button selected by default
(i.e., that object would NOT have focus). This is especially true
considering there are other options in that dialog that affect the
installation. Only if the last page is informational only should the
Finish button be selected by default. It is poor UI design.
 
V

VanguardLH

BeeJ said:
Stan Brown:


Been using Avast with no problems for years until recently.
I have had two or three updates of the engine within just a few days.
The first of the group of updates had a serious problem that caused me
big problems. The latest update fixed that.
but with each update the newer updates have added advertising for other
products. this was not the case in the past. Also, the unobvious
checkboxes to include installs of other stuff are anoying. Gotta watch
closely otherwise I get freebee junk that I do not want to burden my
"Windows experience".
Avast and AVG were both highly rated a few years ago. Wonder what that
rating is now? Compared to Windows Essentials etc.
While many users point at the av-comparatives.org ratings, another and
perhaps easier way to compare them is to look at VirusBulletin's graph:

http://www.virusbtn.com/vb100/rap-index.xml

The higher the dot, the better the product is at in detecting current
pests (reactive detection). The farther to the right, the better it is
at detecting yet-unknown pests (proactive detection). So the closer the
dot is to the upper right corner then the better the product is overall.

The VB graph does not, I believe, include scoring of products to account
for an excessive number of false positives (which result in users
wasting lots of time, getting needessly alarmed, and can result in
screwing up apps or the OS). AV-comparatives has some testing on false
positives. VB also doesn't account for incomplete cleanup *and* repair
of the OS and apps after removing malware. While I use Avast, it is not
tops at cleanup since their intent is to thwart infection rather than
have to cleanup the mess. Personally I prefer the quick and sure method
of restoring from image backups (to get back to one before the
infection) rather than rely of immunization or cleanup by security
software (which is never 100% in all cases or even in most cases).

The OP and many respondents have not stipulated if they are discussing
freeware or payware versions of their choice in security product. There
are few (maybe two) free AV products included in VB's graph.
Av-comparatives tests just the payware products. I don't know of
equally reputable testing sites that rate ONLY the freeware products.
For example, while freeware Avira rates higher in reactive detection
than freeware Avast, freeware Avira doesn't monitor as many infection
vectors as freeware Avast. You have to get payware Avira to monitor the
same infection vectors as available in freeware Avast.

There are other factors involved in choosing an AV or security product,
one of which is will it work on YOUR system. I might be using freeware
Avira except for a lingering over 3-year old defect in the product: if
any program polls the storage devices (hard disks, optical drives, etc)
then Avira - on my system - will start re-polling all storage devices at
1-minute intervals. This means external drives will not sleep. It also
means you'll hear the floppy drive, if you have one, groan every minute
as it get accessed. Avira doesn't differentiate between polling a
device to retrieve its properties from firmware on the device versus
accessing the device to commit writes. They claim they cannot reproduce
this bug although I'm not the only one reporting it. So I might want to
use freeware Avira but I can't which means I have to look to another
solution. There is also the nuisance factor: if a product nuisances you
too much then it degenerates its usefulness since users will quelch the
product to be nuisanced less. While there are workarounds (for now) to
get rid of freeware Avira's splash banner (when it loads) and adware
popup window (when it updates), and because workarounds can eventually
be thwarted by the product owner, I stick with Avast because the only
time ads are in my face are during installs (as started this discussion)
but which can be easily configured to not include the foistware or when
I'm in Avast's config UI (which isn't often - and if I were there often
then I'd be looking at a different solution). My ISP's webmail pages
are adware laden as are some free e-mail provider's webmail pages;
however, I only use e-mail providers that let me use standard e-mail
protocols (POP, IMAP, SMTP) so I never have to be bothered with the ads.
They're ad-supported products or services but tis easy 'nuff not to see
the ads.

As to Microsoft's Security Essentials being better than Avira or Avast,
that isn't evidenced at av-comparatives or VB. While MSE does have an
edge (over some competitors) in cleanup after getting rid of malware,
MSE also detects less pests. So cleanup is better but over a small
range of pests. After all, we all know picking the easy well-known
targets let's us hit them easier. As for impact on the host, MSE is
light *except* during updates. Every AV product will impact
responsiveness of the host when it is updating itself. Obviously that's
a given since any process to do anything will have to consume some of
the resources of the host. When MSE updates (on several hosts with
varying versions of Windows and hardware), I've always notice a slow
down in responsiveness of the host, so much so that I start wondering
what's wrong with the host and then hunt around to find the culprit is
MSE updating itself. The update doesn't take long but that's a rather
subjective measurement. Short for some may be nuisancesome to others.
For MSE, just a "net stop" command is all it takes to kill it. Other AV
products are more robust in protecting themselves from 3rd party
termination.

However, no security software can overcome the users. If security
software wrenched away all control to protect the system, users would
find their system unusable or undesirable. It is entirely possible to
not install any AV or security software and still not get infected.
Depends a lot on what the user does.
 
P

(PeteCresswell)

Per Stan Brown:
Thanks, Nil. That's the $64,000 question. Apparently different
people have different experiences of this, which is awfully hard to
account for.
I'm glad somebody said it.

I was getting dismayed at all the posts to the effect of "I have
Windows Whatever and it didn't happen to me, so it must not be
happening to anybody else who is running WIndows Whatever."

I'm sure I don't even know 10% of how complicated Windows is -
especially when one tries to take into account the millions of
potentially-different installs.... but I know for sure it's more
complicated that I ever dreamed.
 
P

(PeteCresswell)

Per s|b:
I'm having problems with build .1456 (with Fx 13.0.1 and latest Flash;
avast's Behavior Shield makes Fx hang) and I must have
installed/uninstalled avast more than a dozen times. *Every* time there
was a popup window where you could uncheck Google Chrome.
Some months ago I installed a utility called "AnVir Task Manager
Pro". There is a freebie version, but for reasons I cannot
recall I moved to the $50 version.

Part of it's functionality is to control who does what in terms
of installing things.

Surprisingly often, it will throw a "Do you really want this
stuff installed..." dialog when I'm doing something seemingly
unrelated.

My inner anal-retentive is happy to have purchased this utility.
 
Ad

Advertisements

P

(PeteCresswell)

Per VanguardLH:
However, no security software can overcome the users. If security
software wrenched away all control to protect the system, users would
find their system unusable or undesirable.
The only infection (at least that I know of...) acquired under
Avast on the computers I support was on my daughter's XP box.

After fixing it, I went back to try to re-create the situation
and what I came up with was:

- An infected email had come in

- Avast had flagged it - throwing a really clear dialog to the
effect of "This Is A Really Bad Thing And, Trust Us, You
Do NOT Want To Open It!!!" with the "Don't Open" button
pre-selected.

- My macho son-in-law, mind clouded by testosterone poisoning,
just had to click "Open It Anyhow".
 
K

Ken Blake

While many users point at the av-comparatives.org ratings, another and
perhaps easier way to compare them is to look at VirusBulletin's graph:

http://www.virusbtn.com/vb100/rap-index.xml

Interesting, thanks. I'd never seen this before.

One of the highest rated, not red, programs is G Data. I've never
heard of it before. Do you, or anyone else here, know anything about
it? Recommend it?
 
A

Ann Watson

I already had Chrome installed so I didn't get anything at all
from Avast. I am a bit put off by all the pop ups regarding
upgrading to the pay version. If I want the pay version, I know
where to go get it.
Haven't seen any of those, yet - just ads for the Android
version; at least there's a way to turn that off.

AW
 
A

Ann Watson

On 7/9/2012 5:54 PM, Ann Watson wrote:

I have definitions set to update automatically but I have the
program updates set up to ask me. I believe that's the default
setting.
Quite possibly - it's been so long since I've needed to adjust
those settings that I don't remember.

AW
 
A

Ann Watson

Per Ann Watson:

That's become something of a religion with me no matter what the
application.

Auto-updates = Bad Thing....
Same with me, usually. Too bad I can't find a way to set Windows
Defender to update automatically without getting all the other
Windows Updates.
That seems tb one hole in the Apple iPod/iPhone/iPad scheme of
things under App Store's "Updates". It's all or nothing. You
have to update all the apps which have pending updates or none of
them. I got burned recently when the publishers of SplashData
messed up and pushed out an "Update" that was really a major
version upgrade (5.x to 6.x) which rendered the Apple device
incompatible with the Windows box it was supposed to synch with
until the user paid ten bucks for the "Upgrade". They made good
on it - and it must've a nightmare for their support people.
Ouch! I've only recently acquired anything Apple and was
somewhat dismayed by all the software seemingly required for the
Classic ipod.

AW
 
Ad

Advertisements

C

Char Jackson

Per VanguardLH:

The only infection (at least that I know of...) acquired under
Avast on the computers I support was on my daughter's XP box.

After fixing it, I went back to try to re-create the situation
and what I came up with was:

- An infected email had come in

- Avast had flagged it - throwing a really clear dialog to the
effect of "This Is A Really Bad Thing And, Trust Us, You
Do NOT Want To Open It!!!" with the "Don't Open" button
pre-selected.

- My macho son-in-law, mind clouded by testosterone poisoning,
just had to click "Open It Anyhow".
In his defense, the word 'Naked' might have appeared somewhere in the
email. That's usually enough to get the desired click.
 
A

Ann Watson

They might have, but I have it set to notify me of updates and ask
permission.

I watched carefully, and there was no opt-in or opt-out screen after
the reboot.
That's what mine was set for as well and I had no problem with
the opt-in/out screen. Strange.

AW
 
P

Paul

Ken said:
Interesting, thanks. I'd never seen this before.

One of the highest rated, not red, programs is G Data. I've never
heard of it before. Do you, or anyone else here, know anything about
it? Recommend it?
http://en.wikipedia.org/wiki/G_Data

"G Data Software is a collection of anti-malware solutions by
G Data Software, Inc. It was founded in Bochum, Germany in 1985
with the North American subsidiary currently located in Durham,
North Carolina, U. S. A.

G Data is able to achieve higher detection rates than other products
through the use of multiple scanning engines from Avast and BitDefender."

HTH,
Paul
 
K

Ken Blake

http://en.wikipedia.org/wiki/G_Data

"G Data Software is a collection of anti-malware solutions by
G Data Software, Inc. It was founded in Bochum, Germany in 1985
with the North American subsidiary currently located in Durham,
North Carolina, U. S. A.

G Data is able to achieve higher detection rates than other products
through the use of multiple scanning engines from Avast and BitDefender."


Thanks. Anyone here ever used it?
 
Y

Yousuf Khan

I tried AVG. NEVER AGAIN! Some years back, I tried the trial.
It considered my WordStar 2000 executable to be infected -- which it
was not -- and would not let me run it, and there was no way to
override this. I sent a copy to them with an explanation. Shortly,
there was a revision, and I could use WS2000 again. Fine so far. It
is getting to the end of the trial, and I thought that I should
seriously consider registering. Another update put me back at WS2000
being quarantined. They did not reply.
The false positives are pretty common on many anti-viruses at the same
time. Many seem to obtain their virus definition files from a common
pool. What you need to do is if there is a file flagged as a virus, then
run the file through the big online scanner:

http://virusscan.jotti.org/en

This has various anti-viruses running simultaneously, and if you see a
signficant number flagging your file, then it might likely be infected.
If not, then I'd consider it a false positive.

Yousuf Khan
 
Ad

Advertisements

S

Stan Brown

Ouch! I've only recently acquired anything Apple and was
somewhat dismayed by all the software seemingly required for the
Classic ipod.
Me too -- you might find this Web page of mine useful. Apple has way
too much ride-along software with iTunes, as you've discovered, and I
explain how to disable the extras without losing functionality:

http://oakroadsystems.com/tech/7service.htm#iTunes

There's also a very good page by Ed Bott on avoiding the problem by
reverse-engineering the iTunes installer:

http://www.zdnet.com/blog/bott/the-unofficial-guide-to-installing-
itunes-10-without-bloatware/2390
 
V

VanguardLH

(PeteCresswell) said:
Per VanguardLH:


The only infection (at least that I know of...) acquired under Avast
on the computers I support was on my daughter's XP box.

After fixing it, I went back to try to re-create the situation and
what I came up with was:

- An infected email had come in

- Avast had flagged it - throwing a really clear dialog to the effect
of "This Is A Really Bad Thing And, Trust Us, You Do NOT Want To Open
It!!!" with the "Don't Open" button pre-selected.

- My macho son-in-law, mind clouded by testosterone poisoning, just
had to click "Open It Anyhow".
Did the subject or message body have "sex" or related word somewhere in
it? Hard to fight a hard on. Age resolves that problem.
 
G

Gene Wirchenko

On Tue, 10 Jul 2012 16:31:06 -0400, Yousuf Khan

[snip]
The false positives are pretty common on many anti-viruses at the same
time. Many seem to obtain their virus definition files from a common
pool. What you need to do is if there is a file flagged as a virus, then
run the file through the big online scanner:

http://virusscan.jotti.org/en

This has various anti-viruses running simultaneously, and if you see a
signficant number flagging your file, then it might likely be infected.
If not, then I'd consider it a false positive.
Given that the file dated from 1987 or 1988 and ran fine on more
than one system, I think it unlikely it was infected.

That was not really the problem. The problem was that I could
not override it. I was unable to use my editor with AVG on my system.

Sincerely,

Gene Wirchenko
 
Ad

Advertisements

C

Char Jackson

On Tue, 10 Jul 2012 16:31:06 -0400, Yousuf Khan

[snip]
The false positives are pretty common on many anti-viruses at the same
time. Many seem to obtain their virus definition files from a common
pool. What you need to do is if there is a file flagged as a virus, then
run the file through the big online scanner:

http://virusscan.jotti.org/en

This has various anti-viruses running simultaneously, and if you see a
signficant number flagging your file, then it might likely be infected.
If not, then I'd consider it a false positive.
Given that the file dated from 1987 or 1988 and ran fine on more
than one system, I think it unlikely it was infected.

That was not really the problem. The problem was that I could
not override it. I was unable to use my editor with AVG on my system.
You couldn't configure AVG to ignore it? I thought that was standard
behavior among AV apps.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top