WTF AVG?

Sep. 30th, 2008 07:57 pm
[identity profile] coyoteden.livejournal.com posting in [community profile] techrecovery
One of the MANY reasons all antivirus apps suck.

When they break, it's not pretty. I was wondering why "ping" wasn't found. Ecccch.
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only

Date: 2008-10-01 12:12 am (UTC)
hopefulnebula: Mandelbrot Set with text "You can change the world in a tiny way" (Default)
From: [personal profile] hopefulnebula
Well, that actually is kind of pretty.

Not, you know, in any technical sense, but aesthetically, it's kind of cool-looking.

Date: 2008-10-01 12:23 am (UTC)
From: [identity profile] sdaemon.livejournal.com
AVG seems to shit the bed harder than most. Symantec doesn't break so much as...suck right from the getgo. McAfee seems about as okay as you can get these days. I'm looking into ClamAV...it would be nice to have a free alternative that didn't blow :)

Date: 2008-10-01 12:32 am (UTC)
From: [identity profile] arinoch.livejournal.com
Unless it's your own computer and not a customer's, just leave 'em with whatever they're using. Every tech knows the AV software's only half the solution; a clue is the other half. I could tell you stories of the problems I've fixed that started with someone in my family alone saying "Oh, well I'll just disable the virus scanner.".

Date: 2008-10-01 01:10 am (UTC)
From: [identity profile] pope-guilty.livejournal.com
McAfee by default blocks IRC.

...yeah.

Date: 2008-10-01 01:16 am (UTC)
From: [identity profile] altorogue.livejournal.com
Ow, it hurts my brain. :/

Date: 2008-10-01 01:41 am (UTC)
From: [identity profile] jimbojones.livejournal.com
ClamWin works great, as long as you don't want active hooks into your filesystem or mailsystem (ie, automatic scanning of everything you do). All ClamWin gives you is the ability to right-click a file or folder and scan it manually.

Which suits me PERSONALLY just fine, but I can't exactly recommend it to clients.

Date: 2008-10-01 01:45 am (UTC)
From: [identity profile] jimbojones.livejournal.com
As a DEFAULT behavior, that's actually wise.

If you don't know how to frotz your antivirus, you REALLY have no business being on IRC.

If you aren't deliberately using IRC, it's really a good fucking idea to block your computer from getting to it (as best as you can), given that IRC is how zombies report in to Master.

Date: 2008-10-01 01:47 am (UTC)
From: [identity profile] pope-guilty.livejournal.com
I know why they do it, it's just annoying as shit.

Date: 2008-10-01 01:53 am (UTC)
From: [identity profile] pope-guilty.livejournal.com
That's way better than "Oh hai, taking up all your system resources now."

Date: 2008-10-01 01:57 am (UTC)
From: [identity profile] superbus.livejournal.com
Hey, it works great for guys like us, that actually know their shit.

Date: 2008-10-01 02:10 am (UTC)
jjjiii: It's pug! (Default)
From: [personal profile] jjjiii
It's a nice houndstooth error message.

Date: 2008-10-01 02:13 am (UTC)
From: [identity profile] coyoteden.livejournal.com
Oh, it's mine. Uninstall/reboot/reinstall of AVG cleaned it up.

Date: 2008-10-01 02:28 am (UTC)
From: [identity profile] simoncion.livejournal.com
Mm...

I don't agree with your "no business being on IRC" comment.
However, it does make a (little (tiny)) bit of sense to shut off the stoopid zombie bot CnC vector.

Date: 2008-10-01 02:32 am (UTC)
ext_130371: (wiredbrain)
From: [identity profile] ravenofdreams.livejournal.com
Well, it does look pretty. Annoying, I'm sure, but pretty.

Date: 2008-10-01 02:45 am (UTC)
From: [identity profile] taleya.livejournal.com
Wow. That reminds me of the chaos patterns in the novel of Jurassic Park

Date: 2008-10-01 03:09 am (UTC)
From: [identity profile] jimbojones.livejournal.com
So you would say IRC is a great, safe place to be for people who don't even know how their antivirus app works?

... shens!

Date: 2008-10-01 03:27 am (UTC)
From: [identity profile] simoncion.livejournal.com
Is it worse than:

1) Email?
2) The WWW?
3) AIM?

Date: 2008-10-01 03:29 am (UTC)
From: [identity profile] jimbojones.livejournal.com
1) yes
2) yes
3) yes

The other three are more commonly occurring vectors for noobs because there are more noobs USING them, not because they are more or less safe.

IRC is a wretched hive of scum and villainy. Yes, yes, I know, you have fun there, blah blah blah - but it's about on par with Limewire for "noob safety", if not worse.

I am not saying "nobody should ever go to IRC", but I maintain that if you don't even know how your antivirus works, you should NOT be going there.

Date: 2008-10-01 03:30 am (UTC)
From: [identity profile] vertelemming.livejournal.com
4) Life?

Date: 2008-10-01 04:22 am (UTC)
From: [identity profile] trayce.livejournal.com
Agreed. In fact back in the day when IRC were more popular than it is now, the majority of people with compromised machines had zombie clients fuckin' shit up via IRC (and had no idea, either). I'd see that way more than DoS attacks or virii.

Date: 2008-10-01 10:13 am (UTC)
From: [identity profile] jcaswell.livejournal.com
My thoughts exactly :)

Date: 2008-10-01 10:28 am (UTC)
ext_8716: (Default)
From: [identity profile] trixtah.livejournal.com
Avast! works well. No crap that I can discern, and does the biz on Windows.

Date: 2008-10-01 01:11 pm (UTC)
From: [identity profile] simoncion.livejournal.com
Oh man.
That's the biggest virus/worm vector there is! Stay *far* away!

Date: 2008-10-01 01:12 pm (UTC)
From: [identity profile] simoncion.livejournal.com
IRC is a wretched hive of scum and villainy.

Why?

but it's about on par with Limewire for "noob safety"

Again, why? I sense that you have a point here, but are continually failing to make it.

Date: 2008-10-01 01:20 pm (UTC)
From: [identity profile] simoncion.livejournal.com
So:
The IRC protocol can be used to control evil software, therefore chatting via IRC is to be avoided by noobs?

Date: 2008-10-01 01:26 pm (UTC)
From: [identity profile] mattcaron.livejournal.com
I've had decent luck with ClamAV/ClamWin.

Date: 2008-10-01 01:27 pm (UTC)
From: [identity profile] jimbojones.livejournal.com
Seriously, are you kidding me? It's not, for the most part, a technical reason - IRC isn't inherently unsafe because of some particular protocol failing or anything - it is simply a wretched hive of scum and villainy. Full of everything from malicious kiddies telling noobs to delete system32 to script kiddies pawning trojans off on people to trojaned warez getting passed around.

Date: 2008-10-01 01:28 pm (UTC)
From: [identity profile] mattcaron.livejournal.com
What about the fact that I don't run antivirus software?

(And don't use Windows)

Date: 2008-10-01 01:29 pm (UTC)
From: [identity profile] mattcaron.livejournal.com
It also does run full system scans, which you can schedule at specific times (like, when no one is likely to be using the machine).

Date: 2008-10-01 01:29 pm (UTC)
From: [identity profile] jimbojones.livejournal.com
You, sir, are no noob: if some jackass convinces you to DCC some trojaned warez, I'll just point and laugh. =)

Date: 2008-10-01 01:30 pm (UTC)
From: [identity profile] pope-guilty.livejournal.com
So noonish, for most nerds.

Date: 2008-10-01 01:48 pm (UTC)
From: [identity profile] mattcaron.livejournal.com
Ironically, so would I... (Yes, I am not above laughing at myself. Keeps me from getting too jaded).

Now, these trojaned warez.. do they run under Wine...?

Date: 2008-10-01 02:38 pm (UTC)
From: [identity profile] spooforbrains.livejournal.com
When I came to create a VMWare image of a running server, a while ago, I found the disk usage to be ~50GB higher than it should be. After some time* I managed to track it down to ... Trend Micro, which had 50GB of log files in its Program directory.

Seriously, WTF, Trend? 50GB?!

* Side question. When crap like this happens, I have to get the file size of each directory tree in the root and work my way down. Does anyone know of anything similar to Konqueror's file size view that would allow me to easily see where the disk usage is?

Date: 2008-10-01 03:36 pm (UTC)
From: [identity profile] the-s-guy.livejournal.com
Is there any section of the internet - or life - which isn't?

Date: 2008-10-01 04:08 pm (UTC)
From: [identity profile] jimbojones.livejournal.com
Y'know, there's an "acceptable percentage" of rodent feces in restaurant food, too, but that doesn't mean tossing a rat's salad is a good idea.

Date: 2008-10-01 04:09 pm (UTC)
From: [identity profile] jimbojones.livejournal.com
Some of 'em do!

Actually I saw some pretty interesting articles a while back about some malware that did precisely that - people were running various browsers under Wine and getting Windows malware that RAN under Wine. Interesting, in a thoroughly repulsive way.

Date: 2008-10-01 04:20 pm (UTC)
From: [identity profile] major-error.livejournal.com
http://www.steffengerlach.de/freeware/
Scanner is your friend.

You're welcome :P

Date: 2008-10-01 04:24 pm (UTC)
From: [identity profile] the-s-guy.livejournal.com
I usually write a little script which pulls the disk usage of each subdir in the starting directory, sorts by size, prints the first one (size and name), and then takes the name of that particular subdir and recurses until it hits a directory with no subdirs.

(No, it's not particularly efficient. It'd be moreso if it pulled all the subtree data at once and then worked on the resulting file, but hey.)

I assume you're using something like "du -k | sort -n" at the moment? There's a du for Windows at sysinternals.com if it's just for the one machine. Or you could write something complicated in batch, or less so under WSH, or any one of a number of options. There's a bunch of third-party utilities which will do it, and I hear that Vista has folder size sort as an advanced option (but haven't confirmed it personally).

Date: 2008-10-01 04:48 pm (UTC)
torkell: (Default)
From: [personal profile] torkell
Ooh, pretty! Kinda like the ASCII test pages for printers, back when test pages were actually useful.

Date: 2008-10-01 08:59 pm (UTC)
From: [identity profile] mattcaron.livejournal.com
Also known as Sushi and Sake time.

Date: 2008-10-01 09:36 pm (UTC)
From: [identity profile] simoncion.livejournal.com
For Linux, you want baobab. (Gnome's disk usage tool)
For Windows, you want SequoiaView.

Date: 2008-10-01 11:59 pm (UTC)
From: [identity profile] kostika.livejournal.com
Except they don't need to click the accept button. You can jsut send the person to a webpage and it'll do it automatically without them knowing.

Seriously, IRC is no worse than spam with attachments or cleverly scripted webpages. Me things you must have gotten stung on IRC at some point.

Date: 2008-10-02 12:15 am (UTC)
From: [identity profile] jimbojones.livejournal.com
I've never had any form of malware on any computer of my own, period.

Date: 2008-10-02 12:16 am (UTC)
From: [identity profile] kostika.livejournal.com
Never said you did.

FOSS solution for you

Date: 2008-10-02 01:11 am (UTC)
From: [identity profile] coyoteden.livejournal.com
WinDirStat (http://www.windirstat.info)

Funny you mention that....

Date: 2008-10-02 01:15 am (UTC)
From: [identity profile] coyoteden.livejournal.com
Avast once broke cmd so badly I couldn't get a prompt, let alone a messed up PATH.

Date: 2008-10-02 01:59 pm (UTC)
From: [identity profile] zendequervain.livejournal.com
It does look pretty. :D

I've, errr, been using PC Tools antivirus stuffs on my home computer. Got annoyed with AVG and Avast. Haven't had any problems with it so far.
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only

Profile

techrecovery: (Default)
Elitist Computer Nerd Posse
Tech Comedy (Reddit)

April 2017

S M T W T F S
      1
2345678
91011121314 15
16171819202122
23242526272829
30      

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 20th, 2026 11:25 pm
Powered by Dreamwidth Studios