AVG 8.0

[l0k0]

Looks like AVG just released a new version of their anti virus protection software. No free version is available for AVG 8.0 at the moment. It also seems the pay versions will offer AVG's own firewall, and other new security measures besides just anti virus protection.

Here are comparison charts for home products and business products. They all have 30 day trials so you can test them out.

[Koroush Ghazi]

The new AVG8.0 Antivirus Free Edition is now out.

I've installed it on both XP and Vista, and it seems to work fine, however unfortunately as is the trend with security products (especially free security products), the latest version seems to contain more intrusive and annoying things than before.

The interface itself is OK:



However there are a range of things you should pay attention to while installing and configuring AVG8.0. First make sure to uninstall AVG 7.5 Free if you have it on your system. Then:


These instructions were updated as of 30 June 2008, but the latest version of this advice can be found in the PC Security chapter of the TweakGuides Tweaking Companion


1. After downloading the AVG setup file, right-click on it and select 'Create shortcut'. Now right-click on this newly created shortcut and select Properties, then in the Target box, one blank space after the last character, enter the following text exactly as shown:

/NOAVGTOOLBAR /REMOVE_FEATURE fea_AVG_SafeSurf /REMOVE_FEATURE fea_AVG_SafeSearch

Run this new shortcut and it will start the AVG setup file with the parameters specified above. This will prevent AVG from installing the Linkscanner feature, AVG Security Toolbar and related web-browsing protection, all of which can result in increased CPU usage and slower web browsing. These features cannot be properly disabled from within AVG, so they need to be removed using this method. If you've already installed AVG then you can still follow this step and it should remove these components from your system. More details about this method can be found in this AVG FAQ.

2. During the installation of AVG, make sure to select the Custom option, and I recommend unticking the 'Email Scanner' and 'Plugin for Microsoft Office' components, as I feel they are unnecessary. Note: More recent versions of AVG also may have a Linkscanner option, untick this as well (if Step 1 doesn't already remove it).

3. Once AVG has installed, start it and go to the Tools menu, then select 'Advanced Settings'. I recommend the following settings:

- Under the Appearance menu untick the 'Display system tray notifications' box to remove the unnecessary AVG icon in the System Tray/Notification Area.
- Under the Linkscanner menu untick all available boxes.
- Under the Scans menu you should tick all boxes except 'Automatically heal/remove infections' in each case - this ensures that should AVG detect a false positive, it won't automatically delete it from your system.
- Under the Schedules menu untick every available option - instead I recommend updating prior to doing a manual scan at a time of your choosing.
- Under the Resident Shield menu untick the 'Enable Resident Shield' box to disable this background functionality, as it can and will interfere with other programs and may reduce overall performance and stability.

4. While the changes above will reign in most of AVG's intrusive and problematic behavior, in addition to these changes, it is also recommended that you take some additional steps to disable unnecessary/intrusive components. To start with, AVG installs an active Windows Service called 'AVG8 Watchdog'. While this service needs to be left at Automatic for AVG 8 to work, it actually runs two separate files in the background: avgwdsvc.exe (for the Watchdog Service) and avgrsx.exe (for the Resident Shield service). If you've disabled the Resident Shield feature of AVG, then it is also recommended that you to go to your \Program Files\AVG\AVG8 directory and rename the avgrsx.exe file to something else; this will prevent it from starting up in the background without affecting AVG scanning capabilities.

5. Now run Autoruns (see the Startup Programs chapter) and under the Everything tab, untick the following AVG startup components which are unnecessary if AVG is configured as above:

- AVG8_Tray - this item just relates to a tray icon which has no real benefit.
- Linkscanner - this item shouldn't be shown if AVG is installed as above, but if it exists, untick it.
- AVG Safe Search - this item shouldn't be shown if AVG is installed as above, but if it exists, untick it.
- AVGMfx86.sys - this item is related to the Resident Shield functionality.
- Avgrsstx.dll - this item is related to the Resident Shield functionality.
- All incidences of AVG8 Shell Extension - this removes the 'Scan with AVG Free' context menu entries.

Once all the steps above are completed, reboot your system and start AVG. You will see one or more red warning prompts from AVG - you can safely ignore these. Click the 'Update Now' tab to run the web updater to ensure that AVG is up to date. If there are any problems, recheck the procedures above, and if nothing else works, uninstall AVG and reinstall it, then only follow steps 1-3 above this time. To start a manual scan of your system with AVG click the 'Computer Scanner' tab and then select 'Scan whole computer' to scan everything, or 'Scan specific files and folders' and then specify the particular folder(s) you wish to scan. I strongly recommend running the AVG Updater by clicking the 'Update Now' tab before doing any scan, to make sure the virus definitions are always up to date. Manually scanning your entire system once a week, and always scanning potentially harmful files which you have downloaded before you open or launch them is strongly recommended and more than adequate when combined with some common sense if you want to ensure your system remains clear of major malware.

Note that AVG 8 has a known incompatibility with the 'immunize' function of certain other malware products like Spybot, and this will result in excessive false malware detection in such cases. Note: This may have been fixed in more recent versions.


I don't know how much more effective AVG8.0 Free will be - reports are that it's quite good (based on the paid version) - but I hope an update to the program allows users to disable the resident shield service within the program's normal settings because it serves absolutely no purpose when resident shield is disabled. I don't like being forced to have any form of background scanning active.

[midfingr]

Thanks for the review, Koroush. I was looking forward to AVG 8 free, however, after reading through latest features, I have to say, I'm disappointed. A year and a half into Vista, I don't feel the need to have a 24/7 resident scanner running, but if this the case, I might as well renew my NOD32 subscription, which for me is less intrusive on my system.

Alternatively, looking for free AV scanners, with the ability to turn off resident programs would help as well. I'll keep a look out.

[Koroush Ghazi]

Doing all the things I've listed above reduces AVG 8.0 Free to using less than 9MB of RAM overall on XP, and 6MB on Vista (only the 'watchdog service' remains active), and doesn't run anything in the background - i.e. it appears from all my testing that it is not doing any background scanning whatsoever. My system startup times and application launch times for example are the same as before.

To test AVG's background usage after I'd made my adjustments, I opened Task Manager in the foreground and while viewing the resource usage for the Watchdog Service (both CPU and RAM), I first copied several large files from my other hard drive to my current drive; I then opened Firefox and browsed around; and then I also ran a few small programs (e.g. CCleaner and some other small apps). At no point did the watchdog service show any CPU usage, nor did the memory usage for it change one bit. So effectively it's not doing any background scanning. It just takes a bit of fiddling to get to that point.

Apparently GriSoft has redesigned AVG 8.0's engine, and both made it more effective on mult-core CPUs, and improved its detection rate, so I'm game to give AVG a chance given it's the most popular free antivirus around. In terms of how it rates, I've just spent the last hour reading reviews, and to be quite honest, for every review than pans it, I find another that ranks it among the top 5.

However rather than taking this thread off track with discussions of other AV programs and comparisons, I'll post my thoughts in our general AV comparison/discussion thread.

In short, I'm going to see how things go with this new version of AVG Free. Security products all over the place are becoming more intrusive because to provide maximum security for the average user, unfortunately they seem to feel that they need to be resident and scan all sorts of things. An Anti-virus should only serve as one layer of defence on a PC. I'm actually more worried about trojans and spyware than viruses, as those have the greater potential for stealing personal information. So for example if I download a suspicious file, I scan it with at least both an AV scanner (AVG) and a trojan scanner (A-Squared), and do a general spyware scan as well (Adaware). More important than any scanner though is use of the human brain and a bit of knowledge, which sadly is lacking.

[Koroush Ghazi]

A reader name mike also let me know about a major incompatibility between AVG 8.0 and the "immunize" function of scanners like Spybot. It's detailed in the AVG Faq here (item #1319). The end result is if you immunize your files it will be detected as multiple malware infection by AVG.

I've run a full scan on my system a couple of times and so far AVG hasn't found any malware or false positives. It's a bit more descriptive if it finds something which may be suspicious but is not actually malware. And of course it has the option under the scanning settings not to automatically delete/heal infected files, which prevents any accidental deletions.

[l0k0]

It seems after configuring AVG 8 Free as detailed in the TGTC, there was something I completely missed until now. AVG 8 Free installs a Firefox extension called "AVG Safe Search" even when the background scanning is disabled.



This should not be confused with "AVG Security Toolbar". It appears "AVG Safe Search" installs itself regardless in Firefox 2.0 (not compatible w/ FF3 yet) and Internet Explorer.

According to the AVG Free FAQ:

"AVG 8.0 Free Edition contains a plugin for scanning of search results in Google, Yahoo and MSN search engines. This plugin (AVG SafeSearch) is designed for MS Internet Explorer and Mozilla Firefox Internet browsers."

The annoying part is that you can't uninstall it, only disable it. I haven't even noticed the extension was active before, so I'm guessing it is dependant on LinkScanner or Resident Shield to function properly. Either way, I'm guessing you want to disable it.

Again from the AVG Free FAQ, it offers instructions to disable this addon.

1. Internet Explorer:

* Run Internet Explorer.
* Choose the Internet Options from the Tools menu.
* Switch on the Programs tab.
* Click on the Manage add-ons button.
* Select the AVG Safe Search add-on.
* Tick in the Disable option at the bottom of this window.
* Confirm changes by clicking on the OK button.
* Close Internet Explorer and run it again.

2. Mozilla Firefox:

* Run Mozilla Firefox.
* Choose the Add-ons option from the Tools menu.
* Select the AVG Safe Search add-on and click on the Disable button.
* Close Mozilla Firefox and run it again.

[spectre]

Quote:

Originally Posted by l0k0

The annoying part is that you can't uninstall it, only disable it. I haven't even noticed the extension was active before, so I'm guessing it is dependant on LinkScanner or Resident Shield to function properly. Either way, I'm guessing you want to disable it.

This is actually part of LinkScanner. From the page you linked:

Quote:

LinkScanner is a new security component included in the AVG 8.0 Free Edition, which provides the Search-Shield functionality. Its purpose is to scan all results of the supported Internet search engines (Yahoo!, Google, MSN), and provides you with an evaluation of a safety level of each found website. At the same time, the LinkScanner also checks all Internet addresses typed into the address bar of your browser, or linked on other websites.

There are four different levels of information you can get for each website, from Safe to Dangerous, allowing you to completely avoid dangerous or malicious websites.

Two settings are available in the AVG 8.0 Free Edition for the LinkScanner component:

* Enable AVG Search-Shield
Controls the checking of visited links.
* Enable reporting of exploited websites to AVG
This service sends a report about found insecure web page to our lab for analysis.

You can only uninstall this if you uninstall all of LinkScanner. Instructions for that task are provided at the link you provided.

Additional Comment:

Quote:

Originally Posted by Koroush Ghazi

I've run a full scan on my system a couple of times and so far AVG hasn't found any malware or false positives. It's a bit more descriptive if it finds something which may be suspicious but is not actually malware. And of course it has the option under the scanning settings not to automatically delete/heal infected files, which prevents any accidental deletions.

I installed 8.0 yesterday and it found about 30 pieces of 'Adware' but these were listed as warnings rather than infections. I tried to fix them but it seem to be taking a very long time so I tried to abort the process and it finished with me being unclear about whether they had been removed.

I had forgotten about this supposed incompatibility but my experience certainly seems compatible with it existing, especially the fact that the fix process was having trouble (which could be the two programs 'fighting' over the relevant files).

I will investigate more later today.

EDIT - Ignore these comments about the process taking a long time. The issue was caused by the AVG interface.

Additional Comment:
I checked Spybot and most, though not all, of the immunisations had been completed. I applied those that hadn't and re-ran AVG. Once again, AVG gave me 30 Adware warnings. All of this "Adware" were activeX registry keys. The 30 found consist of the following.

• 4 'TitanShieldAntispyware'
• 24 'Generic'
• 1 'Isearch'
• 1 'NewDotNet'

I'll keep exploring this...

Additional Comment:
I can definitely confirm that deleting the 30 items that AVG finds as adware removes 30 of Spybot's immunisations. These 30 items are immunisations against IE plug-ins (although AVG seems to have no problems with the other 865 such plugins). I should also note that, in Vista, you need to run Spybot as an Administrator in order to restore these immunisations.

[Koroush Ghazi]

Loko - as covered in the instructions I provided further above, you can also just disable AVG Safe Search by unticking it in Autoruns. That way it never loads up in either IE or Firefox.

Spectre - yes, it's a known incompatibility. It's unfortunate that in AVG you can't seem to easily add any exceptions to a white list, so that AVG can ignore them in the future.

[aggies11]

re: framaris

I too felt the same way, but a little bit of digging came up with some install switches to remove these new features cleanly, without setting off any error states.

Code:

avgsetup.exe /NOAVGTOOLBAR /REMOVE_FEATURE fea_AVG_SafeSurf /REMOVE_FEATURE fea_AVG_SafeSearch /REMOVE_FEATURE fea_AVG_HttpScanner /REMOVE_FEATURE fea_AVG_Firewall

Where "avgsetup.exe" is the name of the downloaded installer (Personally I just rename it to avgsetup.exe and use a batch file for the switches). Seems to work like previous after installing with these.

Aggies

[framaris]

Thanks you Aggies, nice tip!