Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Avira Premium Anti-Virus Bug Disables Windows Machines

timothy posted more than 2 years ago | from the malware-writers-have-won dept.

Bug 151

New submitter Adesso writes "Anti-virus vendor Avira is having difficulty with an update of all their Premium customers. An update that has been downloaded over 70 million times is causing the 32-bit version of Windows to block almost all critical applications. Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."

cancel ×

151 comments

Sorry! There are no comments related to the filter you selected.

For crying out loud (-1, Offtopic)

NoSleepDemon (1521253) | more than 2 years ago | (#40005317)

Come on editors, would it kill you to actually READ the submissions before publishing them? Come back Taco :(

Re:For crying out loud (-1, Offtopic)

Anonymous Coward | more than 2 years ago | (#40005373)

"seemS [anti-virus vendor] avira is having difficulty with a update of all their premium customers. aN update that has been downloaded over 70 million times is causing the 32-bit version of windows to block almost all critical applicationS. avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."

missing letters in capitals.

Re:For crying out loud (-1)

Anonymous Coward | more than 2 years ago | (#40005423)

"seemS [anti-virus vendor] avira is having difficulty with aN update of all their premium customers. aN update that has been downloaded over 70 million times is causing the 32-bit version of windows to block almost all critical applicationS. avira has responded promptly with an interim solution for this problem. In most cases this causes windows to not boot properly."

missing letters in capitals.

FTFY

Re:For crying out loud (-1)

Anonymous Coward | more than 2 years ago | (#40005837)

in most cases...

Re:For crying out loud (0, Offtopic)

L4t3r4lu5 (1216702) | more than 2 years ago | (#40005445)

You call them "Editors". Why? They don't edit anything. All they do is wade through the "Free p1llz 2 make sausage fatter!" "Designer shoes for the women of your website" and "I hate all $demographic" posts, modding them down, and picking through the rest to get something worth reading on the fron... Wait, what's that? That's what the Firehose is for?

Then just what the fuck do these people do? They're not paid, are they?!

This is an English language website. Please hire some editors who can correct the grammar of non-English speakers (as is most likely the case here) before posts are on the front page. Here, let me give you an example:

" It [s]eems that [anti-virus vendor] Avira is having difficulty with an update of all their Premium customers' products. An update that has been downloaded over 70 million times is causing the 32-bit version of their AV software to block almost all critical Windows applications. Avira has responded promptly with an interim solution for this problem [avira.com] . In most cases this causes Windows to not boot properly."

I even added a link for you. I wasn't even paid to do this, and it took me 5 minutes.

Re:For crying out loud (0, Offtopic)

L4t3r4lu5 (1216702) | more than 2 years ago | (#40005497)

I forgot; The subject, unless defined, is assumed from the previous sentence. Really the last sentence should be changed so it doesn't parse as "In most cases (the interim solution) causes Windows to not boot properly." Still, most folk here know that's now what was intended.

Re:For crying out loud (-1, Offtopic)

vlm (69642) | more than 2 years ago | (#40005503)

responded promptly with an interim solution for this problem [avira.com]

Minor technical error remains. You meant to write

Re:For crying out loud (0, Offtopic)

Anonymous Coward | more than 2 years ago | (#40005665)

Yeah, thanks, buddy, the knee-jerk snarkiness and subject change really isn't helping.

Re:For crying out loud (0, Offtopic)

mcgrew (92797) | more than 2 years ago | (#40007273)

50% troll, 50% insightful. I thought it was funny. It seems slashdot has been taken over by the Microsoft shills, anything remotely critical of Microsoft is modded "troll" (I had several of these abysmal mods yesterday in the thread about 30 new features in W8). Give it a rest, Ballmer.

Maybe you'll get four "underrated" mods and wind up with the coveted "+5 troll." I wish they'd bring back the old metamod system, this shit used to be rare. Now they'll mod you troll of flamebait for bashing Sony of all paople.

Damn but I hate astroturfing shills.

Re:For crying out loud (-1)

Anonymous Coward | more than 2 years ago | (#40007503)

It was never funny, you astroturfing shill.

Re:For crying out loud (-1, Offtopic)

djsmiley (752149) | more than 2 years ago | (#40005525)

With all the rage, its almost like your paying to view this....

Wait, PEOPLE DO?! XD

Re:For crying out loud (-1, Offtopic)

mcgrew (92797) | more than 2 years ago | (#40007485)

With all the rage, its almost like your paying to view this

Timothy? Is that you?

Re:For crying out loud (-1, Offtopic)

camperdave (969942) | more than 2 years ago | (#40005963)

" It [s]eems that [anti-virus vendor] Avira is having difficulty with an update of all their Premium customers' products. An update that has been downloaded over 70 million times is causing the 32-bit version of their AV software to block almost all critical Windows applications. Avira has responded promptly with an interim solution for this problem [avira.com] . In most cases this causes Windows to not boot properly."

Just curious - wouldn't it read better like this:

"It seems that [anti-virus vendor] Avira is having difficulty with an update of all their Premium customers' products. The update, which has been downloaded over 70 million times, is causing the 32-bit version of their AV software to block almost all critical Windows applications. Avira has responded promptly with an interim solution for this problem [avira.com] . In most cases the malfunctioning update causes Windows to not boot properly."

Re:For crying out loud (-1, Offtopic)

denmarkw00t (892627) | more than 2 years ago | (#40006291)

You beat me to it! I had it ready to copy-edit - maybe /. should hire us to be editors? Of course, now I can do my own rewrite instead of the grammatically correct one you posted above:

Avira totally pisses off customers.

I think that sums it up

New Mod Needed (-1, Offtopic)

SuperKendall (25149) | more than 2 years ago | (#40007003)

What would be great is if Slashdot introduced a new moderation which was "better summary", 20 up votes and the summary in the post would replace the main one...

Re:For crying out loud (-1)

Anonymous Coward | more than 2 years ago | (#40006667)

Grammar Nazis... Shouldn't the last line have a comma?

"In most cases, this causes Windows to not boot properly."

(Just asking!)

Re:For crying out loud (-1, Offtopic)

Anonymous Coward | more than 2 years ago | (#40005479)

Trolling is a art.

Re:For crying out loud (-1, Offtopic)

helix2301 (1105613) | more than 2 years ago | (#40005791)

I agree bring back taco he fact checked everything and since when does Slashdot post forum threads. Sorry to say but I think the sight is on a slow slippery slope. After a quick product update all was fixed. Why was this even posted?

Why, oh why... (5, Funny)

NecroPuppy (222648) | more than 2 years ago | (#40005319)

Couldn't we be using Avira at work?

Then I could go home and play Diablo.

Re:Why, oh why... (0)

metalgamer84 (1916754) | more than 2 years ago | (#40006013)

Not really. My coworker took this week off for D3. After it went live this morning he still cant get in as the game wont actually launch. Apparently others are having the same issue as well. Ahh Blizzard, I don't miss you in the slightest.

Re:Why, oh why... (0)

Entropius (188861) | more than 2 years ago | (#40006055)

but ... but ... but pirates!

Seriously, wtf. D2 sold gajillions of copies and had working single player and LAN. You could be sitting out in the middle of the desert with a solar panel and a netbook and play with your friends.

Re:Why, oh why... (1, Interesting)

metalgamer84 (1916754) | more than 2 years ago | (#40006249)

Yep, exactly why I refuse to purchase D3. If they release a patch down the line that doesn't require me to be online with their servers just to play single player, then I will buy it.

Re:Why, oh why... (1)

Cito (1725214) | more than 2 years ago | (#40006659)

There is already a pirated version that doesn't require you to be online :)

I downloaded it off demonoid, and picked up the skidrow patch and can enjoy it offline.. never liked playing diablo online as it was just chain lightning spam and KEKEKEKE's all over the screen anyhow

so demonoid single player is perfect

Re:Why, oh why... (1)

Entropius (188861) | more than 2 years ago | (#40006941)

Hm, I can't seem to get to skidrow's website. Are they slashdotted?

This crack allows actual singleplayer, right? This is relevant to my interests since my ISP is so lossy (~20% packet loss) that I can only play SP.

Re:Why, oh why... (0)

Anonymous Coward | more than 2 years ago | (#40006677)

It is fine, the login servers and the character create servers were really loaded down... but they are working I'm level 19 after playing until I had to head to work, no biggie just lost sleep for 1 day, lol

Re:Why, oh why... (1)

danomac (1032160) | more than 2 years ago | (#40006845)

I took the day off to play it too, I'm just getting ready to install it. I sure hope I don't have problems...

Fail (0)

Anonymous Coward | more than 2 years ago | (#40005331)

See subject.

Artificial intelligence (5, Funny)

Stellian (673475) | more than 2 years ago | (#40005687)

It's a classic case of artificial intelligence vs. human stupidity. The artificial intelligence algorithm employed by Avira for keeping computers secure has determined that the only way to achieve real security for most users it's to turn the PC into a brick. Some people are simply too stupid to wander online unsupervised, so it's for their own protection. If you can restore your computer to normal operation, you have just passed the test and you are worthy of computer access.

Re:Artificial intelligence (1)

danomac (1032160) | more than 2 years ago | (#40006881)

I thought that should be funny more than insightful, but oh well...

It sounds like the free version is unaffected. I find that kind of interesting, you wind up paying for more features that invariably breaks your machine..

I guess I'll find out if the free version is affected, as I've installed Avira Free on a few people's personal computers. They'll probably think they've gotten a virus and bring it back to me for repair.

Re:Artificial intelligence (1)

fast turtle (1118037) | more than 2 years ago | (#40007007)

No. It's not an AI test. Instead it's aliens trying to determine if there's inteligent life here.

Re:Artificial intelligence (1)

Lisias (447563) | more than 2 years ago | (#40007259)

No. It's not an AI test. Instead it's aliens trying to determine if there's inteligent life here.

Stubborn aliens these of you! :-)

It's AN update, not A update. (-1)

Anonymous Coward | more than 2 years ago | (#40005349)

Also: The first word should be "Seems," with an S on the end. Same with "application" at the end of the second sentence; it should end with an S, as well.

Slashdot Editors: Not editing anything since 1997.

Captcha: INFERIOR. Coincidence? I think not.

Update immediately; update immediately. (2)

cpu6502 (1960974) | more than 2 years ago | (#40005357)

Still think this is good advice? Worse is when the vendor forces the update silently w/o informing the user. Then suddenly your PC is broke or browser and you don't know why.

Re:Update immediately; update immediately. (1)

The MAZZTer (911996) | more than 2 years ago | (#40005609)

Some people can't be bothered to install updates themselves and even if they could they don't know how to analyze and see if they need the update or not.

For them automatic updates make the most sense. Of course if the company pushing out the updates isn't competent you probably shouldn't be using their products at all in the first place, manual or automatic updates.

Re:Update immediately; update immediately. (1)

cpu6502 (1960974) | more than 2 years ago | (#40006279)

That means I would stop using Microsoft and Apple (both have pushed updates that broke the computer). Then what would I do?

Re:Update immediately; update immediately. (1)

war4peace (1628283) | more than 2 years ago | (#40007127)

Ubuntu is the answer, especially if you're a desktop user and don't play games.

Re:Update immediately; update immediately. (2)

arth1 (260657) | more than 2 years ago | (#40005631)

Then suddenly your PC is broke or browser and you don't know why.

My PC is always broke; I won't let it have a wallet.
But it has never become browser.

Re:Update immediately; update immediately. (0)

Anonymous Coward | more than 2 years ago | (#40005843)

But it has never become browser.

Mine has once. I lost it during three days and it came back with a pink dressed princess and started messing up with all the pipes in the house. Really annoying...

Re:Update immediately; update immediately. (0)

Anonymous Coward | more than 2 years ago | (#40005965)

I second this. Microsoft forced IE9 down our throats with the windows update and it breaks several corporate websites... something to do with CSS. What's interesting is that has the exact same setup (Windows 7 SP1, IE9) on other computers do not have the same issue.

Re:Update immediately; update immediately. (0)

Anonymous Coward | more than 2 years ago | (#40007565)

Why are your "corporate" desktops using Microsoft's update servers? Not real big on testing at your shop?

Re:Update immediately; update immediately. (1)

TheLink (130905) | more than 2 years ago | (#40007279)

I don't install antivirus software on my home Windows PC. And I know what I'm doing. At least more than the various antivirus vendors who have done similar screw ups every few years or so! If I need to check some stuff I check it with virustotal.

I do install antivirus software on other people's computers. But you don't update stuff ASAP. Yes viruses are a risk, but so are mistakes by software vendors. And AV software makes your computer system slower- you pay for that all the time.

FWIW I'm one of those that thinks AV software should not be installed on production servers (unless they happen to be servers that are supposed to scan for viruses - gateway scanner etc).

Wow... McAfee 2.0... (4, Insightful)

killfixx (148785) | more than 2 years ago | (#40005365)

I guess that's one more to add to my list of AV products I recommend against.

But hey, they'll give you a month free subscription for your troubles*.

*Hyperbole, they'll most likely give users nothing.

Cheers!

Re:Wow... McAfee 2.0... (1)

Intrepid imaginaut (1970940) | more than 2 years ago | (#40006325)

The big surprise for me is they have 70 million paying customers. I'm in the wrong business!

Re:Wow... McAfee 2.0... (1)

danomac (1032160) | more than 2 years ago | (#40006937)

I think if you blacklist every AV vendor for random f-ups you wouldn't have any left to buy from. I've had issues in the past with: Trend Micro, McAfee, Symantec, AVG (most recent - they decided to bundle 32-bit binaries for 64-bit machines and this causes all 64-bit machines to bluescreen), ESET (issues with our accounting systems) and probably others I've forgotten about. This is mixed personal and work experiences.

So far I've had OK luck with MSE at home, but I'm sure at some point Microsoft will screw that up too, like they've done with other apps...

Re:Wow... McAfee 2.0... (0)

Anonymous Coward | more than 2 years ago | (#40007057)

Only 'screw-up' from MS Security Essentials I know of was reporting one of Google.com's scripts as a malicious file. Apparently, they fixed it within a day, but still happened. There was likely a Slashdot story on it, but finding it is left as an exercise for the reader.

Despite that, MSE has been leaps and bounds above the others.

Re:Wow... McAfee 2.0... (1)

danomac (1032160) | more than 2 years ago | (#40007203)

Well, I guess that's the only way they can get people to use Bing... ;)

Found the link to the slashdot article [slashdot.org] .

looks like timmy needs (-1)

Anonymous Coward | more than 2 years ago | (#40005383)

a effing copyeditor to fix the grammar errors in summaries

McAfee (2, Insightful)

SJHillman (1966756) | more than 2 years ago | (#40005419)

It seems Avira is taking a page out of McAfee's playbook.

AVG had a problem like this years ago (5, Informative)

b0bby (201198) | more than 2 years ago | (#40005441)

When AVG caused a boot failure several years ago I switched started switching everyone who asked to Microsoft Security Essentials; still seems to be the best free one. At work I'm happy with NOD32; I suppose that they could have a similar problem, but they've been really good so far.

Re:AVG had a problem like this years ago (1)

MurukeshM (1901690) | more than 2 years ago | (#40005967)

Several years ago? MSE is that old?

Re:AVG had a problem like this years ago (2)

b0bby (201198) | more than 2 years ago | (#40006039)

MSE came out in fall 2009, so not quite 3 years ago; IIRC the AVG issue was probably earlier that year and made me start looking around for the best replacement & MSE came out to generally good reviews. I find that MSE with an occasional Malwarebytes scan will keep most people's home machines pretty clear, even people with teenagers...

Re:AVG had a problem like this years ago (2)

danomac (1032160) | more than 2 years ago | (#40006959)

Pretty sure that AVG issue is the one I mentioned in another post, where they mixed 32-bit binaries in the package for 64-bit installation. Pretty sure that happened in 2010, as we switched at work to ESET in early 2011 because the lack of AVG's QA.

Re:AVG had a problem like this years ago (1)

asdf7890 (1518587) | more than 2 years ago | (#40006831)

I'm currently running Avast as various testers found it to have the best detection rates of the common choices at the time (though it didn't have such a good repair rate IIRC). I've been telling people to use MSSE on low spec machines (like netbooks or just really old boxes) as it seems to test fairly well and last time I tried it (on a laptop that somehow got declared "Vista ready" despite only having 512Mb RAM) I found it to be noticeably less demanding on RAM and to have less detrimental effect on performance.

As MSSE is apparently going to be bundled with Windows 8, I wonder how the other vendors will react.

Really? (0)

Anonymous Coward | more than 2 years ago | (#40005443)

Is this really the case?

"Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."

Or is it just another error to add to the spelling-/grammar ones?

people still use antivirus software? (1)

Anonymous Coward | more than 2 years ago | (#40005459)

Anti-virus programs cannot stop you from getting viruses. They can only react after the fact. Their updates are by necessity reactive: a virus appears, and it takes time to update definition files to detect it.

And even once that happens, once ring0 is compromised on a box, it is not possible to trust that box again without a full OS reinstall. Anti-virus programs can attempt to clean things up, OK for casual web browsing, but not for anything you must trust. The only safe recovery is a reinstall.

The only way to practice safe computing is to *not run malicious software* in the first place. This is fortunately not difficult to do. It does require not volunteering to run any random script that any random web page asks you to run - that's just being an idiot, and you deserve what you get. The only safe model is whitelists for both native software and web scripting / javascript type things. Sure, run your bank's javascript, but don't run ANY javascript from ANY page. Any use model where you run arbitrary things without thinking is doomed to failure, whether they're native applications or "sandboxed" scripts, because the sandboxes are never perfect.

The human brain is the only perfect anti-virus utility in existence.

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40005523)

Your approach requires that people use their brains. Most people are incapable of doing that, so it cannot work. Anti-virus programs are needed by the vast legions of people to whom computers are "magic".

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40005587)

Actually, if your anti-virus program stops your operating system from functioning, it CAN stop you from getting viruses.

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40005641)

Which is all well and good, until you take a brand new flash drive out of its sealed container and get infected with malware that was slipped in at the factory. And that's, of course, ignoring Trojans, attachments, and all of the various other infection vectors that you're completely ignoring.

Anyone who deals with computer/network security knows that there is nobody, regardless of experience or technical aptitude, who is "too good" to get malware.

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40005875)

new flash drive out of its sealed container and get infected with malware that was slipped in at the factory. And that's, of course, ignoring Trojans, attachments, and all of the various other infection vectors that you're completely ignoring.

What?

If you auto-run things from random media put in your computer, that's exactly what the GP was talking about. Don't do that, it's idiotic.

Same for running random attachments.

What you say makes no sense. Those are all things you shouldn't be doing, and if you DO them, you're just begging to get pwned. That's the GP's point. Use your brain.

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40006399)

Autorun's not the only way to deliver malware with a flash drive, and not every infected email attachment is a "random attachment" from an unknown or unrecognized sender. And those are only two of the more obvious examples from the dozens upon dozens of vectors an everyday user is exposed to. You've got the same kind of inexperienced mentality as the people who assume you have to get viruses from porn sites and software piracy. There are plenty of infection vectors that don't rely on outright stupidity, and no one can avoid them simply by being "too smart" for them. Nobody is disagreeing that people, in general, need to exercise a lot more common sense when it comes to what they're doing, but no experienced security professional in their right mind would ever say that you don't need malware protection if you're "smart enough".

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40006801)

OK, well, it's exactly this simple.

I don't get viruses. I've been using computers since the 8 bit days, and I don't get them. Ever. Yes, I have verified this.

Yet, the people who keep saying how hard it is to avoid malware, seem to keep getting them.

The simple reality is that I seem to know something about it that they don't. You can listen to someone who *objectively* does better on this front, and try to learn, or you can keep believing that computers are some magical devices that are incomprehensible, behave in random ways, and that no one is capable of understanding how to avoid getting malware.

Somehow, the people who seem to have all the virus problems never seem to want to listen, though. All they want to do is proclaim how it's impossible to do what I seem perfectly able to do and have been doing for decades.

Re:people still use antivirus software? (1)

dontclapthrowmoney (1534613) | more than 2 years ago | (#40005749)

I went to a Sophos event once (mostly because it was catered...), the only content I remember was one speaker who spent 10 minutes of his presentation time showing various screenshots of web sites and asking the audience whether they were phishing scams, or the real thing. Towards the end it was very difficult, and this was an audience of technical IT people.

I also don't trust an OS once it has been compromised, and I agree that actually thinking/paying attention is vital to complete security. For me it is a question of risk mitigation. I've had an AV signature update cause problems, more than once. I'm also aware that I'm basically a couple of unthinking mouse clicks away from running something malicious.

AV isn't that expensive to protect against brain fade.

Re:people still use antivirus software? (1)

TheLink (130905) | more than 2 years ago | (#40007389)

10 minutes of wasted time. People who know what they are doing don't decide whether sites are phishing scams or not by using screenshots, or by how they look.

If a phisher does things "properly" the phish site should look EXACTLY like the real thing, and it should even have the same stupid check pictures/words that some sites like to have.

You'd do stuff like check the certificates, including who they are signed by, and contacting the bank if you think their site has been pwned. Get some sort of document trail - so if they say it's OK and it's not you have more ammo against them. Yes I have chosen to not sign on to a bank when I thought their certificates were suspicious (the cert changed, the CA changed and the cert type changed to a multiple country one) - the bank got back to me later and said it was OK.

Re:people still use antivirus software? (4, Insightful)

Opportunist (166417) | more than 2 years ago | (#40005753)

Erh... no.

Anti-virus programs cannot stop you from getting viruses. They can only react after the fact. Their updates are by necessity reactive: a virus appears, and it takes time to update definition files to detect it.

First of all, there is very, very little "new" malware. Ok, there's lots, but very, very little thereof actually becomes a problem. There are only so many that actually become a worldwide problem. What happens is that big malware packages that actually constitute a problem come in thousands, if not millions, of variants. Often just differing in some minor points, like their C&C server, their encryption, their packaging... think of a biological virus that mutates just a little while having essentially the same payload. Modern AV toolkits come with very sophisticated heuristic algorithms that can to some extent find simple mutations easily, as you can easily see if you watch the various AV kit tests closely. To test it, they take a signature file from a few months ago and test how many of the more recent attacks they can identify. It's not perfect, but some come close to 95%. No, that is not perfect. But we're far from "can only identify after the fact".

And even once that happens, once ring0 is compromised on a box, it is not possible to trust that box again without a full OS reinstall. Anti-virus programs can attempt to clean things up, OK for casual web browsing, but not for anything you must trust. The only safe recovery is a reinstall.

There is always the option to boot your machine with a known-clean OS and run a scan, which is bundled with pretty much all AV toolkits worth their salt today. Usually the CD you get with your AV toolkit is a Linux boot disc with a fitting scanner, most of the time working in a way that you slip in the DVD, boot the machine, get updates for the signature and have it scan your machine. If you don't feel like buying a AV toolkit, some of those scanners are also available online or as part of computer magazines.

The only way to practice safe computing is to *not run malicious software* in the first place. This is fortunately not difficult to do.

This is unfortunately NOT possible to do. At least if running Windows. And only because Windows is the prime target, dear Mac/Linux fanboys, those systems are by no means any safer. Just less interesting as a target.

You do NOT know whether the browser you use or any plugin it uses has any security holes. Adobe has recently been notorious for having security holes in its PDF reader and Flash Player for browsers. Now, you can of course avoid reading PDFs and watch Flash ... well, actually, often you can NOT. Many whitepapers only come in PDF format and more and more webpages are simply inaccessible without Flash. Now, of course you can run a few different browsers, each with different sets of plugins and whatnot... which still does not constitute perfect security.

The human brain is the only perfect anti-virus utility in existence.

You expect the average computer user to use it? I do not know what rays come out of computers, but it must be some kind of stupifying rays, they can turn people holding PhDs into bumbling fools. The alien mindbenders from Zak McKracken could not have come up with a better device.

Re:people still use antivirus software? (1)

NJRoadfan (1254248) | more than 2 years ago | (#40005869)

Despite it being pretty old, Vundo is still alive and well, just in a slightly different variant every couple of months. I suspect it will become less common over time as people finally move to Windows 7 as most will be using the 64bit version, which Vundo can't really infect (it injects code into running system processes, which must be 32bit). Macs were targeted, and it seemed to be pretty effective (and profitable) host for malware.

Re:people still use antivirus software? (1)

Hatta (162192) | more than 2 years ago | (#40006315)

You do NOT know whether the browser you use or any plugin it uses has any security holes. Adobe has recently been notorious for having security holes in its PDF reader and Flash Player for browsers. Now, you can of course avoid reading PDFs and watch Flash ... well, actually, often you can NOT. Many whitepapers only come in PDF format and more and more webpages are simply inaccessible without Flash. Now, of course you can run a few different browsers, each with different sets of plugins and whatnot... which still does not constitute perfect security.

I know my browser has security holes, which is why I don't run any scripts that I don't need to. I know Adobe's software is full of holes, which is why I run Sumatra PDF when I'm on Windows. I know that these are not perfect security measures, so I run both of these apps under a limited user account.

These are pretty simple precautions, and much easier to deal with on a practical basis than antivirus.

Re:people still use antivirus software? (1)

Hatta (162192) | more than 2 years ago | (#40006385)

I should have added this to my previous post. These measures are also much more effective than antivirus. For example, my boss has had several viruses on his computer in the past year. Not one of them was detected by the university mandated antivirus, or his own antivirus. They were all detected simply by noticing the computer was behaving strangely.

On the other hand, I disabled the university antivirus, and simply use the precautions I mentioned earlier. I haven't had one noticable infection. I could have some sort of dormant or asymptomatic virus on my machine, but judging by my boss's experience antivirus software doesn't detect those anyway.

Re:people still use antivirus software? (1)

a_claudiu (814111) | more than 2 years ago | (#40006573)

And only because Windows is the prime target, dear Mac/Linux fanboys, those systems are by no means any safer. Just less interesting as a target

I heard this quote/excuse same time ago but I still do not believe it. Most of the servers are running Linux and a server it's a bigger target than a home computer. For the moment being Linux is safer. The user space is more strictly enforced than a Windows machine. Looking historically Linux came from a server platform with strictly enforced security and move to a desktop/more user friendly distribution, and Windows started as a single user OS and goes to a more multi user platform. The legacy of both systems is still making a difference now. Not that Windows didn't made big steps but the legacy is still there.

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40006747)

For the moment being Linux is safer.

Mostly because nobody targets "Linux", they target shitty PHP apps that could just as easily have been running on windows and still let people in the front door.

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40007563)

Huh you think linux servers aren't pwned regularly? They are! Where do you think phishers get some of their phishing servers from? Drive-by malware stuff ends up on pwned linux servers for distribution too. You can put the blame on PHP if you want, the Windows fans can put the blame on Adobe and PHP too.

Windows, Linux, whatever, no big difference. In practice both have primitive security systems. Pwn the user, get full access to the user's data, get to do everything that user can do. Which is pretty darn stupid.

Yes you can use stuff like SELinux but good luck with that- it's more painful than it should be. As for AppArmor - I've seen some default Ubuntu apparmor profiles that were rather useless if you actually cared about security.

So you have to make your own SELinux/AppArmor "profiles" if you care about security - but you then need to know what you are doing. Thing is if you know what you are doing, Windows is about as safe too! Maybe slightly less safe, but not really by much.

Re:people still use antivirus software? (0)

Anonymous Coward | more than 2 years ago | (#40007213)

This is unfortunately NOT possible to do. At least if running Windows.

And yet, I manage to do it just fine. So the question you should be asking yourself is: why is it that I can do what you claim is impossible?

I've been using Windows since 3.1 (currently on Win7), and Linux since the late 90's (currently on Precise), and Android for a year. I've yet to get malware on any platform. I occasionally run a scan just for grins, and nothing has ever been found. There's been no unknown network activity, and no unexpected behavior, and no triggers from MSE or anything else I've ever run to check for it.

So since I, and plenty of other people too, seem able to do what you claim is not possible, perhaps you need to reevaluate your assumptions. This is not some magical ability I have. I am not radically smarter than most people: I'm just an ordinary person. Yet, I seem able to do what you claim is impossible.

Perhaps the people who seem have virus problems over and over again need to start listening to the people who don't, instead of telling us that it's "impossible". When we say things like, "don't click on shit like CuteDancingKittens.exe", *we're trying to help*. We're not in possession of some high-priest-like knowledge. Using simple common sense, some of us have been virus free for *all of our computing history so far*. It amazes me that people will claim this is impossible. It's not only possible, it's downright easy.

I've looked into this a lot, on people's machines that have been infected. Invariably, they did something I told them *not to do*, and then got jacked. It's bizarre! I give people about 5 or 6 simple rules that prevent about 99% of malware, and whenever I look, they did one of those 5 or 6 things.

Me: Don't do X. It's dangerous and you will get malware if you do.

... time passes....

User: My machine got jacked! Help me!
Me: What did you do?
User: I did X.
Me: Well, I told you not to do X, and that if you did, you'd get jacked. You did X, and you got jacked, just as I told you you would. I'm going to fix this, but you should stop doing X. It's dangerous, as you can now see first hand. If you do it again, you will get jacked again.

... time passes...

User: My machine is jacked again! Help!
Me: What did you do?
User: I did X.
Me: (after about 4 repetitions of this) .... sigh.... Go fix it yourself. I hear Best Buy will do it for a hundred bucks or so.

419 Scam (0)

Anonymous Coward | more than 2 years ago | (#40005463)

Is this post from another country?

How does the interim solution work? (1)

vlm (69642) | more than 2 years ago | (#40005469)

How does the interim solution get implemented if the machine won't boot?

In ye olden days, if you compiled a new linux kernel, deleted the old one, forgot to run lilo, it doesn't reboot, then the solution was to boot and run lilo, which was a task that separated the men from the boys, err it wasn't that difficult, maybe separated the 7 year olds from the 6 year olds or whatever. Anyway...

Also a note to the editors, that link would have been a million times funnier if it pointed to a ubuntu.com live cdrom/dvd/usb image, or maybe the android-x86 project, which is really quite usable.

"Most people" don't need much more than a working web browser. Even at work, "they" were recently f-ing around with a firewall and managed to block ssh, so I installed ajaxterm to work around that, and I mostly use the webmail page anyway, so all I really need at work is a working browser. I would not want to use ajaxterm on a regular basis 10 hours a day, but its survivable in a pinch until the firewall guys get their stuff together. For example I really enjoy how it floods the logs unless you do extra work....

Re:How does the interim solution work? (0)

Anonymous Coward | more than 2 years ago | (#40005581)

That's what safe mode is for. You press F8, select safe mode, disable the snake oil and reboot.

Re:How does the interim solution work? (1)

dyingtolive (1393037) | more than 2 years ago | (#40005589)

You might try GateOne. It's much slicker than AjaxTerm. You need a HTML5 WebSockets capable browser, but it's actually responsive.

Re:How does the interim solution work? (1)

BackwardPawn (1356049) | more than 2 years ago | (#40005703)

How does the interim solution get implemented if the machine won't boot?

Magic, how else?

I had a similar situation with McAfee (1)

Gotung (571984) | more than 2 years ago | (#40005579)

Though not nearly as bad. I trialled a small business product designed to make managing your AV/Firewall across multiple computers easy via a central web interface. It was all great in concept, except the default configuration for the individual install blocked itself from communicating with the central service. And while managing everything on the web interface was slick, attempting to fix the configuration on the installs without the benefit of that centralized web interface was a huge pain in the ass. Needless to say, that trial didn't convert to a sale.

Editors, do your job! (-1)

Anonymous Coward | more than 2 years ago | (#40005615)

"Seem[s] [anti-virus vendor] Avira"..."is causing the 32-bit version of Windows to block almost all critical application[s]."

Apparently the S key is included in the set of critical applications. Seriously, editors; read the submissions or hire a copy editor!

causing the 32-bit version of Windows to block al (-1)

Anonymous Coward | more than 2 years ago | (#40005627)

I fail to see the problem...
Isn't this its purpose?

It's funny how my secret word was "payments"... :)

So, it works. (1)

PPH (736903) | more than 2 years ago | (#40005637)

Too well.

Very effective security. (4, Funny)

doctormetal (62102) | more than 2 years ago | (#40005667)

This is a very effective security measure. If your system cannot boot it cannot get infected.

Now *that's* secure (1)

Klync (152475) | more than 2 years ago | (#40005725)

Just need to encase the PC in cement and bury it at sea, and then those evil hackers will never be able to get to it! ... of course, that's going to cost you extra....

It happened to me... (2)

Brandano (1192819) | more than 2 years ago | (#40005745)

I only use Windows to play games (the ones that can cause some issues under Wine), so it wasn't that big a deal. Anyway, I had avira blocking explorer.exe and cmd.exe from running. Luckily they still ran fine if I logged in as administrator, so I just added them to the list of exceptions, and seems to work properly now. At least good enough for my scope, which is playing games. No big loss, though, Skyrim works perfectly fine in Wine....

Re:It happened to me... (1)

networkzombie (921324) | more than 2 years ago | (#40007347)

You run Antivirus on a gaming only machine? With the firewall turned on how would you expect to get a virus?

Its a feature (1)

slackerfilm (520597) | more than 2 years ago | (#40005817)

If you can't fix it, feature it.

At least that is the mantra at my company.

Re:Its a feature (1)

BackwardPawn (1356049) | more than 2 years ago | (#40006047)

You work for Apple? And how does that work in this case:

Avira--ask about free bricking!

Re:Its a feature (1)

slackerfilm (520597) | more than 2 years ago | (#40006211)

You work for Apple? And how does that work in this case: Avira--ask about free bricking!

Guaranteed virus protection if you can't log into your computer.

Re:Its a feature (1)

BackwardPawn (1356049) | more than 2 years ago | (#40006751)

touche. This is why I'm not in marketing.

MS Security Essentials (-1)

Anonymous Coward | more than 2 years ago | (#40006023)

This would never happen with MS Security Essentials. Free, effective, fast antivirus. Doesn't popup shit in your face or use language and graphics indistinguishable from malware. Systray icon looks like a green milk box with a straw coming out.

Stop buying these turds.

Total failure (2)

afidel (530433) | more than 2 years ago | (#40006033)

How have the AV companies not come to realize that they need to have an automated testing lab where they apply the newest update to every variant of Windows and have the machine reboot and then run a test suite? Even basic QA should have caught this level of stupidity. In the six years we ran Trend the only problem we ever had was extreme slowness on our Notes servers, it turns out they didn't have a Notes server in their lab and none of their early adopter program participants were running Notes either. We talked to the head of QA and he assured us that they would add a Notes server to their test environment, that was QA done properly.

I've seen this before (4, Informative)

ericloewe (2129490) | more than 2 years ago | (#40006073)

My list of serious bugs in AV products:

Panda (ancient versions) - failed to install correctly, impossible to uninstall. Two botched Windows XP installations.

BitDefender (relatively recent) - very messed-up definition file marked ALL executables as infected, putting them in quarantine. I still have the feeling any malicious executables would not have been marked.

Kaspersky 2012 - screws up Windows Home Server (v.1 and 2011) connector, has to be disabled for backups to work

McAfee - Won't even protect anything if the license has expired. Still bloats up your computer, though.

Norton - everything you've heard is true. It's impossible to uninstall, it's a resource hog, blocks stuff randomly...

The one exception so far is MSE - considering the amount of malware the others have caught so far (less than 10 times, if you count tests as detections), how light it is and how it doesn't piss you off, it's my favorite.

Re:I've seen this before (1)

Intrepid imaginaut (1970940) | more than 2 years ago | (#40006423)

I've had good results with ClamAV on a USB drive, together with spybot S&D, Hijack This, and portable Firefox, there ain't much that combination can't deal with.

Re:I've seen this before (1)

tokul (682258) | more than 2 years ago | (#40006985)

The one exception so far is MSE

There are two more exceptions. Microsoft Antivirus and snake oil. Both offer no real protection for your PC. Not sure MSE offers more. AV can't be lightweight without taking shortcuts in security checks.

Re:I've seen this before (1)

ericloewe (2129490) | more than 2 years ago | (#40007407)

MSE does take shortcuts (though newer versions are better at actually protecting your computer).

However, personal experience just tells me that the bloated laternatives don't help much anyway.

Re:I've seen this before (0)

Anonymous Coward | more than 2 years ago | (#40007515)

Eh, an AV cannot work AT ALL without taking shortcuts at security checks.

Wow (1)

lwriemen (763666) | more than 2 years ago | (#40006081)

An anti-virus software that gets to the root of the problem! :-)

Who wrote this software? (0)

Anonymous Coward | more than 2 years ago | (#40006103)

Who wrote this software?

It's blocking RUNDLL32.EXE and CMD.EXE.

70 million downloads? Absurd.

This is what you get when the PHB cuts QA / testin (0)

Anonymous Coward | more than 2 years ago | (#40006223)

This is what you get when the PHB cuts QA / testing

So... (2)

denmarkw00t (892627) | more than 2 years ago | (#40006329)

Does anyone have a quick writeup of what versions of Windows are affected? The...summary...declares "32-bit versions of Windows" - so, just 32-bit - is that everything? Does it stop at XP? What about some poor fool running Windows ME - how is s/he going to cope or does s/he even have to worry? Is it really just 32-bit Windows versions or will this affect a 64-bit Windows install running a 32-bit version of Avira? I really appreciate it when we get a summary with no actual article on it, just links to Avira's forums and website.

WOPR heuristics. (2)

gatfirls (1315141) | more than 2 years ago | (#40007245)

....decided the only winners in the game don't play.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>