back to article AVG tags ZoneAlarm as Trojan

A dodgy anti-virus update from AVG wrongly flagged up the popular ZoneAlarm firewall as a Trojan on Tuesday. The mis-firing AVG definition file tagged components of ZoneAlarm as infected with the Agent_r.CX Trojan horse and quarantined important files. As a result users running the popular antivirus package alongside security …

COMMENTS

This topic is closed for new posts.
  1. James Green
    Joke

    Eh?

    "More commonly false alarms cause problems when they label Windows systems files......., for example, as potentially malicious."

    Just doing its job surely.

  2. Peter Smith

    That figures

    I stopped using AVG when it became so bloated that it wanted half my hard drive and three-quarters of my processor (Ver.8)

    Norton went the same way first, followed by many others. Why are AV progs harder to control than your average virus?

  3. Anonymous Coward
    Gates Horns

    RemoveWGA

    It made me laugh when it flagged RemoveWGA as a virus. How much did MS pay them for that? (-;

  4. bigolslabomeat

    Sounds like it's working

    ZoneAlarm is a massive pain in my ass, whenever a home user has issues connecting to a website or some other network program the first question is always "Do you have Zone Alarm installed?", at which point if they say yes then I get them to turn it off and problems magically go away.

    Not to mention the fact that AVG is dead slow and bloated (as mentioned before).

    Avast is the future! (until it bloats as well)

  5. Anonymous Coward
    Unhappy

    Many False Positives

    It is true that there are many things flagged as +ves that didn't get flagged in AVG 7.5.

    The download has doubled in size, the nagging has increased - if it's free for personal use, why just not let the user get on with it. The intrusions caused are a -ve factor in recommending the program to others, either commercially or personally.

    Since v8.0 and the Linkscanner hot potato, it is blindingly obvious that someone has lost the plot and seems to be hell bent in leading this product from a substantial market share into oblivion.

    A lot of users don't *trust* it any more, it has deleted a few Swiss Army Knife utilities that can be used for the 'black arts' or as a potential bacon-saver for not so savvy users.

    Just waiting for the straw.....

  6. George Forth

    Totally lost it, mate

    AVG used to be great. And then v8 came out. And it's all gone pear-shaped. I've stopped using it, altogether...

  7. Jolyon Ralph
    Stop

    Gave up with AVG after version 8 arrived.

    Horribly bloaty and slow... I've switched to AVAST's free offering and I find it much better. Not sure about the detection rates but it seems to be pretty good at spotting outbreaks of naughtiness so far.

    Jolyon

  8. Cameron Colley

    RE: Sounds like it's workng

    I would say anything that stops the ignorant from making mistakes is a good thing -- why is it that computers have to be useable by all? When did someone invent an OS that requires no training to use?

  9. Toastan Buttar
    Gates Halo

    I ditched both two years ago.

    I now run Windows XP SP3 with the default Windows Firewall and no AV software, Just run as a Limited User for your day-to-day work and everything is sweet. No more nagging, no more multi-hour scans of your entire hard drive, no more signature file downloads. Back to boot times on a par with Ubuntu.

    http://blogs.msdn.com/aaron_margosis/pages/TOC.aspx

  10. Anonymous Coward
    Thumb Up

    Positive?

    Thank goodness I dropped ZA many moons ago for Sygate PF ;-)

    I'd happily drop AV given I've not had a virus except in a VM for donkeys years....

  11. Gareth

    Oh my god

    Are we really going to let the comments "flagged as +ves" and "The intrusions caused are a -ve" go unchallenged? This isn't youtube, I'll have you know..

  12. Anonymous Coward
    Anonymous Coward

    @Cameron Colley

    "When did someone invent an OS that requires no training to use?"

    About around 1984...

  13. Anonymous Coward
    Paris Hilton

    AVG have lost it

    I never even installed version 8, as I heard to how bad it was from other people who did. Got NOD32 instead which is much better, it uses less memory and scans faster, as well as updating significantly more regularly, without needing reboots.

  14. Michael Kean

    Defending AVG. ZA is a Scareware king.

    IMHO ZoneAlarm is a trojan anyway - scareware. Most customers have NAT firewalls anyway these days and wouldn't know what to do if svchost.exe wanted to connect to akamai.somewhere.net

    AVG8 is slower than AVG7, but I can accept that due to it now doing double the work as both Antivirus and Antispyware. I have had a couple of systems get infected with spyware and Avast hasn't noticed, but scanning with AVG and a USB to IDE converter finds them.

    AVG is OK if you custom install and deselect all but the email scanner; and then if you're an outlook user go into advanced preferences and turn off any extensions it added.

    Sadly it is CPU intensive compared to 7, so I wouldn't recommend it if you only have a single-threaded CPU. Or, with Firefox 3, NoScript, FlashBlock, AdBlock Plus and Windows Update, you're pretty safe anyway without a full time AV.

  15. Carl

    Title?

    "Or, with Firefox 3, NoScript, FlashBlock, AdBlock Plus and Windows Update, you're pretty safe anyway without a full time AV."

    Unless you d/l a file, any file from the net.

  16. Hans
    Boffin

    Avast!

    I use avast, we had mcAfee @work, but now have migrated to avast (with license).

    Avast is the way to go. I do not really understand ppl complaining about weekly scans of their entire hard drive. Nobody with common sense does that anymore except when you turn off real-time scanning and start downloading stuff ... and who would do that?

    Besides, who in their right mind would want to use a software firewall??? ZoneAlarm is the last piece of c%$p on the net, you cannot even turn it off properly (well at least the version I saw 3 years ago)!

    A dsl/cable router, my friends, is what you need.

    If you don't like real-time scanning, because it eats up your resources (McAffee is great at that, especially when you copy files), then you should switch to another platform (Mac, Linux).

    I have removed a lot of viri, I used to work for Norton (Symantec), and I can tell you, their software is bad - stay clear!

    @Toastan Buttar

    Don't wonder one day why your computer is part of a botnet, then; Actually, it might already be so.

  17. Hans

    @David Wiernicki

    Sorry, forgot you in prev comment.

    Please, please in 1984, there was no internet as we know it now.

    Computers require training, nobody should go onto the internet without training, and sometimes training does not even help that much.

  18. Anonymous Coward
    Anonymous Coward

    @bigolslabomeat

    "ZoneAlarm is a massive pain in my ass, whenever a home user has issues connecting to a website or some other network program the first question is always "Do you have Zone Alarm installed?", at which point if they say yes then I get them to turn it off and problems magically go away."

    Technical Support - a play in three scenes

    ---------------------------------------------------------

    Scene One

    bigolslabomeat is at his/her desk. The phone rings.

    #User:- Help, I'm getting all these messages on my screen that I don't understand!

    #bigolslabomeat:- Ah, I know this one. Have you got ZoneAlarm installed?

    #User:- Well, actually, yes.

    #bigolslabomeat:- Well there's your problem right there. Turn off ZoneAlarm.

    #User:- Hey, the messages have stopped! You're a genius, cheers!

    Scene Two

    #User:- I rang yesterday and you told me to turn ZoneAlarm off. Now my disk light is thrashing all the time, my friends are complaining about the 250 fake medications emails I sent them yesterday, and I've just had a bloke from the States on the phone claiming to be from the Department of Homeland Security wanting to know why I was hacking into the Pentagon at 3am this morning!

    #bigolslabomeat: Thank you for calling. Please leave a message after the tone ....

    Scene Three

    #User: Hello? Hello?

  19. Pascal Monett Silver badge

    I took that boat too

    I was happy with AVG from v5 to v7 - right up to the point it told me for the third time in a row that a commercial version was available.

    I get the point, you want to sell it. Now leave me with my free version and go away.

    No ? Still nagging me every time I boot the PC ?

    Fine then, off you go. Deinstall and Register cleanup (the inventor of THAT abomination should be shot).

    Now I use COMODO, firewall, AV and surf-protection all in one. Works quietly and only pops up when it actually has a good question to ask.

    I hope it won't bloat too soon.

  20. Anonymous Coward
    Dead Vulture

    Still trying to work out......

    .what "...AVG case is mainly notably in that involves..." might mean.

    Anonymous Pedant, actually.

  21. TimNevins
    Black Helicopters

    Zone Alarm IS Spyware

    ZoneAlarm started out by being a good guy.

    Then it was bought by a company called Checkpoint who promptly re-wrote the Vector Engine to incorporate spying on any machine it was installed on and reporting back to ZoneAlarm where the user is browsing. Several people around the world complained and complaints went unresponded. Then a CNet Security reporter noticed that it was sending back browsing details to 4 different servers around the world AND continued to send this information even if you told it not to. After publishing this article ZA then admitted to this calling it a 'bug'. Highly dubious.

    I have not touched it since it became a backdoor into your browsing habits.

  22. Graham Jordan

    ZA + AVG, euugh

    I used to use Zone Alarm until it tried to get to clever, blocking all kinds of scripts and website, its became a serious pain in the ass.

    AVG again used to be great, until the day it deleted zip files on my machine without asking my authorisation first. These zips contained harmless reg files.

    These days I'm happy with Avast home edition, XP SP3 firewall and my NAT router...

    On countless occasions I've advised home users to go the same route, it saves the hassle of them clicking "yes" to every zone alarm alert and letting a dodgy file through.

  23. Aortic Aneurysm

    NOD32

    I switched from AVG to NOD32 ages ago, and haven't looked back. My PC has not been in better shape. Anyone still using AVG need some education.

  24. David Viner Silver badge

    AVG + ZA = Gone to the dogs

    LIke others I stopped using AVG8 not long after upgrading from the previously good 7.5 and now use Avast. I dumped ZA years ago after a major upgrade made things go titsup and now have a hardware firewall. Had no problems since.

  25. Dave

    Clueless

    "AVG again used to be great, until the day it deleted zip files on my machine without asking my authorisation first. These zips contained harmless reg files.

    These days I'm happy with Avast home edition, XP SP3 firewall and my NAT router...

    On countless occasions I've advised home users to go the same route, it saves the hassle of them clicking "yes" to every zone alarm alert and letting a dodgy file through."

    Haha, brilliant. First, set up your software properly. AVG, or any other piece of software, does not just delete things when it feels like. Secondly, XP firewall is only half a firewall. Third, isn't it terrible when you have to take a bit of responsibilty youself?

    As for bigolslabomeat telling people to turn ZoneAlarm off and "the problem goes away". Yes, but only from idiots like you. Somebody else usually ends up with a much worse problem thanks to your idiocy.

    There's too much other bollocks in these comments to reply too. No wonder mal/spy-ware is so big a problem these days with clueless morons like this loose on the net.

  26. Zmodem

    world would be lost without ZA

    you could have a 100 firewalls. and there will be zonealarm telling you every program that tries to connect to the web. even if its all its used for.

    while AVG messed up something on my board when i got some lame advert and message telling me to upgrade. and had to reset all my bios

  27. Toastan Buttar

    @Hans

    "Don't wonder one day why your computer is part of a botnet, then; Actually, it might already be so."

    So might yours, though; No signature-based AV software is going to be a defence against zero-day exploits. For example, how many people running up-to-date AV protection got hit by 'Antivirus XP' and its variants recently ? Going down the Limited User route means that the most vulnerable parts of the OS cannot be accessed by malware, so the vast majority are incapable of infecting a system, even if they do get the opportunity to run.

    You will always be safer running as Limited User without AV than running as Admin with AV. Running as Limited User with AV makes even more sense, because you can scan files as they're downloading.

    Go to Aaron Margosis's blog and read more testimonials from people who run Windows in this way.

  28. Anonymous Coward
    Flame

    @TimNevins: PPOSTFU.

    What kind of kick do you get from spouting this FUD and lies? Enjoy the feeling of being an insider, someone who knows, do you? Except of course that you don't know sweet FA.

    Yes, there was a bug in one version where even if you told it not to check for updates it still did. Did you bother to look at what was in the packets it was sending? There was nothing of any interest there at all. Here's what it looks like when someone who isn't a moron does it properly:

    http://www.hansenonline.net/Networking/zaspy.html

    "Sending your browsing details"? Completely fabricated tin-foil-hat-wearing paranoid fantasy. You're full of wind and piss and you haven't got the first idea what you're talking about, so PPOSTFU.

This topic is closed for new posts.

Other stories you might like