So in less than a month Grisoft has issued false-positives for their AVG (free and pay editions, 7.5 and 8 versions) virus definitions that claimed the incredibly commonly used firewall - CheckPoint Zone Alarm - is a virus, as well as that almost always used (because it’s Windows)  Microsoft Windows XP kernel file: user32.dll.  Now one, but two extemely commonly used files marked as viruses when they’re clearly not.  This should have been caught in testing before release to the world at large, because if these programs aren’t installed on the test bed, then what the heck is?

Well, it ain’t over.  Not by a long shot.

Because now in less than a month we have three, yes, count them, three false-positives from commonly used software.  That’s right.  Just shortly after smearing egg on their face with the Windows user32.dll false positive, Grisoft went and released a false positive of … Adobe Flash.  Yes, that’s right.  That little bit of software used all over the place on the internet.  That practically anyone who surfs the web has installed.  That just as clearly should be in Grisoft’s test bed.  That Adobe Flash.

I don’t think it could possibly get much more embarrassing for Grisoft at this point.  I mean it was bad enough when they instituted their Link Scanner that automatically pre-scanned common search results, causing web page hits across the world to jump insanely high when people weren’t actually visiting the sites, just getting them returned as search results.  That was bad.

But now three major false-positives, one of which rendered customer’s computers inoperative if they acted on it, in less than a month.

Hello?!

There was a time when I would have said that Grisoft AVG was hands down one of the best anti-virus software packages out there.  It had a lot to offer, and was well refined, even for the free version.  It used less resources than the majors from Norton and McAfee and worked just as well.  And so I’d used it for years.

In all fairness, I can no longer make such a statement.  There are others out there that are better.  There are others out there that are actually taking the time to test before release.

I’m not saying don’t use Grisoft.  If you have it, and like it, then by all means, the choice is yours.  But if you’re looking for something new, maybe, sadly, it’s time to look somewhere else.  Grisoft no longer inspires confidence.

Grisoft, makers of the AVG anti-virus software, have made a bad mistake.  Correction, have made two bad mistakes.  The first was identifying CheckPoint’s Zone Alarm as a trojan not long ago.  The second, was identifying a Windows system file (user32.dll) as a virus.  Of course it wasn’t.  It’s a false positive.  But if you make the mistake of believing your AVG antivirus, you’re going to end up with a computer that can’t boot up.

Now, false positives happen.  But false positives on core software, like a very commonly used security firewal, or worse, like an extremely often used operating system, these shouldn’t happen.  Any basic testing should catch these false positives before the virus definition update is released to the public.

Clearly, that isn’t happening.

Grisoft is failing to perform even basic quality assurance.  And customers have every right to complain.  Free and pay users of AVG 7.5 and 8 are all affected by these obviously untested virus definition updates.

For what it’s worth, Grisoft has fixed their virus definitions, so if you have performed an update as of today, you’re safe.

And for those who let their AVG anti-virus break Windows, Grisoft offers a support page, without a direct link.  Look for item 1574 here.  Let’s hope that you still have your Windows XP install CD handy.  Heck, with as many OEMs that just ship recovery CDs instead of Windows install disks, and as many OEMs that don’t even ship you an actual CD - just an ISO you can download or an equally useless measure, let’s hope that you actually have a Windows XP install CD, period.

Random false positives are to be expected.  Nothing is ever fool proof.  But false positives on operating system files are just unconscionable.  Grisoft, you should be ashamed.

I’ve been using Grisoft’s AVG Free Edition for a few years now. I didn’t start there. Oh no.

First was Norton antivirus. It was okay … ish. But it really wasn’t stunning me. It let things through. It ran poorly. It wasn’t long before I was trying something else.

So I tried the next major name: McAfee. It made me long for Norton it was so bad. The resources that it consumed just to do absolutely nothing were stunning. My whole computer slowed down to a crawl. That went right out the window.

So, having wasted considerable funds on just antivirus software, I decided to give the freeware world a shot. I figured how much worse could anything there be? The two major pay-fors were utter crap. So long as a free AV package could meet the same low standard, I’d be sold.

That’s when I found Grisoft. I tried out one of their earlier versions of AVG Free. It wasn’t great, but it was better than both of the others. It used less resources and caught the same tests (from some old bad infected floppies) that I threw at it. There was one game where there seemed to be some programming collision and Grisoft would bring the game to a crawl after an hour or so of play, but later updates to AVG Free even fixed that. So it worked just as well as Norton as far as I could test it, but used the least resources out of all. And it updated itself daily. Who could ask for more?

Over the years it got better and better. Version 7 was a real treat. So much so that I was starting to consider actually buying Grisoft’s AVG package.

But then I “upgraded” to version 8.

And I use the term “upgrade” very loosely.

Because so far, it’s been total crap.

To start with, they totally screwed up the user interface. I think someone was trying to make it more modern. Instead they just made it even less intuitive.

Then there’s the updates. Or, more specifically, the lack thereof. Seriously. Literally every other day, somehow, the update process fails. Even right now, this very second, I’ve been trying to run it manually because the automated update failed. And I get only so far through the update process when BAM, their server fails. I know it’s not my server because I’ve tested it just to make sure. It’s not my server. It’s not my ISP. It’s not my firewall. It’s their server. It’s their product. It’s their failure. And I’m really f’ing sick of it. If they don’t sort this soon, I’m going to have to give up my years of loyalty to what was once a good product and go elsewhere.

But that’s still not all. There’s also the LinkScanner scandal. What do I mean? Well, Grisoft introduced into their AV product a new feature that pre-scans the links returned in common search engine searches. So say you search for something in Google. All of the results that Google gives you are pre-scanned by LinkScanner. This is a great feature for security. But webmasters pretty much hate it. Why? Because now all sorts of websites are getting what look like hits of real people reading their website. Only those real people aren’t real people reading their site. They’re just real people doing a web search, and those hits have nothing to do with people reading a thing. It’s all pre-scans for security. Good for web surfers. Bad for web sites. It costs websites bandwidth and very much skews their statistics to gauge their readership.

Well, supposedly Grisoft was going to neuter the LinkScanner to no longer pre-scan web searches. They weren’t even going to ask users which was better, or leave it up to them. Rumor was they were just going to disable that feature because of the noisy complaints of the very few web pages that noticed. (You can tell it was such a big scandal since so few administrators even figured it out.)

That was the rumor anyway. I’ve still to see it happen. Of course that could be because I can’t get Grisoft’s AVG Free 8 to update. But meanwhile, my web searches all still pre-scan the returned links. Which, by the way, I like. And yes, I do own InsanIT.net. I’m okay with this product. I even hope more AV suites offer something similar in the future. Anything that makes the web safer for surfers is okay by me.

But the point is, it’s a weird scandal, with a stranger lack of a resolution.

And, of course, there’s Grisoft’s AVG logo itself. A picture is worth a thousand words:

Does this logo seem in any way familiar? Well, considering that it’s just a Microsoft Windows logo spun around 180 degrees, it should look pretty darn familiar. Maybe Grisoft is intentionally trying to create a familiar feel, but I’m not sure which concerns me more, getting that close to a copyright and trademark infringement of a blatantly familiar logo, or that maybe it was just “by accident” and they’re really that uninspired over at AVG.

So what does it all add up to?

I used to be a big fan of Grisoft. At a time when Norton and McAfee were, well, less than stellar, Grisoft offered a completely free antivirus solution that was infinitely better.

But today, times have changed. And Grisoft? What things they have changed, have all changed for the worse.

They do not inspire in me the confidence to pay for their product. And their free product is just darn close to pissing me off for the last time.

These days, there are other fish in the sea. I’m thinking it’s time for me to head back to open waters and search for something new. And if you’re considering using Grisoft’s AVG, I invite you to do the same.

Earlier, in my blog “Grisoft AVG - Making The Web Safer … Unless You’re Running A Website“, I went over how Grisoft’s AVG product included a new feature, LinkScanner, that pre-scans search results from common web search tools like Google and Yahoo. And in its way, made the web safer for users.

The downside was, of course, a lot of fake traffic hits and bandwidth usage. Because every search result was loaded as if it were a normal user opening that web page, and then scanned, before a user ever clicks on the link. This, of course, drove a lot of paranoid delusional web site owners insane and created a lof of “the sky is falling” yelling across the web. Because, heaven forbid, their numbers were off.

Well, thanks to them, the internet is going to be less safe again. Instead of an invaluable technology being promoted across several security products and making the world wide web that much safer for the common surfer, it is instead falling into the annals of ignominy where no one will likely ever repeat the attempt. Congratulations squeaky wheels. You have won.

Scuttlebut is that in a few days Grisoft will terminate this feature of LinkScanner. It will still scan links as you click on them. It just won’t pre-scan anything for you anymore.

While I can’t say that I am entirely disappointed, as the concept seemed to need some form of tweaking, I also can’t say that I am in any way pleased. We should be making the web safer, not catering to people freaking out over marketing numbers. And instead of either side trying to communicate with the other and work out any reasonable form of compromise, we instead have idiocy and paranoia. I guess I shouldn’t expect anything better from people these days. Still, I can’t help but feel a blow against that age old wisdom, common sense.

Grisoft makes a wonderful batch of security products. They do Grisoft AVG, which is anti-virus. But they also do anti-spyware, anti-spam, firewall, et cetera. And they even have a wonderful personal-use free anti-virus package, AVG Free.

Recently they released the upgrade to version 8. And many users joined in, making their PCs safer than ever. New to version 8 is a new tool, a link scanner called, aptly enough, LinkScanner. What it does is when you do a Google (or Yahoo or Microsoft) search, it pre-examines the links to the search results to make sure that they’re safe to click on. Which sounds good. For PC users, it is. LinkScanner does a good job of pretending to be a real user clicking on that link, to make sure that mean nasty websites that will try to hack you will try to hack the LinkScanner when it scans them. Since people can construct mean nasty websites to hack you, this is a good tool.

Unfortunately, like so many swords, the blade is double-edged. Yes it’s good for us home users. But it’s bad for people who run websites. Because it does such a good job of pretending to be a real user, it also means it’s really hard to tell these fake pre-scans from actual people visiting your website. Before if someone did a Google search you only got a “visit” if someone actually clicked on the link and visited your website. But now if someone does a Google search and they use Grisoft AVG 8, every search result from that search gets a “visit” even if the person who did the search doesn’t click on a single link.

Why is this so bad? Because it completely skews the traffic information of who is visiting what website. If you get the glorious position of being a top search result, now you’re getting tons and tons more “visits” to your website, even though no one more than before is actually visiting. It’s all just the pre-scanning done by Grisoft’s LinkScanner. And these extra hits are not just skewing traffic information, but also costing the website extra money because they’re the one paying for the hosting bandwidth to keep their site there for you to read.

As both a website owner and a web user, I have to say however, the concept is worth it. Anything that protects users, within reason and rights, is good technology in my opinion. Is it an inconvenience to us website owners? Well, yeah. But so are the millions of robots rooting around out there. That’s just part of the internet. In my opinion anyone who is really complaining about yet another piece of technology complicating things is just a whiny little bi_ch.

But that said, the approach could most definitely be cleaned up to be both web-user and site-owner friendly.

How?

By not pre-scanning every freaking link! Duh! Why is it so hard to pre-scan only the link clicked on and pass that page through the cache into the browser if and only if the page is safe? And if it isn’t safe, or is questionable, a little “This page looks bad. Are you sure you want to visit it?” kind of pop-up window gives users a choice. That way users are still protected, and that protection incurs absolutely no additional page hits. Antivirus software has pre-examined downloads forever in such a manner. Using a similar approach to loading websites themselves would make everyone happy.