I was helping someone with their computer when I noticed that their AVG Free hadn’t updated since October 5th. When I clicked Update Now it would hang when it got to the point where it was “Analyzing new updates”
Apparently this is now a known issue for AVG on XP 64 bit systems.
After a little browsing online I found that a workaround was available for users of the paid AVG version. It involved changing the Advanced Settings so that AVG first looked to the secondary update server rather than the primary update server.
The catch for users of AVG Free is that there is no option to change the update servers or their priority.
It occurred to me that while I couldn’t change the name of the primary update server I could certainly change the IP number that Windows used to go find that server. I added this entry to the C:\WINDOWS\system32\Drivers\etc\hosts file:
212.96.161.241 guru.avg.com
The IP number is actually the address of the secondary update server bguru.avg.cz, so when AVG does its normal update it thinks it is checking the primary server but is actually checking the secondary server.
But there’s a rub…. AVG protects the Hosts file in order to prevent exactly this sort of chicanery which can be used for very nefarious purposes. It will block this change or perpetually alert about the change even if it has been ignored.
Fortunately I was able to add the Hosts file to AVG’s Resident Shield’s Exceptions list. I couldn’t enter the file by choosing it from the Add File button but I could add the path to the Drivers folder and then use the Edit List button to change it to point specifically to the Hosts file within the etc folder.
AVG update works perfectly with this arrangement. However, now the Resident Shield is not protecting against any other changes to the hosts file. That should be fine if the machine is clean, since having updated definitions should block incoming infections. If the machine gets infected and starts messing with the Hosts file then it could be a big problem, for example preventing the anti-virus program from updating or sending seemingly innocuous web links to very bad places.
I estimated that the benefits exceeded the risks in this case especially since it is for a limited time until I revert the changes when AVG issues their final fix.
No comments:
Post a Comment