New Labour is in the dustbin of history - David Starkey
|
|
|
Avast update fixes false positives
INSECURITY OUTFIT Avast yesterday released an update that caused its antivirus software to report scores of clean, legitimate software programs as being riddled with malware.
According to a blog post by the company, the bad false positive issue came about following an update sent out around 00:15 GMT "which started flagging hundreds of innocent files as a 'Win32:Delf-MZG' Trojan (or, in less common cases, as 'Win32:Zbot-MKK')."
According to reports, a range of files from widely used and custom applications as well as device drivers and system files all fell foul of the erroneous update.
After complaints came pouring in, the company found and repaired the problem and around six hours later, at 05:50 GMT it sent out another VPS update which corrected the issue. But by then the damage had already been done to a host of users, with crucial files having been quarantined or deleted.
"We were inundated with calls from customers who had had Omni files quarantined and subsequently deleted," said Chris Kudla, lead developer for business accounting software firm Omni Accounts.
"We had to figure out what the problem was, in terms of which pattern file was causing the problem and then convince the customer that it was not actually our software that was at fault. I find it incredible that a software house like Avast can send out an update which causes such havoc, especially since this has happened before. They don't seem to learn."
Avast has apologised for any inconvenience the mishap may have caused and also provided directions for how to restore a false positive file from the Virus Chest quarantine repository.
However, we have had reports of many PCs being sent into computer repair departments and shops in order for users to have their systems restored to their former state. µ
Share this:
Share
09-12-04 went by, with updates enabled, never had any problems with my avast.
Protip: my choice of softwares are superior, the rest of you fail, uninstall the crap
Let all the test dummies find the problems
I got one of those errors and of course clicked to take corrective action. It has disabled my spy-bot anti-spyware and registry protector.
www.av-comparatives.org
Give a look at these reports. Avast ties in with Avira on first place. Even the paid ones come after them.
I even tried Avira for a while, but I got annoyed by Avira's popups.
So, what was you saying about Avast again?
We just had a similar problem with F-Secure on 2 different servers - they both became unusable a few minutes after backup started - only disabling F-Secure helped. Wonder how that relates.
A few years back I received a call from my ISP the moment i went towards the phone my heart was thumping and I thought Hey time to pay for all this *cough* legal downloads. They actually said that someone had filled a complaint about my pc flogging spam mail somewhere to Russia. Point is that the nod32 I had these days simply cooperated with windows firewall and both let whatever malware i had send loads and loads of spam. Since then I have used Kaspersky and i have been pretty happy with it. It seems you do get what you pay for in this life. I should tell my experience with AVG here for there are no words in the English vocabulary to describe my rage
Many businesses, schools, libraries and others pay for Avast, they have free and paid versions. I've used Avast for over 7 years and have had consistently good performance from it. Had problems with AVG and Vista not behaving well for a while, Norton just is slow and takes forever to install and uninstall and McAfee is bad that way too. Avast has numerous times removed viruses and spyware that Norton couldn't. PLUS Avast is the only A/V these days that still works with windows 95/98 when Norton dropped the ball years ago, plus it works with every other windows too at the same time up to windows 7. So for them to have 1 mistake in 7 years is not bad.
I encountered this issue at the beginning when Avast flagged ZoomPlayer and almost all associated files as infected. Rather than deleting them immediately I took the time to scan them with MalwareBytes (which is almost always more effective) and they checked out. I created an exception for the directory and made sure my system was backed up before running it again. No harm, no foul.
ALL AV companies have false positives, the most important thing is to double-check with other software before quarantining or deleting them, and never allow AV to automatically delete suspicious files! Last but not least, if you do get infected, your best bet is ComboFix, pure and simple. Beyond that, call a professional.
I have to say that MSE, apart from being excellent at staying out of your face and not impacting performance, has a good record of not triggering false positives. You can sure that MS are fully aware that incident like this, for them, would be 100x worse, negative publicity-wise.
I don't understand people when they say: "It's free so it has problems." Actually there's hardly a significant diffrence between a paid and free software, not just anti-virus.
The only thing that a free software lacks is Official Support, and that means if you ran into problem you should work it out yourself. When you use a free product you already agreed with that. Although most of free commercial software has a paid supported option. So as you can see nothing changes at all but your Options.
Well as an Avast user I'll forgive them this time first time it's happened to me since I started using Avast 3 years ago. but it was interesting that it reported windows 7 had a virus in the system memory Now back to the quarantine and replace all the files it did'nt like Oh yes it was MSN so no real loss...
In the last two days we have had fifty customers come into our repair shop. They weren't very happy when they found out what happened and I don't blame them.
A virus scanner basically eating itself and other programs....
TSK TSK TSK Avast
Ubuntu here.
@bas
I loathed Norton and earlier this year at a tech expo I let the Norton guys have it with both barrels telling exactly what you had said and MUCH more. After spending a good hour with them I left their stand armed with a free product to try so I could verify their claims. Long story short, the versions 09-10 ain't like it used to be.
Wanna bet Norton gives false positives too!
Even worse, it slows down a PC to a crawl.
I used Avast for a while, but gone back to AVG, as AVG9 is really quick and fast as ever before.
But then, I don't use their linkscanner nor do I install their toolbar or Yahoo crap that comes with it.
...right. Because McAfee/Norton/Symantec/whatever have flawless track records and don't ever cause any problems.
Personally, I've never seen any AV products BUT the above cause problems. With AVG and Avast (although I've never used Avast - always been happy with AVG), you're just plain nuts if you pay for AV software.
It wouldn't be the first time an antivirus program has flagged something as a false positive. I think just about every antivirus program out there has had a false positive at one point or another.
For that matter, just about anything packed with Themida or other code obfuscation software sets off alarm bells. It just comes with the territory.
That's what you get for a so called free anti-virus