|
to onDvine
Re: False positive in Avast! or is it real?So long Avast, it's bin a gud ride (almost 5 years), but when yu trashed my comp I came a gunnin'; have now put yu out to pasture and have bought me a new hos' named Avira, a bit touchy with fake snakes and other vermin, but seems a winner, within the five best at least. Adieu |
|
|
|
|
·Frontier FiberOp..
|
to onDvine
I've been following the thread with great interest and concern for those who have been adversely affected. I am also perplexed. I have two machines here that run Avast that are set to automatically update. Both machines have been turned on in the morning, and off in the evenings. Both have been automatically updated right up through vps 091204 as of today.
Neither of my machines has given any false positives or exhibited any issues. Three of my friends and neighbors that I set up with Avast have also not experienced any difficulties. All of us are running XP/SP2 and Avast program version 4.8.1356 (which appears to NOT be the latest version).
Has anyone figured out why some of us have emerged completely unaffected? |
|
La LunaFly With The Angels My Beloved Son Chris Premium Member join:2001-07-12 New Port Richey, FL |
La Luna
Premium Member
2009-Dec-5 12:09 am
Your machines may have been turned off when the funky update was pushed. If you turned them back on and you got the corrected update instead, you wouldn't have seen the issue. That's how I understood it from reading the thread. |
|
|
Your thought is the only one I could think of as well. Since my machines and those of my friends/neighbors don't run 24/7, we may have missed the issue (thankfully).
Regards,
Ender |
|
|
to onDvine
i too had avast report several files infected with Win32:Delf-MZG. Aready formated and reinstalled os though. Thought it was wierd that i was unable to find any external storage infected after reinstall. |
|
|
prancer to onDvine
Anon
2009-Dec-5 3:45 pm
to onDvine
I use avast among other things, including spybot and I've used adaware and microsoft security essentials in conjuction with avast and havent ever had a false positive. I think one of the things we're not looking into is that adware and malware can attach itself to files and make the whole file look like a virus or some other malware. I personally had a piece of adware attached to an MP3 that wasnt infected when I copied it from the original album. CDs dont come with viruses on them generally. Another thing: Are you paying for avast? Or are you using the free home edition? Be thankful that they're gracious enough to offer you a free version that works as well as it does. You get what you pay for is basically what I'm saying. If you want better service, pay for it. Don't expect them to keep fixing things all the time if their not getting paid. Put yourself in their shoes. |
|
ltsnow Premium Member join:2006-04-08 Valdosta, GA
1 recommendation |
to Le Boule
I think it's pretty amazing that they were so honest in their apology. They admitted a human error. Nobody seems to do that anymore. |
|
jabarnutLight Years Away Premium Member join:2005-01-22 Galaxy M31 1 edit |
jabarnut
Premium Member
2009-Dec-5 4:53 pm
said by ltsnow:I think it's pretty amazing that they were so honest in their apology. They admitted a human error. Nobody seems to do that anymore. I have to agree with you there. quote: I apologize to each and every one of youI realize that security is fundamentally about trust and you have to trust your security provider. We made a mistake here and it wont happen again.
Pretty refreshing to see, actually. From some of the follow-up comments (as well as a some comments in this thread), there are those who aren't willing to forgive and forget. (And depending on how badly they were effected, I suppose you can't really blame them). Still, I do commend Avast for not giving everyone a bunch of BS as far as an explanation, which we tend to see far too often these days. |
|
AB57 Premium Member join:2006-04-04 equatorial
1 recommendation |
AB57
Premium Member
2009-Dec-5 5:20 pm
said by jabarnut:said by ltsnow:I think it's pretty amazing that they were so honest in their apology. They admitted a human error. Nobody seems to do that anymore. I have to agree with you there. quote: I apologize to each and every one of youI realize that security is fundamentally about trust and you have to trust your security provider. We made a mistake here and it wont happen again.
Pretty refreshing to see, actually. Yep. Except probably he should have left off the "and it won't happen again" because . . . . well, you know . . . in case it happens again. |
|
Florida Dan Premium Member join:2001-07-06 Boynton Beach, FL 1 edit |
Oops...my bad. Edit: Deleted post entirely. |
|
onDvineGrown up Flower Child Premium Member join:2005-01-29 So. CA, USA |
to AB57
He knew better than to use the word, "never." |
|
jadinolfI love you Fred Premium Member join:2005-07-09 Ojai, CA |
to onDvine
We should demand our money back............oh, wait....... |
|
mers2 Premium Member join:2004-03-20 USA
1 recommendation |
to onDvine
A link to an even more detailed explanation of the event and what is being done to ensure a mistake of this proportion (not simply any mistake - a major mistake) doesn't happen again: » forum.avast.com/index.ph ··· ic=51783I have more respect for Avast with not only the apology, but the details of how it happened. They fixed it quickly, but are putting measures in place so serious mistakes in the future get the attention of a human immediately. |
|
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
Mele20
Premium Member
2009-Dec-6 7:54 am
And there the word "never" is used. LOL
Plus, this link is provided in the CEO's blog which is linked to above. No need to provide it again.
The only thing that will really fix this is for Avast to restore the Ignore button in ver 5. If they don't do that then that indicates they don't even understand anything about their own AV and how folks use it and expect it to be. Nothing bad would have happened with an ignore button exactly like what Avira has. Avast doesn't even seem to understand the difference between "block" and "ignore" and thinks everything should go to the Chest. NOTHING should go there unless the user is POSITIVE it is not an FP. The first choice should always be IGNORE and then the user submits to VT/Jotti. |
|
fatnesssubtle
join:2000-11-17 fishing
1 recommendation |
to mers2
said by mers2:A link to an even more detailed explanation of the event and what is being done to ensure a mistake of this proportion (not simply any mistake - a major mistake) doesn't happen again: » forum.avast.com/index.ph ··· ic=51783 said by explanation : The problem was that the FP test was not performed at all before the definitions were pushed out.
|
|
KeizerI'M Your Huckleberry MVM join:2003-01-20 |
to Mele20
said by Mele20:The only thing that will really fix this is for Avast to restore the Ignore button in ver 5. If they don't do that then that indicates they don't even understand anything about their own AV and how folks use it and expect it to be. Nothing bad would have happened with an ignore button exactly like what Avira has. Avast doesn't even seem to understand the difference between "block" and "ignore" and thinks everything should go to the Chest. NOTHING should go there unless the user is POSITIVE it is not an FP. The first choice should always be IGNORE and then the user submits to VT/Jotti. On the alerts that I got from Avast, I just clicked the X in the upper right hand corner. I'm not sure what action is taken in this case, and really didn't research it after the fact. I had no intention of letting Avast fix the situation afterward anyway, because I had planned on just restoring a recent image after the fix was rolled out. |
|
MarkAWBarry White Premium Member join:2001-08-27 Canada 1 edit
2 recommendations |
to Mele20
said by Mele20:The only thing that will really fix this is for Avast to restore the Ignore button in ver 5. If they don't do that then that indicates they don't even understand anything about their own AV and how folks use it and expect it to be. Nothing bad would have happened with an ignore button exactly like what Avira has. Avast doesn't even seem to understand the difference between "block" and "ignore" and thinks everything should go to the Chest. NOTHING should go there unless the user is POSITIVE it is not an FP. The first choice should always be IGNORE and then the user submits to VT/Jotti. This makes the third time i've seen you put this in a post of yours and for the life of me i don't know what you are talking about when you say the "ignore button". There has never been an "ignore button" in the 8 years i have been using this program when avast pops up a warning of a virus, i've seen a "no action" button as shown below but have never seen an "ignore button"?
|
|
Florida Dan Premium Member join:2001-07-06 Boynton Beach, FL |
to onDvine
said by Avast Global Moderator : So, if you believe in second chances, please stay with avast. We screwed and we know it but we have to look forward and keep fighting. The virus writers don't sleep.
Have to give the guy credit for his candor. I believe in second chances, especially because more than a few of them have been given to me over the years. |
|
PrntRhd Premium Member join:2004-11-03 Fairfield, CA |
PrntRhd
Premium Member
2009-Dec-6 11:20 am
I agree.
Alwil (Avast) had procedures and processes to stop this but humans went around the safety steps and those same humans are now quite aware of why the procedures were there.
|
|
Smokey Bearveritas odium parit Premium Member join:2008-03-15 Annie's Pub |
to Florida Dan
said by Florida Dan:said by Avast Global Moderator : So, if you believe in second chances, please stay with avast. We screwed and we know it but we have to look forward and keep fighting. The virus writers don't sleep.
Have to give the guy credit for his candor. I believe in second chances, especially because more than a few of them have been given to me over the years. Agreed. Other vendors can learn from the way how Avast handled the issue: fast and sincere statement, complete openness, no crappy talk. That's the way how vendors should treat their customers: thumbs up Avast! |
|
La LunaFly With The Angels My Beloved Son Chris Premium Member join:2001-07-12 New Port Richey, FL 1 edit |
to onDvine
I'd also like to add that at some point when I was getting all those warnings and was choosing "ignore", Avast popped up with a "Trojan in memory, recommend to run a boot scan...." ) or however it was worded. THAT'S where things were being deleted, automatically, without my input. A few things I got a choice, but most were deleted by Avast during the boot scan without asking me. |
|
KeizerI'M Your Huckleberry MVM join:2003-01-20 |
said by La Luna:I'd also like to add that at some point when I was getting all those warnings and was choosing "ignore", Avast popped up with a "Trojan in memory, recommend to run a boot scan...." ) or however it was worded. THAT'S where things were being deleted, automatically, without my input. A few things I got a choice, but most were deleted by Avast during the boot scan without asking me. That's strange. I did a boot scan on my mom in laws PC a few weeks back. It caught some baddies, but the scan stopped and allowed me to delete them as it went. It never did it automatically. It gave me choices. |
|
|
While the night of this incident i removed Avast from my Mom's PC, and this one, and put in Microsoft Security Essentials, but after a various issues with it, i'm more than ready to come back and stay with Avast for a very long time |
|
La LunaFly With The Angels My Beloved Son Chris Premium Member join:2001-07-12 New Port Richey, FL |
to Keizer
said by Keizer:said by La Luna:I'd also like to add that at some point when I was getting all those warnings and was choosing "ignore", Avast popped up with a "Trojan in memory, recommend to run a boot scan...." ) or however it was worded. THAT'S where things were being deleted, automatically, without my input. A few things I got a choice, but most were deleted by Avast during the boot scan without asking me. That's strange. I did a boot scan on my mom in laws PC a few weeks back. It caught some baddies, but the scan stopped and allowed me to delete them as it went. It never did it automatically. It gave me choices. I know it was weird. There didn't seem to be any rhyme or reason to what it was choosing to delete as opposed to giving me a choice. Maybe it was all part of the faux pas. |
|
seadog75 Premium Member join:2008-01-25 Hooksett, NH |
to onDvine
Filed a Tech ticket with Alwil, and got a reponse back in 6 hours. As their bolg Mod stated, they found the wrench in the machine and fixed it. Had me update again, and false positives gone. I've used Avast for 4 years now, still find it better than most other mainstreamers out there. I have machines with Norton's and I've had more issues with their s/w. I'm givin' Alwil a mulligan on this one |
|
mers2 Premium Member join:2004-03-20 USA |
mers2
Premium Member
2009-Dec-7 6:52 am
The "No Action" button is the equivalent of Mele20 's "Ignore Button". I used that button and it didn't delete or quarantine anything - it didn't do anything except make the obnoxious warning box go away. |
|
|
Avastlover
Anon
2009-Dec-7 11:03 am
@mers2
Not completely correct. 'No Action' does more than 'ignore'.
'No action' does stop any further contact with the file, eg it can't be executed or opened.
'Ignore' is meant to ignore, that is 'do absolutely nothing'.
Just to clarify. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
to mers2
said by mers2:The "No Action" button is the equivalent of Mele20 's "Ignore Button". I used that button and it didn't delete or quarantine anything - it didn't do anything except make the obnoxious warning box go away. I did NOT have a "No Action" button. There is none in version 5 beta 3. I had TWO choices ONLY: Delete or Move to Chest. So, that is why I used the X in the upper right corner of the popup. Besides, "No Action" button available, as Avastlover has pointed out, is NOT the same as "Ignore". I need "Ignore" and, sadly, even though many Evangelists at Avast forum have asked for this also, it will not be in Version 5 final. |
|
mers2 Premium Member join:2004-03-20 USA
1 recommendation |
mers2
Premium Member
2009-Dec-8 4:24 am
Avast 5.3 is beta software. In other words, not complete and use at your own risk. |
|