Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

December 4th, 2009

Apologies for Bad Definition Update

You may have heard that we released a virus database update early Thursday morning (or Wednesday night depending on the time zone). We are deeply sorry for releasing this update and the trouble it caused you. Of the users that received the update, most encountered no problems, some encountered minor issues, and some had significant problems.

I apologize to each and every one of you—I realize that security is fundamentally about trust and you have to trust your security provider. We made a mistake here and it won’t happen again.

We have highly automated systems and processes for testing and releasing virus updates. Updates are thoroughly tested before being released. But the process failed due to a “human failure”. This was an example of the old proverb “the road to hell is paved with good intentions”. Some engineers thought they were doing the right thing by sending out an out-of-cycle update to fix a problem. Unfortunately, they circumvented the automated systems and ended up sending out the wrong update—one that had not yet been tested.

There are detailed explanations of this issue and how to fix it on our support forum (http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=377). And our CTO has authored a detailed explanation of how this happened (http://forum.avast.com/index.php?topic=51783). In the next few days I will write another blog entry about how we are changing our processes to ensure this problem does not ever occur again.

In the meanwhile, please accept mine (and the company’s) apologies for the troubles we have caused you. We won’t let it ever happen again.

Categories: CEO's corner Tags:
  1. Murad
    December 8th, 2009 at 14:12 | #1

    I’m sure that this is done by someone who don’t want avast to reach 100M users … stop trying to cover it and tell the truth ….

  2. Vlada Cernik
    December 8th, 2009 at 14:49 | #2

    @daypet1
    This my answer was on your email from December 02, 2009 10:00 AM Subject: Probable false positive “MX97:CVE-2009-3127 [Expl]“

  3. ~ jisuna
    December 8th, 2009 at 14:51 | #3

    huh!? people sometimes turned out to be dumb..
    mistakes happen! why would you untrust avast for that?
    after it saves you from viruses and malwares for free? you dont appreciate it?
    they are doing their best just to help us.. then for only one mistake avast will be untrusted? then transfer to avg? really stupid.. what if avg makes a mistake?
    you will transfer to avira? and if avira makes a mistake you’ll transfer to norton? and if norton makes a mistake you will try everything else and will only end up throwing your computer to the trash can? common sense please

  4. Petr Bucek
    December 8th, 2009 at 16:08 | #4

    daypet1 :
    This cock up would appear to be a direct result of a release Avast were forced to release in response to a complaint from me. From monday the 1st of December till Wednesday we were getting false positives from a bunch of Excel spreadsheets containing pivots tables. I recieved this email
    “Hello,
    thais false alarm was fixed by VPS update 091202-0
    Please update your VPS
    Regards Cernik”
    Wednesday 02-12-09 10:47 am

    This particular false positive has never been owned up to I’m afraid. So we are all being deceived..

    Thank you for all your comments. daypet – your problem had nothing to do with a huge issue that is commented in this post. Vlada Cernik, our virus guru, replied to you and owned up the problem. It has been solved as soon as possible. We are indeed very sorry for what happened in VPS 091302-0 (the number is different from yours of Wednesday 02-12-09) . Also, there is no covering scenario. It was a disaster that happened and I hope that will not happen anymore.

  5. Rody
    December 8th, 2009 at 17:00 | #5

    don’t be sorry everyone is making a mistakes
    as for me i don’t care if it happend again cus i love ya
    and cus the mistake is a humanity natere
    but don’t promise as that it won’t happend again…cus you can’t give a Thirsty :)

    by

  6. December 8th, 2009 at 17:19 | #6

    @daz

    sorry but in case that even Windows CD is not working there is not much left to try. Let’s pretend that CD-drive is working then please get any bootable CD and use it at least for your data backup, you can of course use our avast! BART CD http://www.avast.com/eng/download-avast-bart-cd.html for it. Later get the working CD with Windows OS and install the new OS on your PC.

  7. daypet1
    December 8th, 2009 at 18:44 | #7

    We are corporate customers and therefor not free !

  8. Sergio Ariza
    December 8th, 2009 at 22:36 | #8

    We have been using Avast for two years, and we had found 3 FPs, the problems is that two of them, had a very negative impact in our company, as “daypet1″ said, we are corporate users, expecting good support and a good product for the enterprise (as a home product I have no negative comments), some days ago, I sent a email to Daniel López (Prague) and Christian Cantoro (USA), with some key point to improve, I just received apologies, nothing about to solve the points in my email…

    Best Regards!
    Sergio Ariza.

  9. Xastain
    December 9th, 2009 at 07:52 | #9

    1. Thank you for owning up.
    2. Thank you for fixing the problem.
    3. Thank you for being awesome.

    You are forgiven… Avast! still rulez!

  10. Roldan
    December 9th, 2009 at 11:53 | #10

    All the software of the IObit Security 360, IObit Advance System Care at IObit Smart Defrag were detected as have a malware trojan. (win32.delf). I format my PC to solve the problem. I can’t uninstall IOBIT software because the uninstall.exe also affected by false positive of avast. suddenly all of the softwares in my PC are detected as malware (even is not a real malware). thus thank avast for apologize to all. we still konow that avast is still the best

  11. popo
    December 9th, 2009 at 11:55 | #11

    I amnot speak english but i have a qestion persian:یکwormدرکامپیوتر من امده که حذف نمی شود چکارکنم؟pleaseپاسخ دهید بهpersian

  12. Roldan
    December 9th, 2009 at 11:57 | #12

    The Microsoft Security Essentials is a large threat to avast!!!! because of very fast scan.

  13. Roldan
    December 9th, 2009 at 12:00 | #13

    Can avast release an critical fix update for repairing their false update??? to the computers?

  14. bob
    December 9th, 2009 at 16:04 | #14

    accidents happen and you got to thank them for admitting it and beeing honest about it. Theres alot of antiviruses even paid ones that wont even do that. Avast didnt have to appologize and didnt even have to admit it, theres a chance you wouldnt even know, it didnt cause me any problems btw, and most it wont. That just gave me more trust and respect for avast for what they just done here. Think before you speak and disrespect a awesome A.V. Program, This make me consider actually buying the paid version for what was done here and avast deservers every bit of it. And Roldan if your worried about a fast scan in a A.V. other than it beeing good thats sad. Comment about microsoft, This is on windows 7 64 bit and it involved there malware software tool, i had to accept or decline to install it why, well after i read it alot of garbage to hide it good try, that is could mess up windows and cause data loss etc and there not responsible for any data loss, ill put it that way.

  15. Roger
    December 9th, 2009 at 17:01 | #15

    Thank you for the apology. The false positives were taken for real. Just deleting the “viruses,” instead of placing them in the chest, resulted in several key programs not working. Going to one of those programs to download and reinstall the program, they had a post about the false positives. Thus I reloaded my hard drive from a mirrored copy. At work, our most critical computer program quit working. Our engineer called in a highly paid software expert to fix it. He determined it was Avast!, deleted your Professional Edition and installed another virus protection program.

    While it was my decision to place Avast! Professional Edition on all of our computers at work, this incidence left me thinking that I should evaluate other antivirus programs so that when our multiple license subscription run out, we could switch. However, based on the CEO’s admission of human error by not testing the update before releasing it, his apology, and plan to implement new procedures to prevent this from happening again, I will not look for an alternative to Avast! Today we are deleting the other antivirus program at work and going back to the Avast! Professional Edition.

    I admire your CEO for openly admitting responsibility for the mistake of his staff, giving an apology, and developing a plan of action to prevent a repeat of the same error.

    Roger

  16. gizbar
    December 9th, 2009 at 17:03 | #16

    @daz

    You said that the computer would not boot from a CD. I’m trying to tell you that if you want to boot from a CD/DVD then that would not be a problem with a virus as it would load from the CD/DVD before ever going into windows.

    I suggest you try running the system file checker. This will compare your system with the windows cd and replace/update faulty or corrupt files with known good versions from the cd or the repository on the hard disk that is there as part of windows self-protection.

    Put windows disk in cd drive. Click start and go to ‘run’. Type sfc /scannow and allow it to run to it’s conclusion.

    If it finds many files to replace, then you may need to run windows update after this as it may replace files with older versions that have been updated to newer versions.

    regards, Gizbar.

  17. Ed
    December 9th, 2009 at 17:19 | #17

    I guess it depends on whether the update caused each one of you a problem or not. It is indeed good of companies to admit mistakes and to openly try to improve faulty procedures. If caught online during the update (after all it was only available for a couple of hours during the midnight hours of the USA) then the damage was huge.

    As a precaution, I instructed the program to move all suspected files to the Virus Chest, but the sheer volume made me think something else was wrong. Desperate users writing in blogs alerted me to the culprit (not the company) and once a new update was given out it has been impossible to RESTORE the removed files from the Virus Chest as designed. Most files give errors when you attempt to undo the damage.

    Ultimately, I needed to reinstall about 25 programs for them to work properly. And some could never be retrieved in their original state (no longer available, different versions published, etc.)

    In this particular case, the prevention mechanism (the antivirus software) was much worse than the potential illness. Indeed, it is now a trust issue. And it has been shaken big time.

  18. December 9th, 2009 at 19:49 | #18

    Have had avast free edition for almost a year and a few days ago my router icon failed to turn blue indicating not connected to the internet but I am. It will not allow me to load windows mail however (but it does in safe mode) After reading the problems with the Avast update which is around the time I detected these problems I uninstalled Avast and purchased Avast4 Profeesional version 091209-0 which has been downloaded although the problem has not disappeared.On access scanner is only running 5 of the 8 providers and one of these that is not running is Internet Mail version 4.8.1368 and it is showing a message “The provider is waiting for a sub system to start”. I believe that the corrupt update has probably left some corrupt information on my hard drive which I cannot detect.Can someone help overcome these problems please

  19. Treva
    December 10th, 2009 at 00:56 | #19

    Does this bad update have anything to do with the error messages I am receive whenever I select to ‘Program update?’ Error indicates “Last encountered error: Other HTTP error (307), while trying 74.86.125.44:80//iavs4x/servers.def”

  20. Phil
    December 10th, 2009 at 01:04 | #20

    Detection messages went strange last week.
    After sending 2 or 3 warnings to the Virus Chest, I disabled Avast.
    Later, a System Restore was run and most returned back to normal.
    What seperates professionals from the rest is the abilty to admit a problem and rapidly fix it.
    I commend you on your professionalism.
    Job well done.
    Cheers

  21. Trevor
    December 10th, 2009 at 01:24 | #21

    Thank You Avast for how many days counting…7 DAYS of PURE HELL SO FAR (WEDNEDAY TO WEDNESDAY.

    After the supposed False positives on Dec 2

    1. Trojans took over Avast, disabled Avast, and blocked any other antivirus from being installed. It also Disable the firewall and infected it.

    2. Block me from accessing my Windows login account – all I saw was the screensaver

    3. It keeps replicating itself on all the new Windows account I tried to create

    4. I had to do a system restore, but its still on this new profile I’m typing on. it keeps installing mrt.exe on a spare drive and hogging memory

    5. None of the rootkits, OR trojan skanner can detect it

    6. all of this when I HAVE EXAMS TO STUDY FOR

    7. AT THIS POINT I HAVE WELL AND PAID FOR YOUR FREE PRODUCT 20 TIMES OVER…and I’m demanding that money back!!!

  22. Nate
    December 10th, 2009 at 03:31 | #22

    I had severe problems and uninstalled AVAST. I had just purchased the software and it locked my machine and made other updates impossible. No excuses. The release caused the problems.

  23. Chris Herle
    December 10th, 2009 at 08:31 | #23

    The “update” has caused severe problems for my computer. Upon seeing the virus warning coming up so many times – I believed my computer was under a major attack. Once the vault was full – it was recommended that I delete entire programs to rid the virus – which of course I followed. It is totally disheartening to know that each of the now deleted programs was a “false” positive that can not be undone. I have programs that won’t uninstall or install after the Avast “update” virus. The cost of the programs lost far outweighs the cost of the Avast antivirus program. Up to this point, I was satisfied with the program working properly. Now, I really don’t know when a virus pops up what it might be – “trust me”.

  24. Chokaho
    December 10th, 2009 at 10:01 | #24

    I own a small computer shop in a small town. We had been using and suggesting AVG to customers for years. Early spring of this year I noticed several systems coming into the shop with AVG installed that had various windows problems. Turned out AVG was detecting false +s and most people were deleting the files. I started searching for a replacement for AVG and after testing several AV programs I found that Avast was great. I used it on my system for about 4 months before suggesting that my friends and family switch to it. Turns out many of them uninstalled AVG rebooted then install Avast and before Avast even had a chance to update it started finding real viruses AVG never detected. I use to swear by Norton’s but then had AVG(free) remove viruses that $60 Norton didn’t even detect. Maybe a paid for AV might not be as likely to have false +s but then they dont detect viruses that free AVs do. Your either protected or your not. We are sticking with Avast.

  25. Petr Bucek
    December 10th, 2009 at 10:35 | #25

    @Treva
    Hello Treva. No, this error is not connected with the false positive issue. If you have somne doubts about the program or you need technical help, submit a ticket from our support portal on web page http://support.avast.com/

    In this case please check, if a firewall is not blocking the communication.
    You should also adjust your connection in avast settings – Update (connection) – Proxy , choose Direct connection. This applies for ADSL. There is also possibility to do a test. If setting of connection does not appear, change value in avast4\setup\setup.ini file according to:
    [Common]
    NetAcc=0

  26. December 10th, 2009 at 12:15 | #26

    @Treva
    No, nothing to do with this issue. HTTP error (307) is just temporary status connected with server maintenance.

  27. December 10th, 2009 at 15:35 | #27

    @Trevor
    we are adding new virus samples every day, but we may still miss some malware. So if you have something avast is missing, please send the file(s) to virus@avast.com for analyses. Ideal way how to send such files is to ZIP them with the password ‘virus’.

  28. December 10th, 2009 at 15:44 | #28

    @Colin
    you are getting avast Internet Mail – “The provider is waiting for a sub system to start”, because Windows mail is not running. It looks that your Windows OS is not complete or fully working, please boot from your Windows CD and click repair Windows installation there to fix the issue.

  29. Renee
    December 11th, 2009 at 05:44 | #29

    Thanks for getting out an update and notices to correct the issue so fast! We only had 4 non-critical program executables deleted before we stopped to search the web for clues. We knew there was no way our system could have been infected as badly as was picked up.

    You’re still my AV program! I LOVE the twice daily updates. So far, you guys have been tops!

    The only other AV company I’ve encountered good rapport with was F-Secure. The guys over there personally saved my system about a year ago from one of those super hidden trojans that took over my desktop.

  30. dooste popo
    December 16th, 2009 at 14:38 | #30

    @popo

    ha ha ha ha , Popo be man ba yahoo messenger PM kon be in ID bego ke popo hasty man begam chi kar koni. brisk_mind hatman bego popo hasty az site avast

  31. need advice
    December 17th, 2009 at 22:14 | #31

    We used avast on our computer last night. Now it locked up. I began searching for more information about avast. Found information that there is a serious problem with avast. Is this still as of last night?

  32. San
    December 18th, 2009 at 00:39 | #32

    Apologie is very nice, but if you made a mistake, please try to correct it. I’m the Proffesinnel version user(actually i was, cus is no more working), & have no more resident protection. So, i’m connected to the web without any protection(exept Windows firewall). For shure my system will be destroyed in few days& than two days of full reinstallation, & purchase another antivir from the city(130 km), etc… What a HELL & waist of time(and money). THANK YOU GUYS, GREAT JOB. I think is time to go far away from the hell of Windows(& Avast, Norton etc..), for shure less suffering with MacOS or the others.

  33. December 18th, 2009 at 14:26 | #33

    @need advice
    Nothing unusual happened last night, so it has nothing to do with update issue mentioned here. To help you, please provide us (support@avast.com) with details about the PC(s) having the problem with avast:

    What operating system are you using? (e.g. Windows 2000 Server…) Any Service Pack (e.g. SP2)
    What version of avast! are you using? (e.g. 4.1.319 – you can find this information in “About avast!…” dialog)
    What version of VPS file are you using? (e.g. 0312-4, 06/01/2003 – you can find this information in “About avast!…” dialog)
    What is the basic hardware configuration? (e.g. Intel Pentium III 800 MHz, 128 MB RAM)
    How do you connect to Internet? (e.g. dial-up, using proxy server, using firewall…)
    What is your e-mail client? (e.g. Outlook, Outlook Express, IncrediMail…)
    Do you use some other security software? Which one? (e.g. Norton Antivirus…)
    What are the steps to reproduce the bug again?
    Do appear some error messages? Which ones? Please send screen-shot if possible.

  34. December 18th, 2009 at 15:18 | #34

    @San

    please, try to reinstall avast! program:
    1. Uninstall the current version
    (Use Add/Remove Programs from Control Panels)
    2. Restart PC
    3. Delete ALWIL Software folder from Program Files
    4. Download the latest version of avast program
    from: http://www.avast.com/eng/programs.html
    5. Install the new version.
    6. Restart PC

    Before installing avast:
    Please ensure that no other antivirus is installed, empty all your
    TEMP folders, run Windows scandisk. Also the latest Windows service
    packs and hotfixes are recommended.

    If still having issues, please contact support@avast.com

  35. ajay
    December 22nd, 2009 at 07:52 | #35

    avast

  36. ajay
    December 22nd, 2009 at 07:55 | #36

    avast for windows7 ultimate

  37. E.W.
    December 31st, 2009 at 05:00 | #37

    I have now got 6 programs in my chest infected with win32:Trojan-gen and I wonder is this a false positive? also what should I do next with the programs in my chest? delete? restore? I dunno what to do with them. 4 of them are windows\system32 and 2 are AppData\local\temp.

Comment pages
1 2 3 720
Comments are closed.