Apologies for Bad Definition Update
You may have heard that we released a virus database update early Thursday morning (or Wednesday night depending on the time zone). We are deeply sorry for releasing this update and the trouble it caused you. Of the users that received the update, most encountered no problems, some encountered minor issues, and some had significant problems.
I apologize to each and every one of you—I realize that security is fundamentally about trust and you have to trust your security provider. We made a mistake here and it won’t happen again.
We have highly automated systems and processes for testing and releasing virus updates. Updates are thoroughly tested before being released. But the process failed due to a “human failure”. This was an example of the old proverb “the road to hell is paved with good intentions”. Some engineers thought they were doing the right thing by sending out an out-of-cycle update to fix a problem. Unfortunately, they circumvented the automated systems and ended up sending out the wrong update—one that had not yet been tested.
There are detailed explanations of this issue and how to fix it on our support forum (http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=377). And our CTO has authored a detailed explanation of how this happened (http://forum.avast.com/index.php?topic=51783). In the next few days I will write another blog entry about how we are changing our processes to ensure this problem does not ever occur again.
In the meanwhile, please accept mine (and the company’s) apologies for the troubles we have caused you. We won’t let it ever happen again.
I’m sure that this is done by someone who don’t want avast to reach 100M users … stop trying to cover it and tell the truth ….
@daypet1
This my answer was on your email from December 02, 2009 10:00 AM Subject: Probable false positive “MX97:CVE-2009-3127 [Expl]“
huh!? people sometimes turned out to be dumb..
mistakes happen! why would you untrust avast for that?
after it saves you from viruses and malwares for free? you dont appreciate it?
they are doing their best just to help us.. then for only one mistake avast will be untrusted? then transfer to avg? really stupid.. what if avg makes a mistake?
you will transfer to avira? and if avira makes a mistake you’ll transfer to norton? and if norton makes a mistake you will try everything else and will only end up throwing your computer to the trash can? common sense please
Thank you for all your comments. daypet – your problem had nothing to do with a huge issue that is commented in this post. Vlada Cernik, our virus guru, replied to you and owned up the problem. It has been solved as soon as possible. We are indeed very sorry for what happened in VPS 091302-0 (the number is different from yours of Wednesday 02-12-09) . Also, there is no covering scenario. It was a disaster that happened and I hope that will not happen anymore.
don’t be sorry everyone is making a mistakes
as for me i don’t care if it happend again cus i love ya
and cus the mistake is a humanity natere
but don’t promise as that it won’t happend again…cus you can’t give a Thirsty
by
@daz
sorry but in case that even Windows CD is not working there is not much left to try. Let’s pretend that CD-drive is working then please get any bootable CD and use it at least for your data backup, you can of course use our avast! BART CD http://www.avast.com/eng/download-avast-bart-cd.html for it. Later get the working CD with Windows OS and install the new OS on your PC.
We are corporate customers and therefor not free !
We have been using Avast for two years, and we had found 3 FPs, the problems is that two of them, had a very negative impact in our company, as “daypet1″ said, we are corporate users, expecting good support and a good product for the enterprise (as a home product I have no negative comments), some days ago, I sent a email to Daniel López (Prague) and Christian Cantoro (USA), with some key point to improve, I just received apologies, nothing about to solve the points in my email…
Best Regards!
Sergio Ariza.
1. Thank you for owning up.
2. Thank you for fixing the problem.
3. Thank you for being awesome.
You are forgiven… Avast! still rulez!
All the software of the IObit Security 360, IObit Advance System Care at IObit Smart Defrag were detected as have a malware trojan. (win32.delf). I format my PC to solve the problem. I can’t uninstall IOBIT software because the uninstall.exe also affected by false positive of avast. suddenly all of the softwares in my PC are detected as malware (even is not a real malware). thus thank avast for apologize to all. we still konow that avast is still the best
I amnot speak english but i have a qestion persian:یکwormدرکامپیوتر من امده که حذف نمی شود چکارکنم؟pleaseپاسخ دهید بهpersian
The Microsoft Security Essentials is a large threat to avast!!!! because of very fast scan.
Can avast release an critical fix update for repairing their false update??? to the computers?
accidents happen and you got to thank them for admitting it and beeing honest about it. Theres alot of antiviruses even paid ones that wont even do that. Avast didnt have to appologize and didnt even have to admit it, theres a chance you wouldnt even know, it didnt cause me any problems btw, and most it wont. That just gave me more trust and respect for avast for what they just done here. Think before you speak and disrespect a awesome A.V. Program, This make me consider actually buying the paid version for what was done here and avast deservers every bit of it. And Roldan if your worried about a fast scan in a A.V. other than it beeing good thats sad. Comment about microsoft, This is on windows 7 64 bit and it involved there malware software tool, i had to accept or decline to install it why, well after i read it alot of garbage to hide it good try, that is could mess up windows and cause data loss etc and there not responsible for any data loss, ill put it that way.
Thank you for the apology. The false positives were taken for real. Just deleting the “viruses,” instead of placing them in the chest, resulted in several key programs not working. Going to one of those programs to download and reinstall the program, they had a post about the false positives. Thus I reloaded my hard drive from a mirrored copy. At work, our most critical computer program quit working. Our engineer called in a highly paid software expert to fix it. He determined it was Avast!, deleted your Professional Edition and installed another virus protection program.
While it was my decision to place Avast! Professional Edition on all of our computers at work, this incidence left me thinking that I should evaluate other antivirus programs so that when our multiple license subscription run out, we could switch. However, based on the CEO’s admission of human error by not testing the update before releasing it, his apology, and plan to implement new procedures to prevent this from happening again, I will not look for an alternative to Avast! Today we are deleting the other antivirus program at work and going back to the Avast! Professional Edition.
I admire your CEO for openly admitting responsibility for the mistake of his staff, giving an apology, and developing a plan of action to prevent a repeat of the same error.
Roger
@daz
You said that the computer would not boot from a CD. I’m trying to tell you that if you want to boot from a CD/DVD then that would not be a problem with a virus as it would load from the CD/DVD before ever going into windows.
I suggest you try running the system file checker. This will compare your system with the windows cd and replace/update faulty or corrupt files with known good versions from the cd or the repository on the hard disk that is there as part of windows self-protection.
Put windows disk in cd drive. Click start and go to ‘run’. Type sfc /scannow and allow it to run to it’s conclusion.
If it finds many files to replace, then you may need to run windows update after this as it may replace files with older versions that have been updated to newer versions.
regards, Gizbar.
I guess it depends on whether the update caused each one of you a problem or not. It is indeed good of companies to admit mistakes and to openly try to improve faulty procedures. If caught online during the update (after all it was only available for a couple of hours during the midnight hours of the USA) then the damage was huge.
As a precaution, I instructed the program to move all suspected files to the Virus Chest, but the sheer volume made me think something else was wrong. Desperate users writing in blogs alerted me to the culprit (not the company) and once a new update was given out it has been impossible to RESTORE the removed files from the Virus Chest as designed. Most files give errors when you attempt to undo the damage.
Ultimately, I needed to reinstall about 25 programs for them to work properly. And some could never be retrieved in their original state (no longer available, different versions published, etc.)
In this particular case, the prevention mechanism (the antivirus software) was much worse than the potential illness. Indeed, it is now a trust issue. And it has been shaken big time.
Have had avast free edition for almost a year and a few days ago my router icon failed to turn blue indicating not connected to the internet but I am. It will not allow me to load windows mail however (but it does in safe mode) After reading the problems with the Avast update which is around the time I detected these problems I uninstalled Avast and purchased Avast4 Profeesional version 091209-0 which has been downloaded although the problem has not disappeared.On access scanner is only running 5 of the 8 providers and one of these that is not running is Internet Mail version 4.8.1368 and it is showing a message “The provider is waiting for a sub system to start”. I believe that the corrupt update has probably left some corrupt information on my hard drive which I cannot detect.Can someone help overcome these problems please
Does this bad update have anything to do with the error messages I am receive whenever I select to ‘Program update?’ Error indicates “Last encountered error: Other HTTP error (307), while trying 74.86.125.44:80//iavs4x/servers.def”
Detection messages went strange last week.
After sending 2 or 3 warnings to the Virus Chest, I disabled Avast.
Later, a System Restore was run and most returned back to normal.
What seperates professionals from the rest is the abilty to admit a problem and rapidly fix it.
I commend you on your professionalism.
Job well done.
Cheers
Thank You Avast for how many days counting…7 DAYS of PURE HELL SO FAR (WEDNEDAY TO WEDNESDAY.
After the supposed False positives on Dec 2
1. Trojans took over Avast, disabled Avast, and blocked any other antivirus from being installed. It also Disable the firewall and infected it.
2. Block me from accessing my Windows login account – all I saw was the screensaver
3. It keeps replicating itself on all the new Windows account I tried to create
4. I had to do a system restore, but its still on this new profile I’m typing on. it keeps installing mrt.exe on a spare drive and hogging memory
5. None of the rootkits, OR trojan skanner can detect it
6. all of this when I HAVE EXAMS TO STUDY FOR
7. AT THIS POINT I HAVE WELL AND PAID FOR YOUR FREE PRODUCT 20 TIMES OVER…and I’m demanding that money back!!!
I had severe problems and uninstalled AVAST. I had just purchased the software and it locked my machine and made other updates impossible. No excuses. The release caused the problems.
The “update” has caused severe problems for my computer. Upon seeing the virus warning coming up so many times – I believed my computer was under a major attack. Once the vault was full – it was recommended that I delete entire programs to rid the virus – which of course I followed. It is totally disheartening to know that each of the now deleted programs was a “false” positive that can not be undone. I have programs that won’t uninstall or install after the Avast “update” virus. The cost of the programs lost far outweighs the cost of the Avast antivirus program. Up to this point, I was satisfied with the program working properly. Now, I really don’t know when a virus pops up what it might be – “trust me”.
I own a small computer shop in a small town. We had been using and suggesting AVG to customers for years. Early spring of this year I noticed several systems coming into the shop with AVG installed that had various windows problems. Turned out AVG was detecting false +s and most people were deleting the files. I started searching for a replacement for AVG and after testing several AV programs I found that Avast was great. I used it on my system for about 4 months before suggesting that my friends and family switch to it. Turns out many of them uninstalled AVG rebooted then install Avast and before Avast even had a chance to update it started finding real viruses AVG never detected. I use to swear by Norton’s but then had AVG(free) remove viruses that $60 Norton didn’t even detect. Maybe a paid for AV might not be as likely to have false +s but then they dont detect viruses that free AVs do. Your either protected or your not. We are sticking with Avast.
@Treva
Hello Treva. No, this error is not connected with the false positive issue. If you have somne doubts about the program or you need technical help, submit a ticket from our support portal on web page http://support.avast.com/
In this case please check, if a firewall is not blocking the communication.
You should also adjust your connection in avast settings – Update (connection) – Proxy , choose Direct connection. This applies for ADSL. There is also possibility to do a test. If setting of connection does not appear, change value in avast4\setup\setup.ini file according to:
[Common]
NetAcc=0
@Treva
No, nothing to do with this issue. HTTP error (307) is just temporary status connected with server maintenance.
@Trevor
we are adding new virus samples every day, but we may still miss some malware. So if you have something avast is missing, please send the file(s) to virus@avast.com for analyses. Ideal way how to send such files is to ZIP them with the password ‘virus’.
@Colin
you are getting avast Internet Mail – “The provider is waiting for a sub system to start”, because Windows mail is not running. It looks that your Windows OS is not complete or fully working, please boot from your Windows CD and click repair Windows installation there to fix the issue.
Thanks for getting out an update and notices to correct the issue so fast! We only had 4 non-critical program executables deleted before we stopped to search the web for clues. We knew there was no way our system could have been infected as badly as was picked up.
You’re still my AV program! I LOVE the twice daily updates. So far, you guys have been tops!
The only other AV company I’ve encountered good rapport with was F-Secure. The guys over there personally saved my system about a year ago from one of those super hidden trojans that took over my desktop.
@popo
ha ha ha ha , Popo be man ba yahoo messenger PM kon be in ID bego ke popo hasty man begam chi kar koni. brisk_mind hatman bego popo hasty az site avast
We used avast on our computer last night. Now it locked up. I began searching for more information about avast. Found information that there is a serious problem with avast. Is this still as of last night?
Apologie is very nice, but if you made a mistake, please try to correct it. I’m the Proffesinnel version user(actually i was, cus is no more working), & have no more resident protection. So, i’m connected to the web without any protection(exept Windows firewall). For shure my system will be destroyed in few days& than two days of full reinstallation, & purchase another antivir from the city(130 km), etc… What a HELL & waist of time(and money). THANK YOU GUYS, GREAT JOB. I think is time to go far away from the hell of Windows(& Avast, Norton etc..), for shure less suffering with MacOS or the others.
@need advice
Nothing unusual happened last night, so it has nothing to do with update issue mentioned here. To help you, please provide us (support@avast.com) with details about the PC(s) having the problem with avast:
What operating system are you using? (e.g. Windows 2000 Server…) Any Service Pack (e.g. SP2)
What version of avast! are you using? (e.g. 4.1.319 – you can find this information in “About avast!…” dialog)
What version of VPS file are you using? (e.g. 0312-4, 06/01/2003 – you can find this information in “About avast!…” dialog)
What is the basic hardware configuration? (e.g. Intel Pentium III 800 MHz, 128 MB RAM)
How do you connect to Internet? (e.g. dial-up, using proxy server, using firewall…)
What is your e-mail client? (e.g. Outlook, Outlook Express, IncrediMail…)
Do you use some other security software? Which one? (e.g. Norton Antivirus…)
What are the steps to reproduce the bug again?
Do appear some error messages? Which ones? Please send screen-shot if possible.
@San
please, try to reinstall avast! program:
1. Uninstall the current version
(Use Add/Remove Programs from Control Panels)
2. Restart PC
3. Delete ALWIL Software folder from Program Files
4. Download the latest version of avast program
from: http://www.avast.com/eng/programs.html
5. Install the new version.
6. Restart PC
Before installing avast:
Please ensure that no other antivirus is installed, empty all your
TEMP folders, run Windows scandisk. Also the latest Windows service
packs and hotfixes are recommended.
If still having issues, please contact support@avast.com
avast
avast for windows7 ultimate
I have now got 6 programs in my chest infected with win32:Trojan-gen and I wonder is this a false positive? also what should I do next with the programs in my chest? delete? restore? I dunno what to do with them. 4 of them are windows\system32 and 2 are AppData\local\temp.