Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

December 4th, 2009

Apologies for Bad Definition Update

You may have heard that we released a virus database update early Thursday morning (or Wednesday night depending on the time zone). We are deeply sorry for releasing this update and the trouble it caused you. Of the users that received the update, most encountered no problems, some encountered minor issues, and some had significant problems.

I apologize to each and every one of you—I realize that security is fundamentally about trust and you have to trust your security provider. We made a mistake here and it won’t happen again.

We have highly automated systems and processes for testing and releasing virus updates. Updates are thoroughly tested before being released. But the process failed due to a “human failure”. This was an example of the old proverb “the road to hell is paved with good intentions”. Some engineers thought they were doing the right thing by sending out an out-of-cycle update to fix a problem. Unfortunately, they circumvented the automated systems and ended up sending out the wrong update—one that had not yet been tested.

There are detailed explanations of this issue and how to fix it on our support forum (http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=377). And our CTO has authored a detailed explanation of how this happened (http://forum.avast.com/index.php?topic=51783). In the next few days I will write another blog entry about how we are changing our processes to ensure this problem does not ever occur again.

In the meanwhile, please accept mine (and the company’s) apologies for the troubles we have caused you. We won’t let it ever happen again.

Categories: CEO's corner Tags:
  1. December 5th, 2009 at 22:39 | #1

    icemel :
    @Liam
    I agree. 1 signature file a day is more than enough.
    Same with software versions. Once a year is good enough.

    No, no. Best AV update many times in 1 day.

  2. sam
    December 5th, 2009 at 22:53 | #2

    I knew that Avast is screwed up when at first time it showed my reliable program to be infected by virus. I clicked no action and submitted false positive report. People need to learn a little bit technology rather than simply being gullible followers.

  3. December 5th, 2009 at 23:13 | #3

    This sure is a welcome message. At least now people will understand what happened. A trusting relationship is a two way street. If an incident occurred, the reason must be explained. And this step is truly remarkable. Other security companies will not do this. Yet, for Avast taking this brave step, it is worth staying with you guys. I still recommend Avast to friends despite of what happened. Personally, you guys do a very good job of protecting us, home users for free. And that in itself is worth its weight in gold. :)

  4. avastusr
    December 6th, 2009 at 00:01 | #4

    @sam
    sam, with all due respect, what crap. you sound somewhat smug. all drivers of cars are not presumed to be responsible for every aspect of maintenance and repair. most people use mechanics for that. and the mechanics are pleased to fill this niche. win-win. now if my mechanic caused my car to detach its engine with a loss of all manoeuvrability, braking and overall driveability, i think i’d be a bit pissed off. the contents of the car would be in some danger. and then what if the mechanic didn’t fix the problem for you, and the clutch or brake pedals became inoperable every time you tried to use them.

    without labouring the analogy even more heavily, don’t be such a self-congratulatory, self-centred pain in the arse.

    on another note, i find it hard to believe something like this could happen by accident. i smell a big fat ugly rat in the possible shape of a disgruntled employee.

  5. texastig
    December 6th, 2009 at 00:22 | #5

    Don’t you guys try your updates on regular computers before sending them out?

  6. December 6th, 2009 at 00:33 | #6

    texastig :
    Don’t you guys try your updates on regular computers before sending them out?

    “We have highly automated systems and processes for testing and releasing virus updates.”

  7. texastig
    December 6th, 2009 at 01:10 | #7

    Do you all test your updates for a few days before sending them out?
    Will you all pay for the reinstall of my OS. Avast marked and deleted files because of it’s false postives.
    What a pain!!!
    I was hoping to have a uneventful weekend and now I have reinstall windows.

  8. NAMOR
    December 6th, 2009 at 01:39 | #8

    Please people do regular backups, it will save you a lot of headache if you have another software error or hardware failure.

  9. Luiz Rakkan
    December 6th, 2009 at 02:08 | #9

    I will accept this apologize because I use the Avast software for years and the explanation of the issue was enough to me. What I really sorrow is the time it took to release another update and at the time the lack of any reply in the forums, causing many common users to worry or delete important pieces of code until realize that it was a false positive. I will reinstall the Avast, I’m sure all of us learned with what happened.

  10. justbill1931
    December 6th, 2009 at 03:50 | #10

    avastusr, I think I’m gonna have to agree with sam. To borrow your analogy, I think that even though you have a mechanic to fix your vehicle for major problems, you still should know, as every driver on the road should know, how to check the oil, top off the fluids, check tire pressures and the like. Same goes with your computer. You should be able to do basic computer maintenance like defrag, check disc and back ups. Many people know so little about their machine, they don’t even know there’s a problem until it dies. Getting back to the original point of this thread though, I think it is awesome that a company not only admitted error, but took responsibility for it. It is very refreshing to find a company that doesn’t throw some low level schmuck under the bus every time there’s an screw up. This shows corporate responsibility and earns my continued respect and business, now and in the future.

  11. Marli Wakeling
    December 6th, 2009 at 03:57 | #11

    It is not that I spent the night trying to undo the mess on 2 computers unsuccessfully. It is that nothing was on the site to tell clients about the issue until far after the damage occurred. I only found out that it was a false positive when I visited the site to try to find out the name of the “Trojan”, before delivering my computer to a costly computer technician service. Those of us on the west coast of North America were caught as we logged on to our computers after work. Over 400 files were affected on my computer. It has taken hours and hours of time to correct everything. As someone else commented, perhaps an email alert or at least a large headline on the Avast homepage might have minimized the hassle and stress. I have used Avast for years; it is not the product I am annoyed with, it is the management’s delay in announcing the issue, and the twit they allowed to distribute the rubbish file.

  12. JJ Stone
    December 6th, 2009 at 10:03 | #12

    Avast has owned up. At the time it happened I was thinking that this could of been Avast’s Armageddon but as far as I could tell they sent out another definition within three hours. Avast did not quarantine or delete anything without your input. Please stop and think before you make your choice. And for your own sake, keep a backup somewhere…. be smart and save yourself some grief. Avast is a wonderful product but human error happens. Avast had a human error and then you made a human error instead of thinking and having a backup.

  13. Naseer
    December 6th, 2009 at 13:12 | #13

    Mistakes happen. The best thing is to accept that it happened. That is the first step towards correction. Also it shows the truthfulness and sincerety.

    I have been a user of Avast and I was a fan of it, as I used to refer it to others. Atleast I ranked it higher than Nod32 and Symantec. I still think that Avast can / would make up and win back its place.

    My advice to the engineers / developers, “Don’t be disheartened and don’t give up the good work”. The slips just form a test. By admitting the mistake, you have won the trust back, even if the performance makes up a bit later.

  14. Abhilash
    December 6th, 2009 at 13:57 | #14

    Guys,

    Lets be fair with the Alwil team. False Alarms often occurs when fighting out vulnerabilities. I too lost TuneUp functionality with this update but, I can install it once again. I appreciate the efforts of Avast team for this wonderful software and especially the idea of giving this free for home users. Moreover be happy that you have a reliable Antivirus which updates quite often that too free of cost :) )

    Mistakes do happen but the greatness is when one admits it!! Hope to see no more false alarms..

  15. P. Taylor
    December 6th, 2009 at 15:50 | #15

    I had over 50 so called false positives and the only thing that could be done in safe mode or any mode was delete. It wouldn’t allow quarintine to chest to date pc not fixed. operating on a borrowed pc.

    It destroyed my windows would not allow anythung to work and had to take to a computer professional and remove and reinstall windows. Lost everything. Sadly, Am going back to Avg.

  16. December 6th, 2009 at 16:47 | #16

    @P. Taylor
    Hi. Common sense survive far. If the virus comes suddenly, so should not remove, at least, but quarantine will take. There is then easy to restore. I hope you change your mind and you download the Avast, it is better than AVG and ylläkin as mentioned, will not longer be responsible for the event.

  17. AL.
    December 6th, 2009 at 17:09 | #17

    Totally ruined 14 computers at my place work :( …don’t know if AVAST is trusted anymore…

  18. KarlP
    December 6th, 2009 at 18:15 | #18

    Yeah, the damage done was too extensive for me to take another chance. I’ve already switched to another AV program. I’m tech support for a bunch of people and this event cause a bunch of grief for me…

  19. Mike
    December 6th, 2009 at 22:10 | #19

    We all make mistakes right??This was just a human mistake,the only one I’ve seen in 3 years of using avast!.Don’t think you should switch,they should be more careful than ever from now on.

  20. December 6th, 2009 at 22:34 | #20

    @P. Taylor
    Hello P. Taylor. I am very sorry for the trouble. If you still have the machine, our support staff can help you get it restored. Just send an email to support@avast.com

  21. RakingLeaves
    December 6th, 2009 at 23:05 | #21

    Abhilash states, “Mistakes do happen but the greatness is when one admits it!!”

    You call it greatness, but I say, what choice did Alwil have but to admit it? Pretty hard to blame someone else for what happened… Hey, the cat walked across the keyboard and all of a sudden the bad defs got sent out! ;)

  22. Anne
    December 7th, 2009 at 01:20 | #22

    NOrtons cost me a fortune and weeks of work a couple of years ago – they were not contactable or helpful AND I had to pay for that privledge! Avast is still the best AV AND they support the average person by supplying it free!! I think management handled the ‘balls up’ well, so Im staying put! Well done AVAST.

  23. Vivi
    December 7th, 2009 at 04:38 | #23

    It destroyed my windows would not allow anythung to work and had to take to a computer professional and remove and reinstall windows. Lost everything. Sadly, Am going back to another AV program.

    Yeah, the damage done was too extensive for me to take another chance. I’ve already switched to another AV program. I’m tech support for a bunch of people and this event cause a bunch of grief for me…

  24. December 7th, 2009 at 09:08 | #24

    Rolled the system back but still had to re-install two programs.

    Had to uninstall Avast to complete the fixes.

    A blessing in disguise, perhaps.

    Installed Avira that found two viruses that two other anti-viral engines missed.

  25. nath
    December 7th, 2009 at 14:29 | #25

    It is a big mistake by avast, but human errors are bound to happen and the fact that they sent a quick fix by prompt update shows a sensitive and responsive company. One error even if it has hurt our computer is acceptable. When avast detected some viruses i advised my friend not to react and cross check before deleting files etc.I still remain an Avast user.

  26. erica
    December 7th, 2009 at 16:07 | #26

    I powered up my machine on return from a trip abroad — where I had once used an unsecure WiFi point. Avast installed its update and started fingering various components as trojans.

    That was scary as it was possible the machine had been compromised. I did not panic….Other software on the machine was not reporting problems: PC Tools firewall and Threatfire.

    I decide it was false alarms and awaited developments, though with some trepidation.

    Mistakes happen; it’s software, and was soon mended.

  27. Eugene Garber
    December 7th, 2009 at 17:21 | #27

    Does this have anything to do with the virus alert I just got? Infected file is(C:\ProgramFiles(x86)\CommonFiles\supportsoft\bin\avmanagerunified.dll\[UPX]. None of the action options works.

  28. Outcast
    December 7th, 2009 at 17:36 | #28

    Is this anything to do with Win32Nuqel.E that infected my daughters avast protected system yesterday? More to the point, Why didn’t Avast trap it in the first place ?

    BBL, reinstalling

  29. Pavel
    December 7th, 2009 at 17:46 | #29

    @Eugene Garber
    no, but please send the file(s) to virus@avast.com for analyses. Ideal way how to send such files is to ZIP them with the password ‘virus’ You can also check the file on http://www.virustotal.com page to see results from other AVs.

  30. Pavel
    December 7th, 2009 at 17:52 | #30

    @Outcast
    no, this is diferent story. We are adding new virus samples every day, but we may still miss some malware. So if you have something avast is missing, please send the file(s) to virus@avast.com for analyses. Ideal way how to send such files is to ZIP them with the password ‘virus’ as already mentioned here.

  31. daz
    December 7th, 2009 at 18:02 | #31

    On my Dell Precision M70 after the update it began to crash while using the computer, a blue screen would flash with something on it for 1/2 a second then it would reboot. This continued after the update that fixed the antivirus. Last night , sunday when i booted it up the antivirus updated itself and within a minute the computer crashed and finally rebooted taking 10 minutes. I came to this site to see whats up and the computer crashed again but wouldnt reboot to windows. I got to restore through the winxp cd but didnt know how to work it because it to me to a cmd line. by the time I got some info off the web on what to enter at the cmd in restore off the win xp cd, the computer wouldnt even boot to restore on the Cd. it began to state that the nvrd32.sys was missing from the cd, says the same thing if you try to boot to the hard drive. prior to that it was saying that the windows\system32\config\system was missing when I tried to boot to windows.So Avast has destroyed my computer! I cant even boot to the windows cd to try to do a restore or even reinstall winxp!

  32. daz
    December 7th, 2009 at 18:10 | #32

    I forgot to mention after the sunday update and the computer crashed and rebooted taking 10 minutes the avast on access protection was all disabled or was not running. I didnt dare try to restart it since the update appeared to crash my computer to a serious condition. also Im using a winxp pro sp2 cd.

  33. Chris P
    December 7th, 2009 at 19:21 | #33

    Maybe it’s just me… but if you stop to read the posts about people complaining – and switching to another AV – it sure seems like

    1) they probably never had Avast! installed in the first place
    2) they are abusing this forgettable mistake by posting on here about what AV they have now switched to
    3) and have led me to believe that they are probably fake posters from other companies trying to sneak in some free advertising.

  34. December 7th, 2009 at 19:55 | #34

    @Obbop
    Do you work to Avira? Avira is poor!

  35. marie
    December 7th, 2009 at 21:27 | #35

    So since the update, my computer says everything is a virus. i can’t bring up the task manager, system restore and i can’t even right click on avast. so how do i fix this without it costing me?

  36. marie
    December 7th, 2009 at 22:09 | #36

    Is there a customer service number I can call to talk to someone?

  37. John Mallows
    December 7th, 2009 at 22:19 | #37

    I seem to have avoided the problem by not accepting the green pop-up whihc indicated that an update was available. I didot have crustal ball – I just can’t tell why that might not have been a virus laden hoax. So I wait and check. Maybe Avast should always show on its website that update pop-ups are genuine. Meanwhile: am I safe to now ‘click’ it?

  38. marie
    December 7th, 2009 at 22:38 | #38

    Well I got to step 1 on how to fix it b/c nothing ever popped up after iAVS update. Any other suggestions?

  39. gizbar
    December 7th, 2009 at 22:39 | #39

    @Vivi
    How can you possibly call yourself ‘tech support to a bunch of people’ and not know how to make BACKUPS or RE-INSTALL WINDOWS by yourself? I’m glad you don’t do tech support for me!

    Why do people just ‘CLICK AND HOPE?’ A Faulty update tells you a load of files are infected? And you blindly delete those files even if you know they were good and you haven’t changed them or downloaded new versions?

    How about system restore? Backups? How about learning a little about the computer system and software before jumping on Avast?

    Mistakes happen, but it looks like some people need to wise up just a little bit.

    Thank you for your honesty, Vincent. I came to Avast a few years ago, when AVG wouldn’t even install on my new build. Avast came to the rescue, and I’ve stayed loyal ever since. I, for one, will not be changing because of a mistake.

    regards, Gizbar.

  40. Marilyn
    December 7th, 2009 at 22:40 | #40

    Wow! Am I missing something here? Two days ago avast virus alert was Win:Malware-gen File ID Avmanagerunidied.dll\program Files x(86)\common Files On computer says last change 12\17\2008 00. At first solutions offer did not work however a rescan and it recommend put in virus chest. I understand this is not the problem others were having that destroyed their computers. My question is it safe to delete this virus from the virus chest. Thanks for the answer.
    P.S. it takes lots of humility to admit to a mistake.

  41. gizbar
    December 7th, 2009 at 22:45 | #41

    @daz
    Daz, if you cannot even boot from your windows cd, then that is not a virus. That is a fault on your cd/dvd drive. A virus cannot stop your cd/dvd reading a disc before you even boot into windows. Have you even got a full windows disc? Most Dell computers come with a recovery CD, to restore the computer to a factory default.

    regards, Gizbar.

  42. Miss M
    December 7th, 2009 at 23:12 | #42

    Yes, this was a huge mistake. However, I’ve seen it happen eventually with just about every major program out there. Microsoft releases OSes, updates, and patches that crash thousands of computers, yet most of us still use Windows. Norton released a version a few years back that was so invasive it destroyed your computer if you uninstalled it — it had to be treated like it was a virus itself (to this day you often need a special utility to make sure it is completely removed so it doesn’t interfere with new security programs)! There was a version of AOL like that, and Netscape a long time ago (had to hand-edit system files for that one on Windows 3.11 — what fun!).

    I figure this will cause the people at Avast to clamp down tighter on their procedures to make sure they are not circumvented again. This should make them so careful that it would be very difficult for something like this to happen again. Microsoft has a mostly captive audience. Avast does not, and so must watch their Ps and Qs more closely.

    Did this update cause me trouble? Yes it did, even though I recognized it as a false positive. The only way I could get out of the warning windows without deleting something (quarantine didn’t work) was to disable Avast. However, that did’t stop it from disabling my firewall and my internet connection and other things on two computers. It took me a good while to get it all straightened back out. I will be repairing two computers from friends because of this update.

    Do I still trust and recommend Avast? Yes.

  43. December 8th, 2009 at 00:26 | #43

    I have been a big supporter of Avast for a long time. Since I do tech support, for alot of home customers I have recommended Avast. Now for the past few years, Avast has performed, until now. The Avast blunder has not cost me my reputation, thankfully my clients know to call me when they see such errors within software they trust.

    I remember when Symantec had created a blunder similar to this one a while back. Thats when I started looking for a more reliable A/V program. I was impressed with Avast, easy to install and maintain.

    Now since the blunder with Avast, the reports from my clients on false positives have climbed immensely.. Instead of the usual once a month, I now get several calls a day. My clients and I just do not have the time to report every false positive that we come into.

    I do not trust Avast any more and will not recommend it as a solution.

    Now the hunt begins for a A/V program that has not begun to fall apart. Even on my main system Avast detects this one application as a virus, and 7 to 8 times a day I have to tell it to ignore…

    Avast, if you guys don’t do something soon. You will lose a lot of business..

    You have lost mine, and that of my customers and friends…

  44. John
    December 8th, 2009 at 02:01 | #44

    Great work guys..

    It was not a big deal for me, when this happened, I just turn off the computer and fell sleep. On the next morning, another update fixed everything, I understand this things can happen once in a while, but the way it was fixed was excellent. Don’t worry about bad publicity, you’ll always have me, you help me trough some nasty trojans before and that weighs more than just a simple mistake.

  45. Mike
    December 8th, 2009 at 02:16 | #45

    I think it wasn’t “just a simple mistake” from their point of view.These things can do really bad to a companies reputation such as Alwil.Trust must be regained,maybe the new version of avast! will help with that.

  46. david
    December 8th, 2009 at 02:24 | #46

    well done guys for fixing the problem. appreciated. I was fortunate enought to not have any problems.

  47. December 8th, 2009 at 05:43 | #47

    Chris P :
    Maybe it’s just me… but if you stop to read the posts about people complaining – and switching to another AV – it sure seems like
    1) they probably never had Avast! installed in the first place
    2) they are abusing this forgettable mistake by posting on here about what AV they have now switched to
    3) and have led me to believe that they are probably fake posters from other companies trying to sneak in some free advertising.

    HI Chris,

    I agree with your summary,

    Some people just only criticism people’s mistaken, but doesn’t give any contribution to constructive again.

    Regards,
    Yanto Chiang

  48. greatwroth
    December 8th, 2009 at 08:58 | #48

    If I’m not mistaken, Avast doesn’t just completely delete things without at least a prompt, right? You should know your trusted files. Also, any good user keeps a spare anti-malware tool and backup firewalls just in case something bad happens, right? So how could this have caused such a big problem to users other than the highly inexperience. Luckily I didn’t experience this problem first hand so feel free to call me on it if I’m missing the true effect of this incident. Sorry if that sounded a bit harsh but I’ve gone through at least 3 computer crashes caused by pure incompetence (on my family’s behalf) mixed with some really bad malware so I’m really cautious now that I have my own laptop.

  49. daz
    December 8th, 2009 at 10:03 | #49

    I never said anything about a virus, the when the update occured my wife removed the files that the antivirus told her to. that began the crashes, i imagine the crashes damaged the system files in question. I dont have a recovery disk which would take the computer all the way back to when it was first setup. Im trying to run restore from the winxp pro cd but the system wont let me, I tried another cd from my desktop with the same results,cant load the cd to reinstall or restore. I ran the dell hardware diagnostic cd and all hardware is fine including the dvd.@gizbar

  50. daypet1
    December 8th, 2009 at 11:19 | #50

    This cock up would appear to be a direct result of a release Avast were forced to release in response to a complaint from me. From monday the 1st of December till Wednesday we were getting false positives from a bunch of Excel spreadsheets containing pivots tables. I recieved this email
    “Hello,
    thais false alarm was fixed by VPS update 091202-0
    Please update your VPS
    Regards Cernik”
    Wednesday 02-12-09 10:47 am

    This particular false positive has never been owned up to I’m afraid. So we are all being deceived..

Comment pages
Comments are closed.