Slovakian anti-virus firm Eset has confirmed that a misfiring virus definition update wrongly labelled Windows system files as infected with malware. As a result of the dodgy definition key files were identified as a virus and shuffled off into quarantine. Eset said it spotted the problem within minutes and released a new update …
To err is human
Alas, there's no way to totally remove human error. Computers and software are fallible because they were created by humans. Human error seeps into everything eventually.
I've been using NOD32 for years and I'm very happy with it. :)
Not the only thing they screwed up either
I have for some years (4+) used nod32 - I used to prefer Kaspersky but bloat won there. I pay Eset a significant amount of cash each year for their product (Business version, multiple clients etc). Imagine my surprise recently when I tried to download the product (h/w failure) and discovered that my username/password was invalid - yet it worked for updates. Support is now based in the USA (West Coast) and frankly they are useless - what's the fucking point in emailing me a username/password that expired 3+ years ago. Still waiting for any meaningful response but I won't be renewing with them as its clear they've taken the consumer AV path now (ie fuck you we have your cash).
Anyone got any suggestions for AV that has a small footprint, doesn't suffer from verbal diahorrea and doesn't have pretentions of turning into yet another pointless "security suite"?
Re: Not the only thing they screwed up either
Credit where it's due
"The issue is more severe when system files are miscategorised as malware, as in this case, but Eset deserves credit for responding promptly to the issue."
Yes, Eset deserves credit for responding promptly to the issue. However, Eset also deserves negative credit for obviously not properly testing the definition file before they went live with it. I'm not saying they should test every OS ever released, but at least test it with the ones which are still in common use (which, for Windows-based AV software, would be Windows 2000 and later). If they had done that, the problem never would have been seen by the public.
I guess I was one of the five %
who was affected b it...
just glad I ghost my system every night just incase something like this does happen.
btw I wonder what anti virus billy g uses...anyone?
John, funnily enough I have tried numerous AVs including ESET and late last year settled on Kaspersky KIS 2009 because it has a very small footprint which on my low spec Dell business laptop is extremely important. That's despite numerous people recommending to me NOD32.
NOD32 was problematic especially on firewall and HIPs functions and I eventually uninstalled it, much like other security suites that I tried. Mis-identifying windows drivers cannot be dismissed as simple human error, that's really a major screw up for sure.
Whilst KIS has not been issue free, overall they seem to be the best product / footprint / security / price combination, at least for me. Comodo was also pretty impressive and great potential, but for me it still runs like a beta product and their AV database is still too far from KIS or ESET, so I will not look at it for another year until my KIS license comes up for renewal.
In terms of support, getting an answer takes for ever, guides are out of date, also their support site was recently hacked in the US but that was the web devs that screwed up. But since you are probably an IT pro then that should not be an issue.
"btw I wonder what anti virus billy g uses...anyone?"
I think it's safe to say Bill Gates hasn't used a Windows-based computer for some years now.
Paris, because she takes proper precautions against viruses.
Im happy, been using Vista since it was released, UAC on, no Antivirus.
Never had a single problem
To err is human...
But is against company policy.
Happy NOD32 user here, this is the first false positive I have even heard of, didn't affect any of my computers. I would rather have NOD32 than Kaputsky (so named for its breaking everything) and any other AV - just no.
Even the best isn't perfect, until we get systems that are 100% secure against malware (read: never) we will have to put up with it.
Paris because you might find a virus or two on her if you looked.
Using heuristics to find viruses inevitably leads to this kind of problem. It's more trouble than it is worth. False alarms cause problems as great or greater than many real viruses.
finally some honesty?
Aha! A vendor that is correctly labelling Windows system as malware! Definitely good news. Now if we could only get the others to stop accepting money from that malware purveyor and update their definitions as well, then we might start seeing some improvements around here.
Sophos et al
Thanks for the suggestion of Sophos - I'd genuinely forgotten them. Re comments about Kaspersky - I think we're getting confused here. I'm referring to the original KAV package which used to be distributed from a webiste in Switzerland. I am not referring to the bloatware (and I'm sorry but it IS) which is distributed from the USA.
I did eventually get a response from the clueless fuckers at Eset California. It said contact Eset UK as you are not on our database - which is bullshit for a start. Then of course all the support links/FAQ/etc on the UK site lead you to the US site and that's the only point at which you can generate a support ticket. Oh and my invoice - well that tells me to download from eset.COM not .co.uk
Perhaps Eset and Avast are merging into "EasternEuro we don't give a fuck" AV company?
We won't be using Eset again, that's for damn sure and its not down to a mistake, its down to piss-poor/non-existant support.
I don't really care about the people who complain on vista. I have been using since it came out with UAC and no anti virus.
I have not had a single problem.
Uninformed Anonymous Coward?
I still blame Microsoft
If their software didn't allow users to update any c:\windows files and required all installs to put their files into their own program files folder (no more hidden files...no more registry updates.. no more rootkits)...
Programs only execute if allowed by white list in OS and only in their own memory sandbox and only get to interweb if on white list...
This will all be coming in Windows 43!!!!!
@ John Naismith Posted Tuesday 10th March 2009 22:24 GMT
the best way to get support is from the UK agents, Aspect systems.
- Vid Hubble 'scope snaps 200,000-ton chunky crumble conundrum
- Updated + vids WHOA: Get a load of Asteroid DX110 JUST MISSING planet EARTH
- 10 years of Facebook Inside Facebook's engineering labs: Hardware heaven, HP hell – PICTURES
- Very fabric of space-time RIPPED apart in latest Hubble pic
- Massive new AIRSHIP to enter commercial service at British dirigible base