Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee Anti-Virus Causes Widespread File Damage

Posted by ryuzaki0 on from the who-can-you-trust? dept.

AJ Mexico writes, "[Friday] McAfee released an anti-virus update that contained an anomaly in the DAT file that caused many important files to be deleted from affected systems. At my company, tens of thousands of files were deleted from dozens of servers and around 2000 user machines. Affected applications included MS Office, and products from IBM (Rational), GreenHills, MS Office, Ansys, Adobe, Autocad, Hyperion, Win MPM, MS Shared, MapInfo, Macromedia, MySQL, CA, Cold Fusion, ATI, FTP Voyager, Visual Studio, PTC, ADS, FEMAP, STAT, Rational.Apparently the DAT file targeted mostly, if not exclusively, DLLs and EXE files." An anonymous reader added, "Already, the SANS Internet Storm Center received a number of notes from distressed sysadmins reporting thousands of deleted or quarantined files. McAfee in response released advice to restore the files. Users who configured McAfee to delete files are left with using backups (we all got good backups... or?) or System restore."

2 of 353 comments (clear)

  1. Re:Help! by xtracto · · Score: 4, Informative

    What about a *nix firewall with antivirus software on it?

    You only need that headless pentium 3 (even a pentium pro could make it!) that you are using to rest your feet ;-), plus you will be able to forget the burden of whatever "ANTI-*.* " software that wastes your precious resources.

    Of course that is if you use Windows (for whatever reason, I also do it).

    --
    Ubuntu is an African word meaning 'I can't configure Debian'
  2. Comical recovery instructions from McAfee by Anonymous Coward · · Score: 5, Informative

    Even better are McAfee's instructions for how to recover from the damage their product has done. The first option is to restore the files from quarantine, assuming your version of McAfee actually lets you do this (not all, including the corporate version, have this option). The second is to use Windows System Restore.

    This probably would have worked great on my machine if it weren't for the fact that half of the files McAfee quarantined were *System Restore files*.

    Apparently McAfee hasn't heard of a novel concept called "testing". (I like how they've posted a list on their website of the false positive files, now 7 pages long and still woefully incomplete; they ought to just admit it's going to take a random assortment of exes and dlls on any machine.)

    Combine this with the fact that the default settings on a McAfee install are to quarantine without prompting, and IMHO McAfee is the most dangerous virus I've ever had on my machine.