Slashdot Mirror

← Back to Stories (view on slashdot.org)

AVG Virus Scanner Removes Critical Windows File

Posted by kdawson on from the it-just-acts-like-one dept.

secmartin writes "The popular virus scanner AVG released an update yesterday that caused their software to mark user32.dll as a virus. Since this is a rather critical file, AVG's suggestion to remove it caused problems for users around the world who are now advised to restore the file through the Windows Recovery Console. AVG just posted an update about this (FAQ item 1574) in the support section of their site. Their forums are full of complaints."

7 of 440 comments (clear)

  1. Setting itself apart from other software by LoadWB · · Score: 4, Interesting

    Damn. This is what I was hoping would never happen to AVG. After reading all the times that McAfee, Norton, and others had removed Office documents, Windows DLLs, and Office DLLs, I always had a smug chuckle available.

    But now. Ah, well. Four years, 300 workstations, a dozen or more managed installations and still not a single infection or major problem for me using AVG.

  2. Re:Well... by Anonymous Coward · · Score: 5, Interesting

    This isn't too far from realistic.

    I work for a firm that, through the power of politics, actually pays to use McAfee antivirus and related products. Now, this is a product that can sometimes detect a virus but can't remove it, whatsoever. Yet, it will produce an error message that prompts the end-user to "delete", "remove" or "ignore"... (something to this nature - it really doesn't matter since none of them work except "ignore").

    Some of the technicians have resorted to using certain free applications to get rid of the viruses (virii?) when the end-users show up to the help desk, angry as all get. Recently, McAfee started preventing these various freeware packages from being installed - it simply detects them as viruses themselves!

    You could say that McAfee is doing its job - it leaves the sales up to the politicians while it prevents the real software from doing the work.

    What a hopeless, hopeless situation.

  3. Re:doh by HeronBlademaster · · Score: 4, Interesting

    AVG failed to detect dozens of viruses and malware on my sister's computer that Avast cleared out. Avast isn't perfect, but they're both free, and it's my experience that Avast is more reliable than AVG. As always, YMMV.

  4. Re:It's sad... by steveha · · Score: 4, Interesting

    Antivirus is one of those things that(at least until actual heuristic scanning that seriously works comes out) leans heavily on having a whole bunch of security guys and worker drones hammering out signature updates all day every day. That isn't something that falls under "The Open Source is strong with this one".

    Hmmm, not sure I agree. I have always thought that the open source community could do a great job with antivirus.

    The key is to get a large community of people who, when they discover a new virus, contribute their knowledge back to the open source project. And I think this is actually working with ClamAV.

    I know that I have submitted my share of viruses... when I get an email offering me a cool new screen saver, and the file is called "screensave.scr.exe", I scan it with ClamAV. If ClamAV doesn't spot anything wrong, I'll submit that file to the ClamAV project.

    Usually I submit the file at VirusTotal first, and attach the report to my submission.

    ClamAV gets signatures very quickly for new viruses as they appear. The whole signature-based game is a continual game of catchup, though. I agree that heuristic-based scanning would be preferable, but that seems like a hard problem.

    steveha

    --
    lf(1): it's like ls(1) but sorts filenames by extension, tersely
  5. AVG was poison for Devs, now rest of world, too! by soporific16 · · Score: 3, Interesting
    The day AVG started deleting CMDOW.EXE (a very useful utility to hide DOS box windows) BY DEFAULT when it does its scheduled scan (which is set to on by default), was the day the straw broke this camel's back.

    OK, fine, most people won't have CMDOW.EXE on their system legitmately (ie they didn't put it there themselves) and so if they do have that file, something nefarious has happened at some stage. But for all devs that do use this file (and others like it), AVG is not a friend, not even in the slightest.

    So, that leaves the non-devs, and there's enough of them around to build a business model based upon offering the program for free in order to get some paying customers. So, Sometimes, if building a PC for a complete noob and i wasn't going to have to maintain it afterwards, i would ignore my hatred of AVG and just install the latest free ed so at least the user would have a relatively trouble-free anti-virus solution.

    Now, AVG has no doubt ruined many a noobs week because their computer doesn't work and they have no idea how to fix it. Great one AVG!

    I now have a delete-on-sight-with-a-scorched-earth-attitude policy with regard to AVG (was previously only an ignore-at-all-costs-except-when-really-lazy policy). Can all members of the technical elite follow suit? Thanks.

  6. Re:Sigh by nonewmsgs · · Score: 5, Interesting

    I administer a network of a about 200 windows systems, and we use almost exclusively AVG Free. Oy vey, am I gonna have a long day on Wednesday, maybe I should just unplug the phone now.

    i thought the AVG free license was for personal non-commercial use.

  7. Re:Well... by Ihmhi · · Score: 5, Interesting

    AVG recently detected the OpenOffice 3.0 installer as a trojan.

    It also did the same with keyfinder, a program that discovers the serial for Windows XP after it's been installed. (How I miss the days of just looking in the registry...) I have a lot of customers who lose their serials (and sometimes even their CDs), and I get a bit annoyed when it gets erased off of my flash drive every time I plug in it.

    Thankfully I can restore it back to its original location, but it's a hassle.

    --
    Random Thoughts From A Diseased Mind (Not For Dummies)