I concur, Telstar!
Interestingly enough, in MY case, I actually to a certain extent came out ahead after the other night’s incident. The only thing I uninstalled was my IZArc File Zipping / Unzipping Utility as that was tagged as being infected. I used to have IZArc 3.81. Out of curiosity, before reinstalling it after the Avast Fix, I checked and found out there is now an IZArc 4.1. So, I’ll be downloading and installing THAT instead of my old IZArc version.
I just ditched AVG after 10 years when it’s Version 9 seemed to have lost it’s mind and caused my hard drive to thrash endlessly, and there seems to be very little care of the issue on their forum. I had Avast for 2 weeks when this problem hit. It only affected a free registry cleaner program I had, and only in that I put the file in the vault. I’m fairly computer savvy, so I immediately Googled the virus name, and fortunately, the first threads about it here had been cached, so I was in the know pretty quickly.
I will be staying with Avast and probably getting the Pro version soon, due in part to the quick resolution and posting about what happened. I also got a look at how the app actually handles threats, and liked it very much.
Errors happen and the world is not perfect. But if Avast started screaming to me about hundreds of files being infected my first thought would be either Virut or Sality (file infectors) or a false positive. I was not affected by the rogue update for some reason mayhap it wasn’t my update time who knows. But the response in my opinion was extremely fast. Compare it to the AVG userinit problem which I believe took over 24 hours before a resolution was available, if you could start your computer that is.
I do a lot of work on a malware forum cleaning systems and I do not recollect any instances of this being posted during the bad hours.
The bottom line I feel is, that if you get multiple alerts on what appear to be regular/known files then treat with suspicion. But in all the years I have had Avast this is the first time that I have heard of trouble like this, there may be the odd single false positive but they are exceptionally rare, and with the new system in force become resolved fairly fast
I think avast people are human, and human beings can make mistakes…and then, I remember that even kaspersky had the same problem with a wrong update…but in that case, it killed explorer.exe!!! :o
I remember another case about AVG…and it was worse, since they made this error twice!!
So, i’m still an avast fan…these things can happen, everyone should image his sistem at least once a mounth
Interesting idea, cromag, and certainly I’d second the motion for Alwil to look into the possibility of implementing this.
Even more convenient would be for the update process to save on your own system a backup copy of the full database in its pre-update form, so you wouldn’t even have to download anything to “backdate”. Admittedly you’d still have to restore all those quarantined (or worse yet, deleted) “infected” files, but as has been pointed out a number of times, that’s why disk-imaging is so highly recommended. I plead guilty to not using imaging myself - but I do have and use Restore-IT which is extremely similar in concept.
