McAfee "Virus" (understand "update") Crashing Computers Worldwide (XP)

http://www.theepochtimes.com/n2/content/view/33855/

A new McAfee PC anti virus security program update is causing Windows XP to crash on possibly millions of computers around the world, multiple reports are saying.
Few Answers After McAfee Antivirus Update Hits Intel, Others
http://www.pcworld.com/businesscenter/article/194752/few_answers_after_mcafee_antivirus_update_hits_intel_others.html

http://www.zdnet.co.uk/news/security-threats/2010/04/22/mcafee-update-failure-causes-widespread-xp-crashes-40088721/
more here:
http://news.cnet.com/8301-1009_3-20003074-83.html

The damage was widespread: the University of Michigan's medical school reported that 8,000 of its 25,000 computers crashed. Police in Lexington, Ky., resorted to hand-writing reports and turned off their patrol car terminals as a precaution. Some jails canceled visitation, and Rhode Island hospitals turned away non-trauma patients at emergency rooms and postponed some elective surgeries. Intel was also hit by McAfee's bungled update, a source inside the company confirmed to CNET. The source said that all Intel's computers inside the United States ran McAfee and many were affected but didn't know how many or whether it impacted the company's factories. The update released at 6 a.m. PT effectively redirected the PC's immune system, causing it to attack a legitimate operating system component known as SVCHOST.EXE in the same way that some diseases can cause the human immune system to turn inward. In this case, McAfee's application incorrectly confused it with malware known as the W32/Wecorl.a virus. McAfee apologized to customers for the problem, which seemed to affect primarily Windows XP computers running Microsoft's Service Pack 3, but downplayed its impact. "We are not aware of significant impact on consumers," the company said in a statement sent to CNET at 2 p.m. PT.

http://i.i.com.com/cnwk.1d/i/tim//2010/04/21/virusscanalert.jpg

Well, that’s quite a mess… :wink:
asyn

McAfee’s solution:
http://vil.nai.com/vil/5958_false.htm

Summary

McAfee is aware of a w32/wecorl.a false positive with the 5958 DAT file that was released on April 21, 2010.

WARNING: If you receive a detection for w32/wecorl.a, DO NOT restart your computer until you have performed the remediation steps in this article.

fix is there:
hxxp://download.nai.com/products/mcafee-avert/tools/SDAT5958_EM.exe
(read instructions on first link of this post)

official response:
http://siblog.mcafee.com/support/mcafee-response-on-current-false-positive-issue/
http://siblog.mcafee.com/support/a-long-day-at-mcafee/

:o WOW THE SERVICE HOST OF WINDOW ??? WILL IF THIS THING IS DELETED YOU CANNOT RUN YOUR WINDOWS ;D
DELETING THIS MEAN TO SHUTDOWN EVERYTHING ;D

BEST REGARDS!!!

Everyone has a nightmare with false positives… now it’s time of McAfee…

sounds much worse than Avast’s disaster last year, because of the much wider adoption at enterprise level >>> hospitals and others

first avast then Bitdefender and now McAfee…Symantec/Norton next ?..

I’d just like to thank everyone on this forum who does such a good job at bashing Mcafee. As a result of this and what I had read elsewhere, I replaced Mcafee on my old laptop thats still running XP just barely 7 days ago, a decision that has already paid for itself ;D

??? nobody is bashing McAfee in this thread…where are you seeing that ? ::slight_smile: this is absolutely not the purpose of this thread.

Forums overall I meant, not this thread in particular. Perhaps “bashed” is a little extreme…how about “stated facts/opinions that portrayed said AV as possibly unreliable/overrated”?

look I don’t know about the rest of the forum and I don’t like bashing in a general way. There are things to say in favor of or against anything…and in this particular case, a complete chaos resulting of a bad anti-virus database update, let me remind you that the same happened to Avast in December last year…just like it happened to AVG and Norton before that :wink: >>> so this thread doesn’t even target McAfee to tell if it’s unreliable or not. It’s just about relating a regrettable incident :wink:

I guess it did kind of look like I was attaching a negative opinion to you specifically, given its your thread as well, but that wasn’t my intention, apologies :wink:

okay np :wink: … you know, last time I tried McAfee must be somewhere back in 2005, so there’s not much I could tell against or for them :smiley: What’s really worrying is that those “update accidents” do have a strong impact on the day to day life of millions of people worldwide… and there doesn’t seem to be any solution so far…by definition an accident is an accident…and operating systems aren’t protected against their own security software mistakes.

I hope so. I don’t know why I hate Norton so much, I just do. I hate seeing my Dad and Stepmom paying money for a product that doesn’t gurantee any more protection than a few free programs. Maybe a bad fp incident will wake them up.

Check this out more news on McAfree problem http://blog.immunet.com/blog/2010/4/22/false-positive-mayhem.html

Wishing something bad to happen to any one (including Symantec) is never a good thing. It usually comes back to bite you in the as* (rear). ;D

+1 this was a stupid post (the one you quoted Bob not yours):

1 wishing bad luck to a company is insane
2 it’s getting still more insane when we know that such mistakes lead to chaos…on users computers ::slight_smile:

Yes,

I sympathize with McAfee after we ourselves got this mess few months ago with the false positive issue.

Only people who have experienced these issue will know how embarrassing and terrible it is for users as well as for the company.

Now THAT"s what I call protection. If you can’t boot your computer, It can’t get infected right? ::slight_smile: ::slight_smile:

The tragedy of false positives is open for avast also.
I’ve opened a thread in Evangelists’ forum and until now, not a post from Alwil.
Access to Chest by a CD/DVD will be a possible solution to restore the file. I think BART CD could have this technology. I think it should be extended to all avast users.