Flawed Trend Micro antivirus update cripples PCs

[Humpty]

8, 2008 (Computerworld) Antivirus updates issued by Trend Micro Inc. on Friday crippled Windows XP and Vista PCs when they mistook several critical system files for malware, and blocked access to those files.

 

Some users have yet to regain control of their PCs, according to e-mail sent to Computerworld..

 

Two signature updates that Trend Micro released Friday for its most popular consumer security software incorrectly identified up to eight different Windows files as Trojans, then quarantined those files, thinking they were dangerous. The updates were issued to users running Trend Micro's AntiVirus plus AntiSpyware 2008, Internet Security 2008 and Internet Security Pro 2008.

 

In some cases, quarantining the files prevented the PC from booting.

Computerworld Article

[davey]

Computerworld Article

Proof Positive !!! Crap Happens !!! Be ready for it as best you can.

Read your forums, whenever you get a few moments.

Learn a little bit more !!! A little at a time !!!

Support your helpful forums.

davey

[Corona]

My friend with the printing problems has a paid version of Trend Micro antivirus.

[ConsrvYank1]

My friend with the printing problems has a paid version of Trend Micro antivirus.

 

Yeah, but I got rid of it and I forgot to tell you.

[Andavari]

I'm surprised that av vendors release updates that detect Windows OS files as malware, it never ceases to amaze me that they may not be testing everything they release.

 

I smell a bunch of refunds and a migration away from Trend Micro's av, if not lawsuits.

 

Yeah, but I got rid of it and I forgot to tell you.

You're lucky you did that, or you would've had a very serious issue.

[Humpty]

Did you know that a while back Kaspersky quarantined explorer even though only for a couple of hours till they realised?

Windows Explorer, one of the most crucial components of Microsoft's operating system, was quarantined earlier this week after being falsely identified as malicious code by an antivirus company.

 

Users of Kaspersky Lab's antivirus products noticed the issue, which Kaspersky claimed lasted two hours, on Wednesday night.

 

The security company's systems had decided that a virus called Huhk-C was present in the explorer.exe file, leading to its confinement or, in some cases, deletion. As Windows Explorer is the graphical user interface (GUI) for Windows' file system, this made it difficult to perform many common tasks within the operating system, such as finding files.

Cnet Old Article

[Andavari]

Did you know that a while back Kaspersky quarantined explorer even though only for a couple of hours till they realised?

That's rather stupid. I don't understand why av's or anti-malware in general after it completes a scan of the system it could have an MD5 checksum hash of the files in a database, and if that MD5 checksum hasn't changed it would be impossible for that file to have any infection.

[siljaline]

NOD32 does it all for me, I lost faith in Trend Micro when they bundled CWShredder with their Anti-Spyware app.

 

[Thomas95]

"Choosing anti virus software is such a difficult job, i have a suggestion for you guys use www.search-and-destroy.com and see the result you will find best from this software.

 

Thank You"

 

 

 

 

do not download from this site ~moderator

[hazelnut]

Please don't anyone download from the site given above, see here

 

http://www.spyware-techie.com/searchanddes...-removal-guide/

 

The poster has been banned, but this will be left as a warning to others about this software.

 

I think users could be duped into thinking it was spybot search and destroy.