back to article Avast alert finds WHOLE WEB malign

Major freebie anti-virus scanner Avast has apologised for a cock-up defining the vast majority of the web as malign. Rather than a Howard Beale-style insight into the state of the modern interwebs, the finding of any sites with scripts or frames - including Avast's own support forums - as malign was the result of a rogue virus …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Oh nice.

    Now let's see if I can get these html helpfiles restored...

    1. Anonymous Coward
      Anonymous Coward

      Yes I can.

      Yes, I can. At least they let you rescan files in the virus chest and all. Still, ruined my evening...

      1. Anonymous Coward
        Anonymous Coward

        Yeah

        Fortunately i managed to figure to how to turn the web shield off. (For me it seemed to be everything that some form of Redirect in it, so All Wiki's, my personal web page, and about half of the pages i usually read)

        1. Ammaross Danan
          Coat

          Could....

          Could just turn off the webshield. It would catch the script in the web cache, but you'd at least have been able to surf the internet.

          1. Anonymous Coward
            Anonymous Coward

            Could

            But them some of the real ones would have slipped through.

            It all turned out okay. The ninjas couldn't catch me once I set myself on fire.

  2. Chris Hainey
    FAIL

    So, Avast goes all Grandpa Simpson on us:

    DEATH!

    No, Grandpa, that's Google

    DEEEEEATH

    No, Grandpa, that's El Reg

    DEEEEEEEEEATH!

    No Grandpa that's Google again

    Etc

  3. Dave Murray Silver badge
    Boffin

    The Reg reader...

    who had to go through the rigmarole of adding an exception to Avast's misfiring software could have just paused or turned off the web scanner - two clicks.

  4. The Alpha Klutz

    Security thrown out with the bath water

    Scanning every website you visit for every possible (known) virus is silly.

    If you surf the web with any regularity, you need an OS/browser combination that is hardened against infections, and designed to contain them (relatively) safely if they do take hold.

    You don't want some gun-slinging wideboy OS walking around shouting "If you shoot first you better not miss because I won't". When in fact said OS misses every time, and drops the keys to the castle behind him as he runs away crying. Jesus.

    1. Charles 9 Silver badge

      A bullet can shoot through a peep hole.

      The only surefire way to not get infected by the web is to not get on it. In any other circumstance, there WILL be a way. No system is hardened enough against exploits that you can't get owned in some way. A combination of user hacks, privilege escalations, and so on could knock down just about anything: including a "secured" OS.

      1. The Alpha Klutz

        maybe

        but I am under no illusion that indiscriminately scanning everything that comes in to my computer against an incomplete blacklist will offer me any level of protection that I couldn't get though equally potent technologies such as prayer, homeopathy, witchcraft etc.

        1. A handle is required
          FAIL

          @The Alpha Klutz; So in other words,

          because AV doesn't catch *everything*, you are going to turn it off so it might as well not catch *anything*? That is exactly the kind of attitude that will get your computer pwned. New exploits come out for modern, "hardened" browsers every week. Some are disclosed, and some aren't.

          1. The Alpha Klutz
            Linux

            "That is exactly the kind of attitude that will get your computer pwned."

            Not really, I regularly check what executables are running on my box and dialing into which IP addresses. I haven't spotted any strange activity yet (at least nothing that couldn't be satisfactorily explained as benign with a bit of careful research). And of course I am generally careful about what I do on the computer in the first place.

            I could have a rootkit, but so could anyone, because that is exactly the kind of thing that slips through the Antivirus net, regardless of how much it comforts you to believe that you are protected.

            Instead of wasting time and/or money on Antivirus software, buy a nice pot plant and put it somewhere near your monitor. It will enrich your life more than any security software.

            (that's after you install that secure OS I was talking about earlier, of course)

            PS. Obviously I recognise that if you don't know how to use a computer properly, you should use Antivirus software (I make sure my family do), but think of it only as the training wheels on your bike. If you never want to take them off, fine by me, but don't expect me to feel as though my two-wheeled bike is somehow inadequate.

            1. A handle is required
              Stop

              Once again...

              just because AV doesn't catch everything doesn't mean you should shun it. Yes, I realise that Linux malware is rare, which is, I suppose, how you justify your not using AV. But for the 87% of all computer users whose computers run Windows, it is important. Eight years of experience programming (I assume that counts as using a computer properly, but you appear to be the expert on that), and AV has saved my ass several times.

              The best example of this I can give you: Firefox allows prefetching of search results, which is on by default. I once googled for something inconspicuous, and my firewall/AV combo caught an intrusion attempt. As it turned out, Firefox prefetched the first result which just so happened to be malicious. The website attempted to attack my computer. No regular monitoring of executables or open connections could have caught that, my friend.

              And, FYI: I've seen AV catch rootkits before. Just because it doesn't always doesn't mean you shouldn't try.

              1. The Alpha Klutz

                "Firefox prefetched the first result which just so happened to be malicious"

                I always thought prefetching was a bad idea (or at least, a relatively pointless one). Hopefully in the future software will be designed with these considerations in mind, but you have highlighted our sometimes misplaced trust in the software vendors and their products. Bear in mind of course that placing too much trust in your AV can be as dangerous as placing too much trust in your browser.

                It was wrong of me to discount AV completely, or to come across that way. (I LOVE hyperbole).

                I just see it as a losing battle, if your AV catches 80% of malware now (just a guess), how much will it catch next month? Next year? In 5 years? At some point the percentage will level off at a relatively useless level, given the exponential growth of malware. I think it would pay to start coming up with alternatives now.

                1. A handle is required

                  Interesting...

                  Your argument applied to a different problem:

                  Did you know that new mutations of bacteria and viruses are discovered constantly? Eventually medicine as we know it will be useless. Therefore, we should stop using medicine and find other ways of protecting ourselves. I propose living in a bubble.

                  1. Anonymous Coward
                    Joke

                    Here's your handle

                    I have done that. Unless you count cigarettes, cigars, and alcohol. I may not live forever, but I'll last forever.

                  2. The Alpha Klutz

                    "Your argument applied to a different problem:"

                    No.

                    Because medicine relies on a DIAGNOSIS from a trained professional, in other words a doctor.

                    Medicine is not an attempt to have the population hopped on drugs 24/7 "just in case" they catch something. In fact medicine fails when applied in this way, you cannot put everyone on antibiotics because then they will stop working.

                    You may be thinking about vaccination, in which case the closest computing metaphor for a vaccine would be a software patch, (which I am all in favour of, obviously), and not Antivirus software.

                    Furthermore, do you know what the medical world lacks? Good antivirals.

            2. Blitterbug
              FAIL

              What a doofus

              ...nothing else to add, really

              1. Anonymous Coward
                FAIL

                I know I don't have a virus because my AV says so

                and I know my AV works because I don't have a virus

  5. Anonymous Coward
    Anonymous Coward

    Avast alert finds WHOLE WEB malign

    Not the whole web, just about 95% of it.

    1. Sarah Bee (Written by Reg staff)

      Re: Avast alert finds WHOLE WEB malign

      Caps lock exaggeration for comic effect beats pedantry. But thanks.

    2. Anonymous Coward
      Anonymous Coward

      For me it was about 50%

      Basically, everything that had a redirect in it, so anything running on Mediawiki, lots of forums, The register, and a few other sites.

  6. Smallbrainfield

    Saw this happen last night,

    I just played World of Tanks 'til it got sorted.

    I would complain, but it's free AV software and they sorted it pretty sharpish.

  7. Conrad Longmore
    Terminator

    How long..

    How long until we wake up one morning and find that the entire interweb HAS actually been pwned by the bad guys?

    1. Alister

      t i t l e

      What?... You mean it hasn't already??

    2. thenim

      what?? you mean...

      it hasn't already?

    3. Anonymous Coward
      Anonymous Coward

      what you

      mean it hasn't already?

      1. Anonymous Coward
        Anonymous Coward

        @Alister @thenim @AC

        de-dupe needed...

    4. Anonymous Coward
      Alien

      "We will bury you!" [ Nikita Kruschev - 1964 ]

      "When Microsoft releases your virus embedded in the latest MSDOS, you've won the game!"

      [ Dark Avenger - 1991 ]

  8. Pete 39

    Not just the web

    I saw the web alerts yesterday, and assumed that they related to some dodgy ads loaded as part of the page (or which would have been loaded).

    This morning on a freshly booted PC and with Avast! updated it started complaining that DVD menu authoring software I run regularly should only be run in the Avast! sandbox.

    Related?

  9. irneb
    Alien

    No such prob on mine

    Strange. I must've missed the naughty update: since my web scanner's on, but I haven't seen any such page from Avast! Either that or I only browse the 5% which wasn't affected!

  10. Mage Silver badge
    Badgers

    Of course

    Ironically the Web *IS* malign

  11. Anteaus

    Questionable effectiveness

    Every IT manager pays lip-service to the demand of installing resident antivirus software, but in reality it isn't that effective as a protection. Mainly because the dangerous malware is the new stuff which hasn't yet been examined and catalogued by the AV people. That, and feature-bloat is a major problem with AV software. I guess this is because to the uninitiated, the package with the most 'shields' seems -on paper- like the better one, so to win the sales-war every vendor has to bloat their offerings to the max.

    What users don't realise, of course, is that most of these 'shields' are just pointlessly duplicating the action of the core product. If a webpage is scanned before you're allowed to open it, if any file-download from that site is filtered as a data stream, if the downloaded file is then scanned as it is saved to disk, and then scanned yet again as it's launched, how does that achieve anything that scanning the file once doesn't?

    The best protection is achieved by a combination of (some or all) of:

    Using a more-secure browser

    Removing unneeded plugins

    Running the browser with limited priveleges

    Using a virtual machine

    Setting a software-restriction policy which prevents users from launching downloaded .exes

    A simple AV product which scans all executable files as they arrive.

    1. Anonymous Coward
      Anonymous Coward

      @Anteaus 15:50GMT

      I sort of agree with what you are saying but:

      "mainly because the dangerous malware is the new stuff which hasn't yet been examined and catalogued by the AV people."

      Yes, this is the most dangerous sort of malware - but only for people who are running machines with up-to-date AV software on. If you dont have any antivirus then every virus (even ancient ones) is going to be a risk. The old malware is still out there - its not like Smallpox :-)

  12. Muckminded

    Step 1...

    of Avast's new functional testing: connect internet tube to computational doohicky.

  13. raving angry loony

    s.b.t.

    Sad, but unfortunately that was one of the only updates to accurately label the internet. Back to the fudged results later...

  14. bugalugs
    Happy

    phew !

    changed to MSE last week after having Avast ( thanx guys ) for years.

    being random has benefits !

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022