AVG 8 and the case of the deleterious DLL deletion

Alex Zaharov-Reutt
Wednesday, 12 November 2008 11:20

Opinion and Analysis

Not every AVG user was affected, however – many users turn off AVG’s daily scan altogether to avoid taxing the hard drive with a complete scan on a daily or less frequent basis, preferring to rely on AVG’s real-time scanner instead.

For those whose scan is less frequent and weren’t affected would by now have received an updated anti-virus definitions file which rectified the problem, while those who got the warning but decided not to heed it during a full scan weren’t affected either and should now be updated to a “safe” AVG version.

The problem affected AVG 8.0 free and paid editions, and Vista users appear to have come through unscathed, although at least one report suggests that as a Vista user they experienced the same problem, too.

There can be no doubt that AVG has now urgently instigated some kind of additional checks or testing policies to ensure that such an embarrassing episode cannot easily happen again, and it’s a wakeup call to all anti-virus providers to ensure nothing like that ever happens with their security solutions.

AVG has 80 million users worldwide, so the potential for widespread harm, cost and inconvenience is great, but the same risk applies to any company with a large user base and an update that has gone “rogue”.

AVG’s fix is reminiscent of the kind of fix you’d need to do if your computer was infected by a virus, so the whole episode is very ironic and unfortunate, but now that it’s fixed and testing standards improved AVG should be back to normal.

There’s no doubt that some threats in forums and article responses to switch to an alternative free or commercial security package will take place.

Still, with mistakes normally giving a lesson to those who make them, a repeat user32.dll performance is very unlikely.

AVG should quickly regain the confidence of its users, many of whom have been completely unaffected and are only reading about the deleterious DLL deletion that has passed them by, and if users see a warning of a file that is marked as a threat which seems unusual, a quick look into Google before pressing “heal”, “quarantine” or “delete”, could be a good idea!

On a slightly separate note, multiple layers of protection when it comes to banking is a good idea if you're a Windows user - with the paid TrustDefender software the prime example. TrustDefender isn't anti-virus, so it wouldn't have prevented AVG from deleting the wrong file, but as banking security software for consumers and businesses it would have protected users from banking Trojan's that weren't detected by AVG or other anti-virus programs, no matter whether the Trojan/malware is known or unknown.

How it does that is ia story in itself, but the age of mutiple layers of security working independently of each other is safe and possible, something that is becoming ever more important in a world where banking malware and Trojans are stealing user's passwords, data and funds. If you're interested visit TrustDefender's site for more information.