CA Anti-Virus does what McAfee did last week

By Tech Geek Alex
in Back Page News

 Share

Recommended Posts

Community Regular

Tech Geek Alex

Posted
Posted

On Saturday 7/4 reports started that McAfee Anti-virus was breaking pc?s because of an Anti-Virus update that was quarantining Windows System files as viruses.

Well it seems that someone else wasn?t paying attention. As of this morning I have received numerous reports from clients reporting that their CA Antivirus is showing Virus alerts for the W32/alalum virus and the files that were being reported appeared to be Windows systems files. CA was quarantining those files as well. When this 1st started I assumed it was an isolated issue but with the client messages concerning this coming in more and more this morning, this definitely seems to be a wide spread issue.

The issue appears to have been caused by an update the was released within the past 12 hours as CA Anti-Virus is set up to check for updates every few hours if your have the auto update feature turned on.

The biggest concern is that when these files are quarantined, if you reboot, there is a good chance that your machine will not restart. I had 2 clients so far ?brick? their pc?s because of the restart. This point is made very clear as the WFP (Windows File protection) comes up saying that ?Files that are required to run windows properly have been replaced??? So far all reports (at least) from the clients I deal with show that CA Anti-virus 2007 ? 2009 are affected.

From the CA Forums ( http://homeofficeforum.ca.com/homeofficefo...read.php?t=4837 ) you will see others also reporting the same issue. I know CA only has 3% of the A/V market so this may not be as big as McAfee but I am passing this on as a public service. Here is what I've instructed my clients to do in the mean time that seems to clear this up

1) Open CA Anti-virus by double clicking the shield looking icon in the systray (That is in the lower right corner by the clock)

2) The Security Overview window will open. Under CA Anti-Virus you will see ?Open advanced settings?. Click that link.

3) Once you are there you will see the main overview window. From here click on the left side where it says Quarantine.

4) You will then see the list of files that are quarantined. Look for any file marked infected with W32/amalum (there is an additional part to the name after amalum but will be different on most pc?s). Highlight all items that are showing infected with amalum and then click on restore. (NOTE***That if you have another file in quarantine that shows something other than amalum as the Infection then that is probably an actual virus infection). Once the files are restored you can close the CA windows

A) You will be prompted to say do you want to restore. Click on ok for each message

5) At this point with no files in quarantine you should be able to hit cancel on the WFP.

6) You will be prompted for keeping changed files click yes to this message.

7) At this point restart P

So far no clients report files getting re-quarantined after the steps and reboot

(**Your situation my be different, so review your specific issue before following this information)

post-266234-1247161395_thumb.jpg

Community Regular

Tech Geek Alex

Posted
  • Author
Posted
And this is why I still use Norton...never had any false positives with it.

http://community.norton.com/norton/board/m...e.id=2797#M2797

http://forum.worldwindcentral.com/archive/...hp?t-10261.html

http://community.norton.com/norton/board/m...ding&page=1

Not to be negative....but here are 3 different issues with Norton/Symantec products concerning False positives.

So no one is perfect. Your looking at products that are coded by humans, humans screw up. So until we get to the sky lab part of the story, there will always be a chance that something could be screwed up. We just hope that the software company (whomever they are) has a QA that isnt also sleeping.

Mentor

grik

Posted
Posted

If i was Symantec, i would buy some fancy security team with real good Pro?s, and erase Norton name from future press releases.

And maybe..maybee change Symantec name itself, and maybe..maybe then, we would trust their products again.

This is pure lack of Marketing department from Symantec, maybe very old peple running it.

Grand Master

Krome

Posted
Posted

TechGuyPA: The first link is not "false positive"

grik: Your statement would be more plausible if you'd capitalize your "I". At least give a more logical reason to your trolling. Your opinion sounds kiddish. I have used Norton/Symantec A/V for so long and I have not yet encounter one false positive on my system. But like TechGuyPA already mention, any product that is created by man will always have flaws.

Mentor

grik

Posted
Posted

Its a Marketing statment not if the real product is bad or even good. You obviously did not ynderstand the big picture.

Norton and Symantec branding are a bad image by just having that name.

You used to use Norton back in the days where it was malware and did not catch virus? And i would never say that Norton gives false positives, the image i have on that software, only by the name, is that no false or positive alerts if you know what i mean. Again i point to the fact im talking about the credibility/image behind the Name, dont confuse with anything thing that you tried to point out.

Regards

Community Regular

Tech Geek Alex

Posted
  • Author
Posted
Its a Marketing statment not if the real product is bad or even good. You obviously did not ynderstand the big picture.

Norton and Symantec branding are a bad image by just having that name.

You used to use Norton back in the days where it was malware and did not catch virus? And i would never say that Norton gives false positives, the image i have on that software, only by the name, is that no false or positive alerts if you know what i mean. Again i point to the fact im talking about the credibility/image behind the Name, dont confuse with anything thing that you tried to point out.

Regards

I apologize. As explained I understand where you were going with the comment now.

All I tried to say was that in these days of get it out NOW it seems that the QA departments at most major software companies seem to be asleep at the well. The products themselves are made by people, people who can make mistakes, its up to the QA staff to double check and clean up any mistakes and thats were the issue is and that isnt happening....and it isnt just MS or Symantec or CA or MCafee, it seems to be almost all of them at one point or another.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Qualcomm's new Snapdragon Reality Elite chip brings on-device AI to Android XR devices

      By pradeepviswav · Posted

      Qualcomm's new Snapdragon Reality Elite chip brings on-device AI to Android XR devices by Pradeep Viswanathan Qualcomm has been delivering dedicated SoCs for mixed reality and spatial computing devices for several years. The journey started with the Snapdragon XR1, followed by the Snapdragon XR2 in 2019, the Snapdragon XR2 Gen 2 in September 2023, and finally the Snapdragon XR2+ Gen 2 in 2024. Today, Qualcomm announced a major upgrade with the new Snapdragon Reality Elite Platform, which targets premium mixed reality and spatial computing devices. OEMs can use this SoC to power both all-in-one video-see-through headsets and lightweight, tethered optical-see-through glasses. Qualcomm highlighted that the Snapdragon Reality Elite will power the next wave of Android XR devices coming later this year. These wearables will offer better visuals, improved power efficiency, and deeper on-device AI integration compared to the previous generation. The Snapdragon Reality Elite can deliver up to 48 TOPS of AI performance, allowing large language models and large vision models to run directly on the device for the first time. In addition to enabling new spatial AI experiences, these new AI capabilities will improve head and hand tracking, as well as see-through features. On the performance side, the Snapdragon Reality Elite offers up to 60% higher GPU performance, up to 30% higher CPU performance, and up to 160% higher NPU performance compared to the previous generation. The platform supports visuals of up to 4.4K per eye at 90 frames per second for sharper images and smoother motion. Qualcomm is also claiming significant efficiency improvements. The Snapdragon Reality Elite can offer up to 20% longer battery life under the same workload. More importantly, the chipset can run up to 12 degrees Celsius cooler under load, making headsets more comfortable for users to wear for longer periods. The platform also includes improvements to video see-through, featuring lower latency and better image quality. Qualcomm states that its EVA hardware block helps accelerate demanding computer vision workloads, improving how digital content blends with the real world.
    • Report: Microsoft to use AWS to help GitHub deal with a major surge in demand

      By Nas · Posted

      Umm... GitHub continues to use AWS. That's the story, that's the headline. There's no "new" news here. GitHub continues to require additional capacity beyond the originally-planned Azure allocations. There's nothing special about this; nothing noteworthy. They're still using AWS' infra until the cutover is complete.
    • what other retro software do yall use

      By goretsky · Posted

      Hello, Also known for https://www.theguardian.com/technology/2009/jan/29/adware-internet.   Regards, Aryeh Goretsky    
    • You pay just $100 per TB with this rare 4TB PCIe Gen4 NVMe SSD deal

      By goretsky · Posted

      Hello, I have used a few TEAM Group SSDs, USB flash drives, and Micro SDXC cards in the past. They all seemed to work fine. Regards, Aryeh Goretsky
    • You pay just $100 per TB with this rare 4TB PCIe Gen4 NVMe SSD deal

      By vjlex · Posted

      "just $100 per TB"? Just? Are we trying to make this seem like the new normal? Kinda weird to make it sound like that is not a ridiculously expensive asking price.

  • Recent Achievements

    • Collaborator
      vjlex earned a badge
      Collaborator
    • Reacting Well
      Dys Topia earned a badge
      Reacting Well
    • Conversation Starter
      NovaEdgeX earned a badge
      Conversation Starter
    • One Year In
      Console General earned a badge
      One Year In
    • Week One Done
      Twozo Technologies earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      517
    2. 2
      +Edouard
      182
    3. 3
      PsYcHoKiLLa
      106
    4. 4
      Steven P.
      88
    5. 5
      ATLien_0
      68
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!