McAfee antivirus update still causing chaos for Windows XP
Blue screen of death for McAfee users
By Ellen Messmer | Network World US | Published: 10:09, 23 April 2010
One day after security vendor McAfee sent out a bad antivirus update that crippled corporate and consumer Windows-based computers, the suffering wrought by the update, DAT 5958, continues.
McAfee apologised for the faulty update and has supplied what it calls a SuperDAT remediation tool and DAT 5959 to wipe out and repair the damage done by DAT 5958. But if McAfee's own community discussion site is any indication, getting rid of the bad McAfee code, which can blue-screen Windows computer and cause other disturbances, hasn't been easy.
"I assume that like me, everyone is in repair mode right now and getting machines running is their top priority," wrote one individual under the name CrazyFingers. "However, after this is over, I expect McAfee to have some straight answers for me. I expect them to explain clearly how a mistake of this magnitude managed to happen in the first place. Then I want to know how it slipped past QA. Finally, I have lost a lot of faith in McAfee's products. I need them to show me why I should continue to use their products when the largest and most destructive virus outbreak we have had in 8 years was actually caused by my A/V vendor."
Related Articles on Techworld
Another commenter on the community site wrote, that 5958 "is nuking all of my systems and detecting a false positive in svchost and causing a system shutdown."
McAfee - which says about .5% of its corporate customers and even fewer of its consumer customers have been impacted -- continues to call the bad antivirus update its "false-positive issue."
McAfee's public response has mainly been provided by Barry McPherson, McAfee executive vice president of support, whose blog posting earlier detailed how he has spent 14 hours straight on the phone with McAfee's support group
McAfee isn't the first antivirus software vendor to have wreaked havoc on customer PCs with a bad antivirus update. Trend Micro delivered a bad antivirus update two years ago, and vendor AVG also had a bad antivirus update that year. But McAfee's handling of DAT 5958 this week is meeting with frustration from customers who are bewildered by technical explanations from McAfee and long wait times — one online commenter claims 2 hours —for tech support.
"Upon calling McAfee's Gold Tech Support, we were met with waiting over 2 hours FOR AN OPERATOR!!," wrote one individual on McAfee's comments section. "While we understand a higher than normal call volume for an event like this, we were completely taken aback that we had to dig deeply to find information regarding this issue on your Web site. We certainly would have expected to see something, anything on the main page of McAfee…nothing."
Another wrote: "Not enough time to figure out what all the geeky terms like DCOM, DAT and SVCHOST means. I'm not a geek so I took the laymans way out and deleted the whole enchilada." And one commenter simply called it, "the McVirus."
Read: McAfee is not the first vendor to suffer a troublesome false positive.
Comments
Max Arevalo said: 3- Start the non working computer plug in the usb drive and execute the superdat file4- If you need to copy the svchostexe file copy the file from your usb drive into the non-working computer windowssystem325-Restart6-If you need instructions in how to copy the svchostexe file using the command prompt please let me knowThanks
Max Arevalo said: No need to lose data or reinstall windows I have fixed two computers so far Here are the steps1- Use a working computer to download the Superdat patch from the Mcafee website and copy it to a usb drive2- If the svchostexe file from the non working computer has been erased use the working computer to copy the svchostexe file to the usb drive as wellThe svchostexe file can be found under windowssystem32 Please make sure the working computer is also running on windows xp