Yesterday [2011-04-11] a number of my clients called in the afternoon me in regards to some antivirus related activities on their computers. Something really weird was going on on all computers. Avast was flagging most of the websites as infected. There was nothing going on the PCs and even after a ran the AVAST scan and a couple of other anti-malware scans and did not find anything the website were kept on being blocked.
Luckily, after a definition upgrade on one of the PCs (by the way done by the CEO of the company) the issue was resolved. My clients use the Small business Server and Standard suites so the updates on the workstations was done almost within a few minutes simultaneously on all of the computers after which everything went back to normal.
It really took about a couple of hours between noticing a problem and solving it. I consider this is not as bad as it could have been.
I’m a bit surprised how quick Avast responded to the problem, solved the problem and also posted a blog describing it.
“Virus definition update 110411-1 contained an error that resulted in a good number of innocent sites being flagged as infected. Generally, all sites with a script in a specific format were affected.
Our virus lab staff discovered the problem quickly after releasing the bad update and immediately started working on a fix. The fix was released about 45 minutes after the problematic update and has version number 110411-2. Anyone who still has this problem is kindly asked to manually update the definitions to the latest version, e.g. by right-clicking the avast taskbar icon (the orange (a) ball), and selecting Update -> Engine and Virus Definitions.
We sincerely apologize for the inconvenience. As this typically only affected remote sites (and not local files), simply updating to the latest definitions should completely solve the issue (no local files have been quarantined).” – Avast blog said.