CA has had some issues with the 33.3.7051 update of its eTrust anti-virus software: the updated started to flag critical system files and some of its own files as being infected (they were not) and sending them to quarantine. That was enough to disable some computers, and once you’re in that state, it’s pretty hard to fix it remotely. We’re not quite sure how CA intends to proceed. The current advice from the company is to avoid this update.
Here’s the official statement from CA:
Last night, CA released a new updated antimalware engine. This new release has resulted in false positive detections of a number of files. CA Threat Manager customers are the only customers being affected by this issue. This is not a result of signature updates and does not impact CA consumer Internet security products.
To resolve the issue, CA has rolled back the new engine and re-released its previous antimalware engine. CA customer support representatives are on call to answer customer questions and to provide remediation support. A remediation tool to rename the quarantined files is now available through CA support and will soon be accessible online.
CA is aggressively working to resolve the issue, assist any customers who have been affected, as well as identify the root cause of the incident. We apologize for this inconvenience and look forward to the roll out of our new antimalware engine, which will ultimately offer our customers many benefits including enhanced malware protection and improved performance.