Kaseya Community

AVG 8.5 Update Moves All EXEs and DLLs to Vault!

  • http://forums.avg.com/es-en/avg-free-forum?sec=thread&act=show&id=101475

    We disabled all auto-updates and scans. Manually going to the AVG GUI, restoring files, and then rebooting has fixed all of our clients that have reported issues so far

    Legacy Forum Name: AVG 8.5 Update Moves All EXEs and DLLs to Vault!,
    Legacy Posted By Username: alex.steadman
  • MadThis got us too, on an Exchange and DB server. Version 8.5.441, Update 271.../3039

    Legacy Forum Name: KES,
    Legacy Posted By Username: toolman5774
  • So my first question is, how does one prevent auto-updates? It's not like we have control over the scheduling thereof...

    Legacy Forum Name: KES,
    Legacy Posted By Username: GreyDuck
  • Manually pushing to all clients after vetting, i suppose. Maybe there's improvements in K2

    Legacy Forum Name: KES,
    Legacy Posted By Username: toolman5774
  • I, ah, "found" the super-seekirit system scripts interface and pushed the KES processing script out 'til Monday. I've also turned off realtime scanning for all profiles and removed weekly scan schedules 'til we hear that it's safe.

    So far, only one machine has been hit badly that I know of. That's the good news.

    The bad news? It's our in-house SQL server. *headdesk* So now that I've spent half an hour trying to prevent further problems, I get to remediate one of the most important servers in the company...

    Legacy Forum Name: KES,
    Legacy Posted By Username: GreyDuck
  • ConfusedYea, the bright spot for us is the only 2 machines affected: one of our biggest clients Exchange server and SQL server. Another wonderful note is that their backups have failed for 3 days now...

    Legacy Forum Name: KES,
    Legacy Posted By Username: toolman5774
  • Awesomesauce, man!

    Oh, by the by: The "revert database to previous version" thing in the linked forum article? That doesn't seem to have much effect on a KES-managed machine. I ran that and got the same (bad) version again.

    The good news is that AVG doesn't nuke its own GUI executable (that'll be their next trick, I suppose) so I was able to pull everything out of the Virus Vault... but I can't actually prevent it from happening again short of yanking AVG off entirely, right now.

    Fun!

    Legacy Forum Name: KES,
    Legacy Posted By Username: GreyDuck
  • Yea, when using the rescue CD, we have nothing listed in the vault. do NOT restart your machines that are having this problem, AVG clears out the vault, and now we are running recovery of the OS.

    Legacy Forum Name: KES,
    Legacy Posted By Username: toolman5774
  • I should have checked the forums sooner.
    this update took out two of my clients exchange servers.

    Anyone have any good alternatives to AVG that can easily manage multiple customers?

    Legacy Forum Name: KES,
    Legacy Posted By Username: cbishop
  • cbishop
    I should have checked the forums sooner.
    this update took out two of my clients exchange servers.

    Anyone have any good alternatives to AVG that can easily manage multiple customers?


    I think Kaseya should begin vetting AVG's updates like patches so this doesn't happen. It may be AVG's fault, but its a relationship which Kaseya sells. All of our clients hold us responsible for the damage, Kaseya should be held accountable as well.

    Legacy Forum Name: KES,
    Legacy Posted By Username: toolman5774
  • toolman5774
    Yea, when using the rescue CD, we have nothing listed in the vault. do NOT restart your machines that are having this problem, AVG clears out the vault, and now we are running recovery of the OS.


    Building a new Exchange server this morning Sad

    Legacy Forum Name: KES,
    Legacy Posted By Username: toolman5774
  • This hit one of our SBS clients and killed Exchange. I've got to say that I'm extremely unimpressed. They are running AVG 9, not 8.5, so it may be a bit more dangerous.

    Legacy Forum Name: KES,
    Legacy Posted By Username: alanuhe
  • I'm still waiting for the part where AVG sounds an "all-clear" so we can start updating endpoints and actually enabling scans again... Ahem.

    Legacy Forum Name: KES,
    Legacy Posted By Username: GreyDuck
  • GreyDuck
    I'm still waiting for the part where AVG sounds an "all-clear" so we can start updating endpoints and actually enabling scans again... Ahem.


    I too would really like to know the status of this issue. I can't finy anything updated on AVG's website.

    We have not had any issues - so far, knock on wood, thank God, etc.

    My AVG9 agents report as running 9.0.851 271.1.1/3045

    My AVG8.5 agents report as running 8.5.441 271.1.1/3045

    Does anyone know if these versions and virus defs are "safe" from the "AVG moving all EXE files to Vault" problem?

    Lloyd

    Legacy Forum Name: KES,
    Legacy Posted By Username: lwolf
  • Same questions as LLoyd as we show

    271.1.1/3045 - Majority of our Servers
    271.1.1/3041 - One of our Servers

    Need to know how to prevent we already have two black eyes with some of our client's

    Please advise if there is a fix or if the fix is 3045 and higher now..

    Legacy Forum Name: KES,
    Legacy Posted By Username: itgurullc