Developer considers McAfee suit after 'Trojan' error

A software developer whose program was labelled a Trojan by McAfee is considering action agains the antivirus firm
Written by Kristyn Maslog Levis, Contributor

Brisbane software developer Mark Griffiths is considering suing McAfee after the antivirus company wrongly identified his Internet setup program as a Trojan in a recent virus definition update.

Griffiths said he was "not ruling out" filing a lawsuit against McAfee even after the antivirus company yesterday morning released an update to their antivirus DAT (signature file) which fixes the false positive.

Griffiths sells the Internet setup program wizard, ISPWizard, to Internet service providers in more than 20 countries. The setup program was labelled as the BackDoor-AKZ Trojan by McAfee antivirus software deployed on ISP customers' personal computers. As the software automatically eliminates the program from the users' system, many were not able to connect to their ISP.

Griffiths said he was first notified about the mistake on 2 September by his ISP customers in the US. They had been alerted by their customers, who had not been able to access their Internet services. Immediately after being notified, Griffiths sent an email to McAfee but only heard back from the antivirus vendor on Monday.

Griffiths estimated a loss in revenues of at least 50 percent for this month since his program was labelled as a Trojan. He added that one of his customers had lost $3,000 after the provider's customers had shifted to another ISP as a result of the McAfee difficulties.

McAfee marketing director for Asia Pacific Allan Bell, said the company had released a new DAT file yesterday morning including changes that addressed Griffiths' problem. Bell explained that the software identifies Trojans based on a signature or a pattern and because of this, "there is always a danger of a false positive", meaning the DAT matches a program which is not a virus.

Bell said McAfee provides a procedure for developers to ensure their software is tested. He added that developers can submit their program for testing, free of charge, by calling the McAfee support department. The program is then matched to the 30 million files of known good code to make sure there are no false positives.

"We do have a large database of known good files and programs that we scan against to make sure that there are no false positives. False positives happen in very rare occasions and so we want to encourage developers to talk to our support department about testing their programs," Bell said.

However, Griffiths said that even after McAfee sent out the changes to their DAT files, some customers who have not updated their personal computers will still not be able to access their ISPs. He added that the changes to the antivirus software will not affect his decision on whether or not to file a lawsuit against McAfee.

"If there is going to be a lawsuit it wouldn't be affected by the release of the software fix because it took so long for them to do it and how they handled the problem was not satisfactory," Griffiths said.

Bell has refused to comment about the possibility of a lawsuit.

ZDNet Australia's Kristyn Maslog-Levis reported from Sydney. For more coverage from ZDNet Australia, click here.

Editorial standards