CA anti-virus software disables itself and other applications
Engine Update 33.3.7051 for Computer Associates' (CA) eTrust Threat Manager (formerly ITM) anti-virus software yesterday led to users experiencing large numbers of false positives, resulting in important files landing in quarantine or being renamed, including files making up part of eTrust itself. According to reports on the CA forum, eTrust also falsely identified MS Visual Studio, Nokia-Software, VNC and many other DLLs as containing the StdWin32 malware. Users of the company's internet security products are not affected by the bug.
Computer Associates has confirmed the existence of the problem and states that it is working on a solution. In the meantime they have withdrawn the update responsible for the problem and distributed a new update (220.127.116.1174) containing the old scan engine. Two tools, CA-Unquarantine and Renameavb2exe_with_date, for rescuing quarantined files have been made available. The passwords required to unpack the tools can be found in the password.txt file in the FTP folder containing the tools.