What harm can Anti-Virus software do?

Macrium-banner-100

We recently updated Macrium Reflect to 5.3, little realising the problems that would caused by Anti-Virus software…

Updating Macrium Reflect

Here at Macrium we are all really passionate about computers and take great pride in our product (Macrium Reflect). It is this pride that means we keep our software support in-house so that our customers get the best support possible (because who else would know the product better?) and it is also this pride that drove us to spend months testing the 5.3 release, and in particular testing the entire product from top to bottom, not just the new features.

So we finally threw the switch (one day we’ll install a big red lever but for now the switch remains metaphorical) and the release went live. Of course a couple of bugs slipped through our testing net, in particular there was a compatibility problem with very old Pentium II/III systems which we don’t have the hardware to test but which we immediately investigated and at the time of writing have fixed and patched.

Security Software and Macrium Reflect

How does this relate to AV software? Well aside from the bug I already disclosed and a couple of other minor issues we have received an unprecedented number of support tickets and forum posts with the following alarming titles:

  • Upgrade to 5.3.7086 results in non-loading software

  • 5.3.7086 crashes

  • reflect does not start after updating to 5.3

As you might imagine these are exactly what you don’t want to see after a substantial update to your software. So it was immediately all hands on deck to fix the issue. Internal testing was launched. Support info was requested from customers. People were poring over code till their eyes bled (okay not quite).

Who’s to blame?

But the questions started flying: who screwed up? how did we miss this? why can we not reproduce it?

And the answer? Anti-virus software! (A term which I am here using to refer to the broader category of security software). It was nothing we’d done. None of our code changes were causing problems. The reason we missed it? On our virtual testing machines we don’t install anti-virus software. Why? Because it does far more harm than good and in a testing scenario it can interfere with performance analysis and even product functionality. If you don’t believe anti-virus can do more harm than good then I refer you to this excellent blog post by Jeff Atwood:

http://blog.codinghorror.com/choosing-anti-anti-virus-software/

Many of our customers who were affected by this issue put the blame on us:

“Why don’t YOU make YOUR software compatible with [insert popular AV product here]?!!!”.

The answer is two-fold: the first part is that it’s simply unfeasible to do it, even for companies far bigger than ours. Imagine testing against one AV product. Which versions do you test? 2015, 2014, 2013, 2012… Do you test the incremental releases in between? Which OSs do you test on? Windows 8.1, 8, 7, Vista, Server 2012 R2, Small Business Server 2008… Where do you draw the line?

“…our product is fully compatible with Windows”

And that’s just one product. Now imagine testing on all the different security products out there. How many can you name just off the top of your head? Avast, AVG, Norton, MalwareBytes etc. And those are just the big ones. We’ve had customers complaining who use security software we’d never even heard of. Imagine trying to cater for all the possible system and software configurations that all our consumers might have. It’s not possible.

Which brings me to part two of why we don’t test against AV software: We ensure our product is fully compatible with Windows. That’s no simple matter, especially when we still cater for Windows XP which we’d like to point out Microsoft themselves no longer support. And even with that basic remit we do our best to ensure maximum compatibility across an ever increasing spectrum of hardware configurations (RAID systems, Tablets, legacy hardware like the Pentium II issue I mentioned above).

Summary

So to return to the title of this post “What harm can Anti-Virus software do?”: A lot, is the answer. For a limited but significant portion of our users who run these so-called “security products” on their systems they suddenly found their backup systems completely compromised and in many cases unusable. We did our best to assist these users individually in resolving their issues, even creating some KB articles (see here and here) but ultimately this is a problem caused by another vendors product not functioning correctly. Their job, as according to their own descriptions, is to protect users systems from malicious and harmful software. Reflect is neither malicious nor harmful and so interfering with it’s installation and operation is a malfunction on the part of the anti-virus software.

Extra info

Just to provide a bit of further information on this issue. We digitally sign all of our executables in an effort to prevent these kinds of issues. Unfortunately it appear lots of AV software either doesn’t check for this or doesn’t seem to care, even though digital signing is suppose to provide proof of authorship and integrity of the file. For more information on this please see our KB article: http://kb.macrium.com/KnowledgebaseArticle50213.aspx