Author Topic: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!  (Read 671 times)

0 Members and 1 Guest are viewing this topic.

Offline dzalf

  • Newbie
  • *
  • Posts: 7
Guys

I am basically posting here a little rant on what the PUPs engine did to my lab equipment this morning.

I was upgrading the firmware of the pump when suddenly a pop-up window from Avast detected that the process being executed by idex_prog.exe could be a Potentially Unwanted Program (PUP).

I flagged the file as trusted however the uploading process cut-off and the firmware of the pump was corrupted during transfer.

All because of a paranoid application that I didn't even enable myself! Please DISABLE IT BY DEFAULT!!!!

I KNOW that I should have disabled the AV protection before the upgrade but I simply didn't thought of it at that moment.

Please be aware of a feature that could screw you up badly.

AVAST: What can you say on this respect? Now I must try to unbrick a piece of shared equipment from our biotechnology lab or pay for something that YOUR software did.  >:(

I am REALLY disappointed of you guys

dzalf

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35971
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #1 on: August 05, 2019, 07:06:48 PM »
False positives happens to all security programs, no security program have 100% detection or zero false positives


Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438


« Last Edit: August 05, 2019, 07:08:24 PM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 81801
  • No support PMs thanks
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #2 on: August 05, 2019, 07:31:21 PM »
I'm not sure what shield did the detection.

Scanning for PUPs is/was meant to be off by default, it certainly is/was on my systems.
However Off is possibly not the right determination as it would appear to be set to Ask by default (a change from past default settings), which it would appear to have done on your system. 

On my XP system with Avast Free 18.5.xxxx that installation still has the old settings were PUP scanning is disabled by default.

Not much joy for you, but I would certainly consider setting PUP scanning to Ignore potentially unwanted programs.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.7.2388 (build: 19.7.4674.494)/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline dzalf

  • Newbie
  • *
  • Posts: 7
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #3 on: August 05, 2019, 07:36:32 PM »
False positives happens to all security programs, no security program have 100% detection or zero false positives


Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Dear Pondus

Thanks for your reply.

In fact after the file was submitted to Avast for inspection another pop-up emerged (2 minutes after or so) saying that the file was analysed an did not represent a threat. Too late! The transfer had already failed  >:(

The main issue is that I was dealing with delicate hardware at the time the PUP function was self-activated. This should NOT happen under any circumstances when upgrading firmware of any type of equipment and PUP should be an optional feature when installing the software

Once again. I admit that I should have disabled all the shields from Avast however PUP should be OPTIONAL in my opinion.

I am seriously considering of quitting Avast for good after this. I usually work with RS232 protocols and "suspicious" software on different equipment and this is the first time that this has ever happened to me.

I am NOT interested on reporting the file as a false positive since I am certain of its authenticity and functionality. The main problem here is that an unsolicited action from the antivirus has bricked an expensive piece of equipment and it's ME who must assume the responsibility and fix it no matter how long (or how much) it takes/costs (accepting the fact that Avast will not help me in any way, shape or form)

Sad. Really sad :(

dzalf

Offline dzalf

  • Newbie
  • *
  • Posts: 7
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #4 on: August 05, 2019, 07:56:02 PM »
I'm not sure what shield did the detection.

Scanning for PUPs is/was meant to be off by default, it certainly is/was on my systems.
However Off is possibly not the right determination as it would appear to be set to Ask by default (a change from past default settings), which it would appear to have done on your system. 

On my XP system with Avast Free 18.5.xxxx that installation still has the old settings were PUP scanning is disabled by default.

Not much joy for you, but I would certainly consider setting PUP scanning to Ignore potentially unwanted programs.

Dear DavidR

I actually already disabled it and for the record is the FIRST time that I touch the setting on my installation which means it was set as default  :(

Indeed. No much joy...if any. I am in touch with the technical support from Ismatech but is highly possible that I will have to send the unit back for factory reprogramming.

A very simple upgrade that was supposed to be done within 2 minutes is gonna cost me and take weeks. You might imagine how my colleagues are looking at me right now in the lab after this, right?

dzalf

Offline dzalf

  • Newbie
  • *
  • Posts: 7
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #5 on: August 07, 2019, 04:22:59 PM »
So it's happening RIGHT NOW: I am uninstalling Avast for good and saying goodbye to them for who knows how long.

Perhaps I might reconsider going back if they are serious enough to give me some sort of response but that is NOT likely to happen.

Still technical support from Ismatec are dealing with my case

If you are interested on knowing how this story ends give me some time to sort it out and I'll post the outcome

Cheers

dzalf

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35971
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #6 on: August 07, 2019, 04:57:54 PM »
Quote
I am NOT interested on reporting the file as a false positive since I am certain of its authenticity and functionality.
Reporting it help the next one with same problem
AV vendors cant fix FP problems if no one report it


Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline dzalf

  • Newbie
  • *
  • Posts: 7
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #7 on: August 07, 2019, 06:25:09 PM »
Quote
I am NOT interested on reporting the file as a false positive since I am certain of its authenticity and functionality.
Reporting it help the next one with same problem
AV vendors cant fix FP problems if no one report it

As I mentioned before the file was indeed analysed by Avast. Two minutes after it was sent I got a message indicating that it was safe  :o

Too late. The firmware update had failed already  >:(

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2222
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #8 on: August 08, 2019, 01:50:27 PM »
Quote
I am NOT interested on reporting the file as a false positive since I am certain of its authenticity and functionality.
Reporting it help the next one with same problem
AV vendors cant fix FP problems if no one report it

As I mentioned before the file was indeed analysed by Avast. Two minutes after it was sent I got a message indicating that it was safe  :o

Too late. The firmware update had failed already  >:(

Are you sure it wasn't CyberCapture?
Windows 10 Home 64-bit • Avast Internet Security (latest stable version) • Malwarebytes 3 Premium (latest) • Google Chrome • CCleaner •

Offline dzalf

  • Newbie
  • *
  • Posts: 7
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #9 on: August 12, 2019, 07:08:23 PM »
Pretty sure it wasn't Cybercapture ;)

Quote
I am NOT interested on reporting the file as a false positive since I am certain of its authenticity and functionality.
Reporting it help the next one with same problem
AV vendors cant fix FP problems if no one report it

As I mentioned before the file was indeed analysed by Avast. Two minutes after it was sent I got a message indicating that it was safe  :o

Too late. The firmware update had failed already  >:(

Are you sure it wasn't CyberCapture?

Offline dzalf

  • Newbie
  • *
  • Posts: 7
Re: The PUP feature BRICKED my £2000 Ismatec Reglo ICC peristaltic pump!
« Reply #10 on: August 12, 2019, 07:18:47 PM »
Quick update:

An amazing technician from Reglo contacted me directly from Germany and gave me preliminary instructions on how to burn the bootloader before re-loading the firmware.

To do so I need an MPLAB ICD3 (or ICD4 https://shortly.cc/32Ui as the ICD3 is not longer manufactured ) a .bin file and the same firmware file I was trying to upgrade.

I just ordered everything  for the whopping price of ~£200 + an ICSP adapter (https://shortly.cc/7Va8) (~£30) + shipping.

That's the cost of my misery right now...Avast!!!  :(

Once I have everything sorted I will let you know if I succeeded

Wish me luck!

Cheers

dzalf