Microsoft Fixes Flag That Says Symantec Software Is Spyware

Some users got error messages wrongly saying that Symantec software was riddled with spyware and recommending users remove the 'faulty' packages. Symantec and Microsoft are now working together to help these customers.

Gregg Keizer, Contributor

February 13, 2006

2 Min Read

The preview of Microsoft's Windows AntiSpyware wrongly fingered two Symantec enterprise anti-virus products as password-stealing programs last week. If users followed Microsoft's recommendation and removed the offending Registry key, the Symantec software turned into so much digital junk.

Microsoft has corrected the false flagging, it said Monday. Symantec, meanwhile, announced that it had crafted a free tool to repair damaged installations of its Symantec AntiVirus (SAV) Corporate Edition and Symantec Client Security (SCS).

The problem stemmed from a Windows AntiSpyware Beta 1 update late Thursday, Feb. 9, dubbed "5805, which incorrectly identified a registry key for SAV and SCS as belonging to a password-stealing keylogger known as PWS.Bancos.a, which harks back to 2003.

Microsoft's anti-spyware program prompted users to remove the misidentified registry key; if they did, SAV and SCS stopped working.

"Once this issue was discovered, Microsoft quickly released a new signature set (5807) to remove this false positive," said a Microsoft spokesman Monday. "Both companies are working jointly together to identify the number of affected customers, which we believe to be very limited."

Early Monday, Microsoft recommended that affected users call on Windows XP's System Restore to restore to a time before the keys were deleted, or reinstall the Symantec software. In a separate statement later Monday, Symantec said it had come up with an automated tool to repair affected systems. "This tool is available at no charge from Symantec Product Support Services," a Symantec spokesman said.

Coincidentally, Microsoft and Symantec -- longtime partners -- last week took jabs at each other over the former's official entrance into the consumer security market.

Symantec made a point, however, to stress that its consumer titles, including Norton Antivirus and Norton Internet Security, were not affected by the Microsoft mistake.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights