Anti-Spyware Software Wars – Can’t they get along?!


Last year, we noted how some security products could cause conflicts that would cause computers to lock up — but there’s another (less troublesome) trend that’s happening as well: security products declaring competing products as malware and removing them.

Just a little over a week ago, the latest version of Microsoft’s anti-spyware offering declared Symantec’s anti-virus offering as malware. However, it looks like Kaspersky Labs has Symantec’s back on this one. Its latest anti-spyware offering flagged some Microsoft anti-virus software as being malware. Of course, this was bound to happen, since many security products often have to do things that look quite like malware.

This is only likely going to get worse — and many of these standalone companies might want to start thinking about proactively trying to deal with the issue. In the meantime, it seems like the security suite providers should be using this as an opportunity to hype up how their combined offering does everything in one package (even if that’s not quite true), so you never need additional, conflicting software.

According to several different support threads over at Microsoft’s user groups forum, the latest definitions file from Microsoft “(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer).”

When Microsoft Anti-Spyware users remove the flagged Norton file as prompted, Symantec’s product gets corrupted and no longer protects the user’s machine. The Norton user then has to go through the Windows registry and delete multiple entries (registry editing is always a dicey affair that can quickly hose a system if the user doesn’t know what he or she is doing) so that the program can be completely removed and re-installed.

I put in calls to Microsoft and to Symantec on this issue, but am still waiting to hear back from both companies.

Source: Washington Post

I have had similar problems in the past with things detecting HijackThis! or Spybot as Malware..or playing with having two level 7 firewalls installed.

Posted in: Malware

, , ,


Latest Posts:


tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.


Comments are closed.