Symantec May Compensate Chinese Users for Erroneous Virus Definition Update

By Michael Santo
Executive Editor, RealTechNews

Well, hey, I haven’t used Norton Antivirus for years. and maybe this is why. Nah, not really. It was mostly because I hate any type of activated software. But my current AV, NOD32, doesn’t hit the system resources anywhere near as hard as Norton does / did, so I’m happier. At any rate, Symantec released a virus definition update that caused its product to ID two Windwos systems files as viruses … and if you deleted them, as it would naturally ask, the user just might have a problem, wouldn’t you think? At any rate, there’s talk of compensation. And based on how I would feel if this happened to me, I’d want some, too!

Symantec Corp. may compensate Chinese computer users whose systems were crippled by an antivirus update last week, a senior director of the company’s security response team said.

Last Friday, about 1 a.m. Beijing time, Symantec delivered a flawed virus-signature update to customers. The update mistook two critical system files of the Simplified Chinese edition of Windows XP Service Pack 2 as a Trojan horse. The two files — netapi32.dll and lsasrv.dll — were falsely quarantined, which in turn crippled Windows. If an affected PC was rebooted, Windows failed on start-up and showed only a blue screen. Source: ComputerWorld

We Say: I recently had BOClean, which has been bought by Comodo and is now freeware, mis-ID aec.sys as a Trojan. First thing I did (rather than saying, delete it), was to check the Comodo website and look for forums … bingo, false positive. But that’s me … I’m pretty cautious when I see an anti-trojan or anti-virus program ask me to delete a system file. Most people, like my wife, might delete the file without a second thought (which is why I warned her immediately ).