Topic: Norton detected World of Warcraft as malware (false positive)

[Samker]

Symantec admitted recently that their Norton Internet Security Suite labels files associated with World of Warcraft as malicious. The security suite deleted the files it thought were malware, causing the game to stop working.

Product Manager Kevin Haley told Computer Active their software suffers "ten to forty" false positives per month. These errors are reviewed monthly at a vice presidential level in the company. Haley told the press, "We had a false positive on World of Warcraft. A human analyst looked at it ... they made a mistake, they looked at it in isolation." The updated World of Warcraft file was analysing the system which made it appear to be a suspicious file. Symantec was alerted to the error on its online forum and fixed the problem very quickly.

Haley went on to say "We test [updates] on 393 Windows platforms, and test with 1.26 million Microsoft operating system files. Including one called svchost.exe." The scvhost.exe was a jab at McAfee whose own security suite caused systems to crash due to a false positive in April. The false positive deleted the svchost.exe file from the computer which caused it to crash on while booting.

Symantec claims that though it may accidentally delete application files due to a false positive from its software it will never delete critical system files. "If we see this file, and how there's malware on it, and we decide at some stage to remove the file, there's a failsafe in the product that says: this is a critical system file, do not remove."

(NW)