A recent signature file for the beta version of Microsoft Windows AntiSpyware incorrectly identifies a registry key of Symantec antivirus software. Users who remove the identified key render the antivirus software inoperable. Reinstallation of the Symantec software may be necessary.
The Windows AntiSpyware Beta 1 signature 5805, which was released on Thursday, incorrectly flags a Symantec registry key as "belonging to a password stealing malware known as PWS.Bancos.A," according to a Microsoft spokesperson. Windows AntiSpyware prompts the user to remove the key. Removing the key causes the affected Symantec products to stop working correctly. The issue surfaced on a Microsoft discussion board. Microsoft describes the number of affected users as "very limited."
The problem affects users of Symantec Antivirus (SAV) Corporate Edition versions 7, 8, 9 and 10, and Symantec Client Security (SCS) versions 1, 2 and 3. This problem does not affect users of Norton Antivirus and Norton Internet Security. In addition, users of any Symantec products are not affected if they are using Microsoft Windows Defender Beta 2, either in Windows XP or preview versions of Windows Vista.
Microsoft quickly released a new signature set (5807) to remove this incorrect identification. Microsoft has also reminded users that Windows AntiSpyware is beta software, which should not be used in production environments.
Edmund X. DeJesus (firstname.lastname@example.org) is a freelance writer in Norwood, Mass.