Microsoft's Anti-Spyware Software Update Kills Norton Anti-Virus

A recent update to MSAS (Microsoft's Anti-Spyware Software) has been causing a lot of damage to Symantec's very own Norton Anti-Virus software. Microsoft's anti-spyware application flags Norton as a password-stealing program and prompts users to remove it. The latest definitions file from Microsoft "(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer)."

When the removing of the file occurs, Symantec's software becomes corrupt. This ultimately requires the Norton users to go in and manually delete multiple entries in the Windows Registry (this is something that sounds simpler than it actually is).

Microsoft said it is shipping updates that fix this problem. It's noteworthy to mention that Microsoft's Anti-Spyware is actually in Beta mode and the company's product page says that Microsoft Anti-Spyware should not be deployed in production systems.

You can look through many of the complaints/problems people have been having with this latest issue on their Web site.

Here's a comment by 'Denny':

I downloaded the latest Microsoft Anti-Spyware definitions (February 10, 2006 at 8:53:10 AM) and ran a LiveUpdate in Norton Anti-Virus corporate edition this morning. After downloading, I ran a scan in both NAV and MSAS. The NAV scan detected nothing but MSAS detected the PWS.Bancos. A password stealer on
my computer.

MSAS said there were 1405 infected registry locations and most of the reported infected locations look like they were associated with Norton Anti-Virus. Our systems here are auto-protected with a NAV server.

I had MSAS remove the threat. Now, after reboting NAV is disabled and I cannot start it from the 'Open Symantec AntiVirus...' menu item when I click on the SysTray icon, nor can I find NAV in Add/Remove programs to repair it.
The NAV SysTray icon has an exclamation point. MSAS appears to be working normally.

Now people want to know, is this Microsoft's faux pas? Or are they just messing with the Symantec people? I guess it goes to show you that Microsoft wasn't kidding about deplying Betas in production environments.