Skip navigation

Monthly Archives: May 2010

Another Anti-virus runs amuck

There are reports that Symantec antivirus(i.e., Norton) is tripping on files used by Blizzard’s World of Warcraft (WoW). The file in question is scan.dll, which is being reported as an “info stealer”. My guess is that WoW, like many online gaming systems, is scanning PCs for the presence of automation processes known as a BOT (short for robot) or automated scripts, which are considered “cheats” or game modifiers, and are usually a violation of the terms of service. In all likelihood, the method of the scan is what is the cause for alarm by the AV.

This is a very good reason to not allow AV to delete files automatically.

This isn’t the first time that AV programs have caused anguish for users of online games like WoW (one of the reasons some online games recommend disabling AV during play).

Even more concerning is that this is another recent example of false positives that have caused users major anguish (“don’t mess with my game”). It begs the question if AV vendors are rushing out definitions to quickly. It certainly casts as bad light on Symantec and McAfee (involved in major failures in Operating Systems last month).

Skype Spam

I was sitting at my laptop watching 24 and just happened to have Skype on. I got an “alert” that looked like the following:

[9:52:54 PM] Help Support: WINDOWS REQUIRES IMMEDIATE ATTENTION
URGENT SYSTEM SCAN NOTIFICATION ! PLEASE READ CAREFULLY !!

http://www.up{{{I-removed-the-urll}}}.org/

For the link to become active, please click on ‘Add to contacts’ skype button or type it in manually into your web browser !

FULL DETAILS OF SCAN RESULT BELOW
****************************************

WINDOWS REQUIRES IMMEDIATE ATTENTION

ATTENTION ! Security Center has detected
malware on your computer !

Affected Software:

Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2003

Impact of Vulnerability: Remote Code Execution / Virus Infection /
Unexpected shutdowns

Recommendation: Users running vulnerable version should install a repair utility immediately

Your system IS affected, download the patch from the address below !
Failure to do so may result in severe computer malfunction.

http://www.up{{{I-removed-the-urll}}}.org/

For the link to become active, please click on ‘Add to contacts’ skype button or type it in manually into your web browser!

Now, I suppose that this is working for the spammers or they wouldn’t so it, but I have to ask…really? Would you really fall for this kind of thing?