For those of you who still chose to use any of Symantec’s anti-virus products, you should be aware of some of the false detections that may occur. One of my fellow MVP’s has written an article about the problem. Another MVP is even suggesting that Symantec should be dumped because of poorly written detections. On the web site it states:

Symantec detects suspicious entries in the MVPS HOSTS file

Well here we go again … another security program with a poorly written detection … seems Symantec added a new update SecurityRisk.URLRedir which they describe as “detection for suspicious entries added to the hosts file

The following entries are (falsely) detected as suspicious:

dl.jiangmin.com
ads.mcafee.com
directads.mcafee.com
sdc.mcafee.com
sdc.ca.com
sdc.mcafee.com
wdcs.trendmicro.com
om.symantec.com
tc.symantec.com

Looks like they are detecting anything related to a Antivirus program regardless of what the entry is … except for “dl.jiangmin.com” which McAfee describes as “Upon execution it connects to “dl.jiangmin.com” and adds “BaiduBar.dll” as Browser Helper Object for the Internet Explorer and installs itself as the toolbar

Comments welcome.

Full article is here.

[tags]symantec, false detection, code, products, entries,  [/tags]