To my suprise this afternoon, scanner.exe, the executable of Superscan 2.06, is being identified by Symantic Antivirus Corporate Addition version 10.1.x as being infected with the backdoor.Graybird.

Also, Superscan 4.0 is being identified as a hack-tool and being removed.

I have no idea why, all of a sudden, that Symantec Antivirus is finding this stuff. Superscan 2.06, I have used since at lease 2002, almost as long on this same computer. We have been using the Symantec Corporate Antivirus since around 2000. Backdoor.graybird was discovered in April of 2003. None of this makes sense, none of the dates match. Someone in the anti-virus definition has made a big (to me) mistake and having to call Symantec on this really scares me. I actually found Superscan 2.06 on tucows.com mirror and downloaded it. Even a new file is detected with the backdoor. I followed all of the information on the Symantec site of how Backdoor.Graybird infects your machine, and none of them are found on any of the machines I have used Superscan on (4). This is all crap, an now another tool I can’t use if I leave anti-virus scanner on my machine.

So another person in the shop here has been attempting to contact Symantec on this issue. I scoured their website and there seems not to be any electronic help for Anti-virus. This poor person has now been passed around in the bowels of Symantec for over an hour and now has his fifth phone number. All we want to do is report a false-positive so we can get our tools on our machines again.

It’s funny, each phone number and new person we speak to seems to be getting us closer to America–even the music is different.

Will we ever make it back from the bowels of Symantec support? Who knows…

4 new numbers and 2 disconnections, still nothing…