Your "barking at the mailman" analogy is good except for the fact that in this case it's impossible for the householder to know for certain if the dog is barking at the mailman or a burglar
That depends on if you've had the same mailman for the last 15 years with no suspicion of being a burglar by anyone else on his route, or he has undergone a background check and security screenings, etc.
Steam and GOG get files directly from developers and have their own security procedures. It is extremely unlikely either would distribute malware.
D:OS 2 has not been updated for 2.5 months. If it were infected, that would mean everyone who has the current update is also affected, and yet nobody else has reported a problem in that time. That is even more true for the D:OS EE Editor, with no updates for more than a year.
Before white-listing any files, you can upload them to the VirusTotal
website. If 40 or 50 virus scanners say a file is fine, and one claims a virus, it is very, very likely a false positive.
Thank you for your detailed response. I can see this from your point of view but my own viewpoint is a little different. I have trusted Norton for years and my computer has been safe for all those years because of Norton and because I am as carefull as possible.
* The mailman analogy is getting a bit old now but in this instance I have no idea what my "mailman" looks like. He could be some Trojan bearing gifts for all I know. He could have been substituted for another "mailman. He could be the same "mailman" but he has been hiding his evil intent until the right moment :) Ok, it's silly now, but do you catch my drift? With the recent internet virus emergencies I think it might be as well to be a little paranoid for a while.
* I believe some developers have files in the games that report back gameplay information to the developer. This will be useful of course but perhaps it could be a vulnerability that could be exploited? I don't know and, if we're honest, neither does anyone else for certain. Hackers find vulnerabilities in Windows OS systems regularly I'm told. Are all game developers better funded and organised than Microsoft? (Some might be :)
Anyway, you are probably correct on all points, you obviously know much more about this than I do. However I am going to stick to my paranoid methods and not touch the files that Norton flags as unsafe - and get my money back where I can. Maybe if everyone did that two things might happen. 1) More developers would complain to Norton and ensure their suspect files are whitelisted quickly. 2) Norton might fine tune their detection methods to cut down on possible "false positives".
There is one other possibilty of course - perhaps Norton's detection methods are fine?