Is this program malware or a false positive?

JMH · Jan 4, 2013

What can you do if your antivirus software (in this case Norton) identifies a program as a Trojan, but you're pretty sure it's not?

Norton may have indeed given you a false positive when it warned you that a program was malware. But it's just as likely -maybe even more so - that Norton's mistake came when it told you that your hard drive was clean.

And I'm not knocking Norton here. These issues apply to every antivirus program in existence.

If your antivirus program identified something as a Trojan before you ran it, and found no infections afterwards, there's a very good chance that the malware is protecting itself from security software. That's pretty common behavior.

Is this program malware or a false positive? - Techworld.com

AceInfinity · Jan 5, 2013

This shouldn't be attributed to just Norton though, point this out, as many AV's have specific malicious code that it cannot detect. (As the second stanza in the quoted text points out). It's been like this for years though, which is why I've always said that you cannot rely 100% on any AV, you still have to be self-aware.

Best thing to do would be to sandbox that file in question and really see what it is doing on your system or trying to do. If you are curious enough.

Search

Search

Is this program malware or a false positive?

JMH

Moderator, News & Information, BSOD Kernel Dump Senior Analyst, Contributor

AceInfinity

Moderator, Programming, Contributor