03-30-2011 12:17 PM - edited 03-30-2011 12:19 PM
I would like to report that Norton Power Eraser detects BitTorrent.exe as Suspicious.
File name: BitTorrent.exe
Submission date: 2011-03-30 19:04:11 (UTC)
Current status: finished
Result: 1/ 41 (2.4%)
MD5 : 46854c694aaadb49e12a459f74a6dd0d
SHA1 : bc06aafa168b02a5caca697e66411105f7ced62f
-John Jr :)
03-30-2011 12:31 PM
It actually is suspicious isn't it?
If you didn't knowingly install the program it could be used in a very bad way. It's a file sharing program and it could just as easily be sharing all your personal files if someone else installed it.
I use a legitimate remote administator program so I can connect into my other systems and Norton always detects it as a security risk labeling it as a remote control software. Thats exactly what it is, the only difference between it and a remote access trojan is that I installed it and I controll it.
Do you think Norton should just skip all these programs and always assume everyone knows exactly what programs they have installed and what all of them do and are capable of?
03-30-2011 12:43 PM
I did knowingly install it. :)
If Norton thinks it is suspicious, then Norton thinks it is suspicious, I will let the Experts decide; I am not against Experts sharing what they think. ;)
I am just posting to see if this is a false positive or what not, that is all. ;)
I like to have the Anti-malware Teams double check every detection to make sure, that is all. ;)
Thank you for sharing that. :)
03-31-2011 09:32 PM
Because of the aggressiveness of the tool, it is more likely to object to more applications and have a much higher rate of false positives. It is not a good second opinion scanner. It is for the purpose of removing malware that safer methods have failed to remove.
03-31-2011 09:46 PM - edited 03-31-2011 09:52 PM
I already knew from the warning already given by Norton about the product, I always try to double check any detections anyway, regardless; so it is not much of a problem to me, but I still like to report things.
If I think something is malicious and am not sure, I just quarantine it and try to get other opinions, and if it turns out to be malware; I remove it. ;)
It would be nice if NPE had its own forum and/or a way to submit false positives/malware from the program itself. :)
Anyway, thank you for commenting again. :)
04-01-2011 02:31 PM
Thank you for your input. We are currently looking into this and i will update this thread if we find anything but it appears as though the bittorrent file shares some suspicious attributes. Your first screenshot shows that it wasn't detected outright, only listed in the second group of 'suspicious' so its not so much an FP, especially when you factor in the aggressive nature of NPE.
We always appreciate feedback.
04-01-2011 02:45 PM
Thank you, at first it was detected as Bad, but I think after I had it Submitted through NPE, then it was detected as Suspicious after I did another NPE scan. ;)
Thank you for your time & responding. :)
04-01-2011 05:10 PM - edited 04-01-2011 05:12 PM
Here it is, from a NPE scan from today: :D
And after Submitting the file:
Now my post is more accurate. ;)