Just this afternoon NIS '09 pops up and tells me it has blocked a trojan horse. It had actually blocked and removed the necessary files for my PortableApps.com suite located on my flash drive.

I know this is not a virus. Norton has never identified anything from PortableApps.com as a threat until now. I restored the files through Norton, but they are again detected and removed immediately. So, I tried downloading the file/application I needed from PortableApps.com and even that was blocked and said to be a trojan horse! The file name is "PortableApps.com_Platform_Setup_1.5.2.exe".

The worst part in all of this is that I cannot seem to restore the files or stop Norton from blocking and removing them. There is no way to add a specific file to exclude (that I know of). Of course, I shouldn't have to. That's the job of NIS and that's what I'm paying for. I understand that the application must be displaying some sort of characteristic that is similar to a trojan horse, but it's very annoying when I know that it isn't and can't do anything about it short of disabling NIS altogether.

Has anyone else had this issue or would anyone be willing to attempt to recreate my situation? The application I'm trying to download is the "Platform Only" (located here: http://portableapps.com/download). For some weird reason the apps loaded with the programs don't trip NIS. It's only the one application both when trying to download it and when it is installed.

Any help or response would be appreciated. Thanks.

Googling your issue returns a hit for almost every security software company you've ever heard of.  PortableApps.com is so prone to generating false positives that they have posted the following notice on their support page.

---

 AntiVirus and AntiSpyware False Positives

Some false positive reports occasionally pop up in different antivirus products in conjunction with software. This is partially due to the compression and portablization techniques used and partially due to a failure of some antivirus companies to fully test their virus definition updates before sending them out to users. If you encounter a false positive, please test the file in another antivirus product before reporting the issue to us in the forums to ensure that it's not an error in their software. Several companies make available online scanners for individual files, so you won't even have to install software (virustotal.com, Jotti). You can also use ClamWin Portable. Thanks for your help.

---

So while your situation is no doubt quite aggravating, it seems to be a common issue shared by a great number of anti-malware programs.  Your best course of action would be to click that "Submit to Symantec" button so the file can be examined and the false positive can be corrected.

---

delphinium wrote:
You should be able to open Norton's main screen, go to computer settings and scroll down to where you will find "Scan exclusions."  Click on configure and add the files to both auto-protect and scan exclusions.  Only if you are sure it is a false positive!

---

This is the way to go. Just exclude from scanning and you will be fine

Actually the only way to get this to work right now is to disable Auto Protect.  The Trojan Horse is a High Risk category and you can not exclude that from the scanning.  So until Norton / Symantec adjusts the definitions for the scanning, the only recourse is to disable Auto Protect for the time it takes to download / install the software.

If you 100% sure that this file is not threat..and than follow my way to get this thing resolved..see this picture keenly and than do..

first turn off auto protect than follow these setting parameters...and your file will not picked as trojan or something..!!

And do not forget to turn on your protection that is auto protect of Norton after doing all these things..

please upload your detected file to threat expert and virus total and share the results with us....

http://i248.photobucket.com/albums/gg181/sweetvivek007/Untitled-2.jpg 

Turning off Auto Protect is all you have to do.

Thanks to everyone for the quick response. I was able to reinstall the files and add the exclusions (thanks to delphinium for showing me how to do that). After re-enabling Auto-Protect, everything seemed fine. However, after a couple of hours I came back to a message from Norton telling me that once again it had protected me from a trojan horse and had removed the files, despite the fact they were added in the exclusions list.

Fortunately, I did a little digging and found the other file application that will still allow me to launch the PortableApps menu. I guess it's better to be protected against nothing than to not be protected at all. It's pretty annoying at times, though. Kind of like an overprotective mother.

Thanks again to everyone for the help and suggestions. I appreciate it very much.

Just this afternoon NIS '09 pops up and tells me it has blocked a trojan horse. It had actually blocked and removed the necessary files for my PortableApps.com suite located on my flash drive.

I know this is not a virus. Norton has never identified anything from PortableApps.com as a threat until now. I restored the files through Norton, but they are again detected and removed immediately. So, I tried downloading the file/application I needed from PortableApps.com and even that was blocked and said to be a trojan horse! The file name is "PortableApps.com_Platform_Setup_1.5.2.exe".

The worst part in all of this is that I cannot seem to restore the files or stop Norton from blocking and removing them. There is no way to add a specific file to exclude (that I know of). Of course, I shouldn't have to. That's the job of NIS and that's what I'm paying for. I understand that the application must be displaying some sort of characteristic that is similar to a trojan horse, but it's very annoying when I know that it isn't and can't do anything about it short of disabling NIS altogether.

Has anyone else had this issue or would anyone be willing to attempt to recreate my situation? The application I'm trying to download is the "Platform Only" (located here: http://portableapps.com/download). For some weird reason the apps loaded with the programs don't trip NIS. It's only the one application both when trying to download it and when it is installed.

Any help or response would be appreciated. Thanks.