Hello,

I am a user of Windows XP Professional SP3 as well as of Norton Security(Standard) 22.7.0.76...Recently, I had left my laptop idle for a couple of hours and when I was back, Norton alerted me that it had detected and fixed threats...I checked security history and there were 141(yes, a hundred and forty one) of them! All of them were named as Heur.AdvML.B, which I find a bit weird...

Of course, it is quite possible but these files that were quarantined were mostly driver installation files which I might need in the future, along with some files in the Windows directory...

Since these files may be critical and might be needed sometime or the other and I believe that these files may be clean(some of the quarantined files include very common ones like wordpad.exe),I submitted one of them as a possible false positive(wordpad.exe) but Symantec says the detection cannot be revoked since the file is bad/infected...

I have uploaded one of the detected files on virustotal and the fact that most other well-known security software like Bitdefender,Kaspersky,Trend micro,just to name a few did not classify that file as a threat;only Norton and some other ones like AVG,avast(which I do not trust much)did...

Yes, I do not challenge Symantec's statement and I am sure that the required analysis has been carried out well...However, since these files have been on my laptop since I installed Norton(in 2011) and they were not detected till today,plus they are critical-at least I believe so and please tell me if they could be replaced-and all of them are classified as infected by the same threat, I believe this might be an error...Yes, there is the possibility that they were infected recently but then any files downloaded are scanned by download insight, plus I run full system scans at least once a fortnight, so that is quite difficult to be true...

So, could this really be an error(false positive) or is it not? Moreover,what could be done, other than simply excluding these files?

Thanks

jabhay