top of page

Update on Virus and Malware Scanning

03/12/2023 Update - please see

Sometimes antivirus programs that use AI mark the NM Collector Software CP executable as a risk. This is the best explanation I have found for it from a fellow developer using the same tools that I am using:

"This has come up before. The packaged exe works by creating a new process (ie starting Java). This is seen as a possible threat by "AI" based antivirus/antimalware software. I had this problem with Malwarebytes. I reported this as a false positive and don't have the issue anymore."


  • These virus detection tools are constantly changing and there is no telling where they will go next.

  • The last time I checked (see links below) only one flagged a potential issue and it is a virus detection tool based on Machine Learning (ML).

Run even if Anti Viral Software on Windows Quarantines NMCollectorCP.exe

It is the executable that the anti-viral software sometimes misstates as dangerous, not like not the program. If for some reason your Windows computer decides to quarantine the NMCollectorCP.exe executable, and you do not want to recover it from quarantine, you can still run the program on your computer as follows.

  1. Browse to the extracted NMCollectorCP_Win directory

  2. Execute the run.bat file which runs the program without using the executable.

SentinelOne (Static ML) Static AI - Suspicious PE

I was unable to find a way to report a false positive for SentinalOne.

In previous articles I have discussed scanning for viruses and malware. In one of those articles I mentioned as an on-line scanning tool. My Mac and Linux deployments did not send up any flags in VirusTotal.

However, as I noted, the Windows files I submitted set off flags for some of the vendors on These are most likely due to the fact that executables are a wrapper for the underlying java program. This looks like suspicious behavior to some virus and malware detectors. This was actually confirmed by MalwareBytes who did correct the problem on their end. Please see for more information.

UPDATE: Here are the latest scan results for V 2.0.1

SentinelOne is the only vendor that flagged any of my software with (Static ML) Static AI - Suspicious PE.


VirusTotal - File - e45a8fa1cc400c2c0611c343745b7765ce57e462a909e65e80fa97d7b92e03dd

Setup NMCollectorCP.exe

VirusTotal - File - 3e4c9000305c5a143a8de06498febe328f4919197931b838a58b76d451114013

VirusTotal - File - 1d6996651eef5a07907a7a30f71164ca0173019e16a20f86f95daa523f163466

11 views0 comments
Post: Blog2_Post
bottom of page