Search

Update on Virus and Malware Scanning

Updated: Feb 13



Sometimes antivirus programs that use AI mark the NM Collector Software CP executable as a risk. This is the best explanation I have found for it from a fellow developer using the same tools that I am using:

"This has come up before. The packaged exe works by creating a new process (ie starting Java). This is seen as a possible threat by "AI" based antivirus/antimalware software. I had this problem with Malwarebytes. I reported this as a false positive and don't have the issue anymore."

NOTES:

  • These virus detection tools are constantly changing and there is no telling where they will go next.

  • The last time I checked (see links below) only one flagged a potential issue and it is a virus detection tool based on Machine Learning (ML).

Run even if Anti Viral Software on Windows Quarantines NMCollectorCP.exe


It is the executable that the anti-viral software sometimes misstates as dangerous, not like not the program. If for some reason your Windows computer decides to quarantine the NMCollectorCP.exe executable, and you do not want to recover it from quarantine, you can still run the program on your computer as follows.

  1. Browse to the extracted NMCollectorCP_Win directory

  2. Execute the run.bat file which runs the program without using the executable.


SentinelOne (Static ML) Static AI - Suspicious PE


I was unable to find a way to report a false positive for SentinalOne.


In previous articles I have discussed scanning for viruses and malware. In one of those articles I mentioned virustotal.com as an on-line scanning tool. My Mac and Linux deployments did not send up any flags in VirusTotal.


</