Reported virus in signed file


Just had a user complain that Acronis active reported this. He said Norton 360 reported the same.

Well, the file is signed so shouldn’t that mean that possibles should be ‘ignored’, shouldn’t it?

I submitted the file to Virus total and none of it’s scanners reported any issue.

Anyone got a half (quarter) possible explanation of what’s going on here?

False positives happen all the time.

Most (but not all) av vendors have somewhere you can report false positives - they usually push out definition updated every day and are pretty quick to deal with false positives.

Signing a file does not guarantee anything about the infected state of that file.

Also, try using https://www.virustotal.com - that is a great website for objective testing.

Most virus scanners simply have a list of known files or programs and if not on the list, flags it as a potential virus. Adding the program on the anti virus page usually fixes the problem.