afaict, clamav is the only antivirus that is flagging notepad2 (the paf, not the main-exe) as a trojan...
it looks like folks have checked the file (monthly?) since june of this year... see: https://www.virustotal.com/en/file/51a048bdfbe2c718312560cf49f31148ee8b7...
and my most-recent check at the other-place is at: http://virusscan.jotti.org/en/scanresult/b7a52cabc03ecbd215634ce5ece9d49...
my question, assuming that it is indeed a false-positive, has to do with why i was not able to locate any mention of it in the forums...
NADA: https://portableapps.com/search/node/trojan%20notepad2
UNRELATED: https://portableapps.com/search/node/trojan%20notepad
otoh - am i incorrect in assuming that this is a false-positive? oddly, i was surprised that the language was listed as turkish - so maybe that is the issue? idk... in case it matters, the trojan is listed as BC.Heuristic.Trojan.SusPacked.BF-6.B fwiw...
tia, h.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
This is indeed a false positive, which is why there's nothing mentioned anywhere. You can tell it's a FP due to the fact no other antivirus vendors list it as such, as well as the fact that it is a "heuristic" result, list as "suspicious". In other words, the program is guessing.
I've submitted it to ClamAV to fix.
I just hot an email back from ClamAV, stating that this has now been fixed in their database, in daily 19529
Anytime you see a single antivirus engine flag a file and all others say it's clear, it's a false positive. In those cases, there's no need to even ask. You can submit the false positive to the antivirus publisher or ask us to by posting a heads up in the forums here.
Sometimes, the impossible can become possible, if you're awesome!
thanx for the explanations - and to the dude who is submitting it to clam-av to fix...
i guess im a little bit shy to do so (submit a file as false-positive) since i didnt make it (the file)... also, i guess the other-folks who had been testing the file since june (it was released in april afaict) had more common-sense than i did on the subject...
so - assuming i ever notice something like this again - ill just post-here and hope the person who created-the-paf will submit it..
thx again, h.
Something to keep in mind is that when you submit a file to an antivirus company stating they've classified it as a virus falsely, they don't just take your word for it, they check the file themselves. So it doesn't matter if you built the file or not.
Antivirus companies don't technically let you submit files as false positives, rather they let you submit files as possible false positives, then they check to see if you're right and add the files that they deem to be safe to their whitelist.
~3D1T0R
im grateful for all the comments and insights... ive often claimed that 'common sense' is neither necessarily common, nor sensical...
so - posting here (whether id submitted-it as a potential-FP or not) is still useful...
have fun, h.