Possible False Positive in paburntools.exe

  • Symantec is (incorrectly?) flagging as suspicious cloud. Other sites are flagging differently. Not sure whether it is from .68 or .69.

    sha256 is e13953364bb6447cc0c1a17e09003614a903801327766b0d9fb2c27bbfa82ad8

  • conexware

    do you have Symantec AV? If so, can you please report it as false positive? We will be sending in the report today as well.

    Thanks for letting us know!

  • conexware

    This has been fixed by AV vendor. Please let us know if it re-appears in the future. We issue a lot of releases and their fix was white listing it. Thank you.

  • It’s still not fixed yet, it’s a heuristic detection. I had to disable heuristic protection in the Norton AV settings to stop it from deleting paburntools.exe and then reinstall PowerArchiver 2016. Report false positive at https://submit.symantec.com/whitelist/.
    Filename: paburntools.exe
    Threat name: Suspicious.CloudFull Path: c:\program files (x86)\powerarchiver\paburntools.exe

    On computers as ofcensored
    2/25/2016 at 12:52:55 AM

    Last Usedcensored
    2/25/2016 at 12:54:55 AM

    Startup Itemcensored


    Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.

    paburntools.exe Threat name: Suspicious.Cloud

    Very Few Users
    Fewer than 5 users in the Norton Community have used this file.

    Very New
    This file was released less than 1 week censoredago.

    This file risk is high.

    Source: External Media

    Source File:

    File Actions

    File: c:\program files (x86)\powerarchiver\ paburntools.exe Removed

    File Thumbprint - SHA:
    File Thumbprint - MD5:
    Not available

  • conexware

    Should be running fine by now, they said they will include it into next update?

Log in to reply