Norton found a Trojan

[salamcast]

Norton AV flagged this file (exe release) as having a Trojan.Gen.6 .

[dvessel]

I get the same with Windows Defender:

Trojan:Win32/Bitrep.A

Alert level: Severe Status: Quarantined Date: 9/13/2018

Recommended action: Remove threat now.

Category: Trojan Details: This program is dangerous and executes commands from an attacker.

Learn more

...

[markwkidd]

Thank you for reporting this. I've contacted Microsoft and Norton to ask them to confirm that this is a "false positive."

Norton has already replied with the following statement confirming the false positive and indicating that Norton AV should stop flagging Playlist Buddy soon. I have not heard back yet from Microsoft.

In relation to submission 109625.

Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:

File name: RetroArch Playlist Buddyv1.0_2018-03-02.exe
MD5: C3AE072180AAE3475F4E2FC53BFFA604
SHA256: 5D283F2C3AA89F344C22D92020C3054DB8F3A9307D484CF2825734508D443347
Note: Whitelisting is available by downloading a RAPID RELEASE indicated in the Further Information section below or via the next Live Update

Further Information: Required RAPID RELEASE sequence >= 195639

The latest Rapid Release definition available here: ftp://ftp.symantec.com/AVDEFS/norton_antivirus/rapidrelease To check the current sequence number of the Rapid Release definition: https://www.symantec.com/security_response/definitions/rapidrelease More information on Rapid Release definitions can be found: https://support.symantec.com/en_US/article.TECH103326.html

If detection persists, please contact support:

• Norton: https://support.norton.com/sp/en/us/home/current/info
• SEP: https://support.symantec.com/en_US/endpoint-protection.54619.html

Decisions made by Symantec are subject to change if alterations to the Software are made over time or as classification criteria and/or the policy employed by Symantec changes over time to address the evolving landscape.

[markwkidd]

Microsoft/Windows Defender has also responded to my false positive report by confirming that Playlist Buddy does not have a trojan. Hopefully that will take care of the issue you all have experienced.

[dvessel]

Thanks for the update. Windows Defender is no longer flagging it as a virus. Whoohoo!

Side note: I play an MMO that uses Xingcode and it always flags it as a suspicious program (0xE019100B) and quits the program. This happens in older versions as well. Not a big deal though. This anti-cheat is problematic to say the least. I sent in a log file to their support department so it's a little less annoying.

[d-rez]

FYI now Firefox is reporting the same after downloading the file