Symantec returns a Heuristic detection for crash reporter

The below is a report generated by Symantec regarding the crash reporter executable packaged as part of StoneHearth.
If this is in error, you will most likely need to check their sub mission rules and have them white list your file, otherwise it will continue to be flagged as a virus and removed.

Filename: crash_reporter.exe
Threat name: Heur.AdvML.BFull Path: d:\program files (x86)\steam\steamapps\common\stonehearth\crash_reporter.exe

On computers as of
7/18/2017 at 6:41:14 AM

Last Used
7/18/2017 at 6:43:14 AM

Startup Item
No

Launched
No

Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.

crash_reporter.exe Threat name: Heur.AdvML.B
Locate

Many Users
Thousands of users in the Norton Community have used this file.

New
This file was released more than 7 days ago.

High
This file risk is high.

Source: External Media

Source File:
crash_reporter.exe

File Actions

File: d:\program files (x86)\steam\steamapps\common\stonehearth\ crash_reporter.exe Removed

File Thumbprint - SHA:
7adef2aa909e3d87ee1638a186286428231ced3c13c0a802ad9a44343592ca91
File Thumbprint - MD5:
0a7bef0f4c8d0ddfacde451e30bd65ac

Hallo, same here! using Symantec.
see screenshot below

sh_antivirus_report_crash_reporter.png755×689 25 KB

Hallo, same here! using Symantec.
see report below

Nom de fichier : crash_reporter.exe
Nom de la menace : Heur.AdvML.B
Chemin d’accès complet : c:\program files (x86)\steam\steamapps\common\stonehearth\crash_reporter.exe

Sur les ordinateurs au
2017-07-18 à 15:50:53

Dernière utilisation
2017-07-18 à 15:53:13

Elément de démarrage
Non

Lancé
Non

Type de menace : Virus heuristique. Détection d´une menace en fonction d´heuristiques de logiciels malveillants.

crash_reporter.exe Nom de la menace : Heur.AdvML.B
Localiser

Beaucoup d’utilisateurs
Des milliers d’utilisateurs de la communauté Norton ont utilisé ce fichier.

Nouveau
Ce fichier a été publié il y a plus de 7 jours .

Elevé
Ce fichier présente un risque élevé.

Source : Média externe

Fichier source :
crash_reporter.exe

Actions de fichier

Fichier infecté: c:\program files (x86)\steam\steamapps\common\stonehearth\ crash_reporter.exe Supprimé

Empreinte numérique de fichier - SHA :
7adef2aa909e3d87ee1638a186286428231ced3c13c0a802ad9a44343592ca91
Empreinte numérique de fichier - MD5 :
0a7bef0f4c8d0ddfacde451e30bd65ac

happened to me too, didnt even launch the game recently, norton just automatically detected it, and quarantined (deleted) the file

So did this happen when you were downloading the update, or when you run the new version for the first time?

We’ve already contacted them and hopefully they’ll whitelist the file, but if you could flag it as a false positive too it will be helpful.

Evening Stonehearth! I’m usually not on the forums, but will try to be on a later in the week bit to respond.
Tonight my computer removed the following file as a threat (using Norton Anti-virus):
c:\program files (x86)\steam\steamapps\common\stonehearth\crash_reporter.exe
Threat Name: Heur.AdvML.B
Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.

I have not run Stonehearth in a while and was odd to see this pop up. Just wanted to bring it to your attention!

Thanks,
Badger Motsu
(madstrike36)

Wow, a lot of antivirus software thinks crash_reporter.exe is a virus now. That’s weird.

I have had the same experience. It detected the issue with an installation that was 2 months old. Then I updated the program and it deleted this file before the updating finished, breaking the update. Then I deleted it and reinstalled it fresh, all through Steam, and it again found the file and deleted it.

Yep. Just installed Norton a few hours ago. Open up the stonehearth folder, not even run the game, and it removes the crash_reporter. Really Weird.

We told Symantec/Norton, and they’ve confirmed it’s a false alarm. If it happens again, submit a complaint to this form: Report a Suspected Erroneous Detection (False Positive)

Since I originally reported this, I wanted to follow up. This issue has been resolved. I even did a direct scan of the file in question and Symantec returned a “no threats found” result.

Thank you for the speedy action and resolution.