CODEWITHSUNDEEP
androidantivirusandroid-instant-runtrojannorton
AppiDevo
AppiDevo

Reputation: 3235

android InstantRun - Norton Security finds Trojan

A week ago Norton Security started to find Trojan horse (Trojan.Gen.NPE.2) in file R.class located:

app\build\intermediates\transforms\instantrun\debug\folders\1\5\main\android\support\v4\ r.class

and

app\build\intermediates\transforms\instantrunslicer\debug\folders\1\5\slice_2\android\support\v4\ r.class

Link to virustotal.com scan: https://www.virustotal.com/pl/file/282f4e09c102cd93c2f849c9fe9ed570188f5a03395ab84d2457a7c64d7acb1c/analysis/1499458308/

And the code:

package android.support.v4;

import com.android.tools.fd.runtime.IncrementalChange;
import com.android.tools.fd.runtime.InstantReloadException;

public final class R {
    public static final long serialVersionUID = 830508538663712626L;

    public R() {
        IncrementalChange var1 = $change;
        if(var1 != null) {
            Object[] var10001 = (Object[])var1.access$dispatch("init$args.([Landroid/support/v4/R;[Ljava/lang/Object;)Ljava/lang/Object;", new Object[]{null, new Object[0]});
            Object[] var2 = (Object[])var10001[0];
            this(var10001, (InstantReloadException)null);
            var2[0] = this;
            var1.access$dispatch("init$body.(Landroid/support/v4/R;[Ljava/lang/Object;)V", var2);
        } else {
            super();
        }
    }

    R(Object[] var1, InstantReloadException var2) {
        String var3 = (String)var1[1];
        switch(var3.hashCode()) {
        case -1968665286:
            super();
            return;
        case -71951640:
            this();
            return;
        default:
            throw new InstantReloadException(String.format("String switch could not find \'%s\' with hashcode %s in %s", new Object[]{var3, Integer.valueOf(var3.hashCode()), "android/support/v4/R"}));
        }
    }
}

Is it false alarm?

Upvotes: 7

Views: 1084

Answers (2)

JRG
JRG

Reputation: 4187

I cant add exclusions in Symantec on my laptop as its company's laptop and excluding applications, files or folders feature is deactivated. So in order to get going i have disabled instant run to get going else i can't even install app on my emulator and get stuck with installation errors.

You can disable instant run by unchecking instant run in Settings in Android Studio.

NOTE: This is just workaround and not permanent solution.

enter image description here

Upvotes: 4

kichik
kichik

Reputation: 34744

You can report this false positive to Symantec and have them fix it.

https://submit.symantec.com/false_positive/

Upvotes: 2

Related Questions