topic False positive - Legitmate installer/game launcher &quot;Generic.Ml&quot; in VirusTotal https://live.paloaltonetworks.com/t5/virustotal/false-positive-legitmate-installer-game-launcher-quot-generic-ml/m-p/272907#M1106 <P><A href="https://www.virustotal.com/gui/file/cb9643dd7796807339ad294842b905b5a7698b67b60ee1ef9d9eda769f2accee/detection" target="_blank">https://www.virustotal.com/gui/file/cb9643dd7796807339ad294842b905b5a7698b67b60ee1ef9d9eda769f2accee/detection</A></P><P>&nbsp;</P><P>"Generic.Ml"</P><P>Distribution URL is <A href="http://cloud.quicksnooker.com/qsLaunch3.exe" target="_blank">http://cloud.quicksnooker.com/qsLaunch3.exe</A></P><P>&nbsp;</P><P>Hi<BR /><BR />I am the author of this program - which is the legitimate launcher/installer for Quick Snooker - an on-line Snooker game, running for nearly 20 years and with 100,000+ installs.<BR /><BR />The summary on the (VirusTotal) 'behavior' tab is accurate - the program makes no attempt to disguise what is does.<BR />It downloads a location from quicksnooker.com, and then downloads and unzip files from <A href="http://cloud.quicksnooker.com" target="_blank">http://cloud.quicksnooker.com</A> (our content delivery network hosted in the 'google cloud'.)<BR />The files containing the main executable QuickSnooker.exe, and a set of resources (images, textures, sound and geometry files).<BR />The program also creates a folder (%LocalAppdata%\qs8) , a desktop shortcut, and the appropriate registry keys to uninstall Quick Snooker program when requested.<BR /><BR />Of course it *looks* very Trojan like - but it is harmless and complies with industry standard clean guidelines.<BR /><BR />See our terms or help sections at <A href="http://quicksnooker.com" target="_blank">http://quicksnooker.com</A></P><P>&nbsp;</P><P>Please remove ASAP</P><P>&nbsp;</P><P>Hopefully your "ML" will be smart about future versions ?</P><P>&nbsp;</P><P>thanks in advance</P><P>&nbsp;</P><P>Nick Axworthy</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 25 Jun 2019 13:49:15 GMT quicksnooker 2019-06-25T13:49:15Z False positive - Legitmate installer/game launcher "Generic.Ml" https://live.paloaltonetworks.com/t5/virustotal/false-positive-legitmate-installer-game-launcher-quot-generic-ml/m-p/272907#M1106 <P><A href="https://www.virustotal.com/gui/file/cb9643dd7796807339ad294842b905b5a7698b67b60ee1ef9d9eda769f2accee/detection" target="_blank">https://www.virustotal.com/gui/file/cb9643dd7796807339ad294842b905b5a7698b67b60ee1ef9d9eda769f2accee/detection</A></P><P>&nbsp;</P><P>"Generic.Ml"</P><P>Distribution URL is <A href="http://cloud.quicksnooker.com/qsLaunch3.exe" target="_blank">http://cloud.quicksnooker.com/qsLaunch3.exe</A></P><P>&nbsp;</P><P>Hi<BR /><BR />I am the author of this program - which is the legitimate launcher/installer for Quick Snooker - an on-line Snooker game, running for nearly 20 years and with 100,000+ installs.<BR /><BR />The summary on the (VirusTotal) 'behavior' tab is accurate - the program makes no attempt to disguise what is does.<BR />It downloads a location from quicksnooker.com, and then downloads and unzip files from <A href="http://cloud.quicksnooker.com" target="_blank">http://cloud.quicksnooker.com</A> (our content delivery network hosted in the 'google cloud'.)<BR />The files containing the main executable QuickSnooker.exe, and a set of resources (images, textures, sound and geometry files).<BR />The program also creates a folder (%LocalAppdata%\qs8) , a desktop shortcut, and the appropriate registry keys to uninstall Quick Snooker program when requested.<BR /><BR />Of course it *looks* very Trojan like - but it is harmless and complies with industry standard clean guidelines.<BR /><BR />See our terms or help sections at <A href="http://quicksnooker.com" target="_blank">http://quicksnooker.com</A></P><P>&nbsp;</P><P>Please remove ASAP</P><P>&nbsp;</P><P>Hopefully your "ML" will be smart about future versions ?</P><P>&nbsp;</P><P>thanks in advance</P><P>&nbsp;</P><P>Nick Axworthy</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 25 Jun 2019 13:49:15 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive-legitmate-installer-game-launcher-quot-generic-ml/m-p/272907#M1106 quicksnooker 2019-06-25T13:49:15Z Re: False positive - Legitmate installer/game launcher "Generic.Ml" https://live.paloaltonetworks.com/t5/virustotal/false-positive-legitmate-installer-game-launcher-quot-generic-ml/m-p/276360#M1118 <P>I have entered this file for further analysis</P> Fri, 12 Jul 2019 16:58:55 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive-legitmate-installer-game-launcher-quot-generic-ml/m-p/276360#M1118 dparris 2019-07-12T16:58:55Z