context: I have two anti-virus programs om my computer: a Norton subscription and a trial version of Malwarebytes (no active protection anymore). Before I downloaded the Reshade installer, I made sure to make a restore point in case anything went wrong.
problem: I downloaded an installer of Reshade on the official website (reshade.me) to use LumaSharpen for my Final Fantasy XV playthrough. Norton detected it as a heuristic virus (and during a later scan as a Trojan) and deleted in automatically.
My Norton history showed that I tried to download the installer 5 seperate times. When Norton detected a heuristic virus (first, second and fourth download), it was automatically deleted.When Norton detected Trojan.Gen.6 (third download), it quarantined the file and presumably deleted it afterwards.
On the official Reshade forums, a user by the name of Marty McFly explained that this was a false negative which is triggered by heuristic analysis of Reshade:
“One should probably mention that there is no heuristic virus. When Norton talks about this, ReShade triggered its heuristic analysis which means that it didn't find any actual malware code or known virus signature, it just found that ReShade's behaviour fulfills some criteria for viruses, such as hooking into applications etc.” – Marty McFly
After reading the forum post, I tried to download the Reshade installer again, this time allowing the installer to be fully downloaded by pressing the allow button at the bottom of the Norton pop-up window. I had a bad feeling about the whole situation, so I decided to not install Reshade and deleted the installer in from my downloads folder. After that, I emptied me Recycle bin.
At first, I thought everything was fine, but over the last couple days the installer has kept reappearing in my downloads folder. Since then, I have scanned the file numerous times with both Norton and Malwarebytes Free and have looked through the Norton settings to delete it from the “Excluded List”, both with no success. It keeps reappearing.