Hello, I am the developer of https://chrome.google.com/webstore/detail/jfedfbgedapdagkghmgibemcoggfppbb. My users have reported that Norton is deleting the extension, labeling it as PUA.MalBrowExten. This leaves me with no choice but to have my users choose between keeping the extension or uninstalling Norton. I hope to avoid this situation. Please conduct a thorough investigation. The extension is open-source, and its repository is available at https://github.com/xifangczy/cat-catch. The JavaScript code is not even obfuscated. If the issue cannot be resolved, I will have to advise my users to uninstall Norton and use other antivirus software.

Never seen it posted here where Norton removed a browser extension any browser. Edge and Chrome have similar protections built in so one would think if one detects something nefarious both would. Chrome appears the target for this issue being seen. The user in question most likely has their Chrome browser hijacked in some fashion. I would have them run a full scan with Malwarebytes to see what, if anything it turns up. 

SA

SoulAsylum:

All: The issues I am viewing when going to this link the OP posted, the app in question is also not listed on the Google Play store, US at least. If users are getting this app from Github, that is most likely the issue. Github has become a repository for malware over the past couple of years. Norton isn't seeing users installing it and nailing it most likely for those reasons. The app hasn't been properly vetted via Google at this point and time. 

https://chrome.google.com/webstore/detail/jfedfbgedapdagkghmgibemcoggfppbb

and I'm not seeing PUA.MalBrowExten [here] because.....?  I'm not running the app to it's full potential? 

I've not heard of Norton v22.x deleting a browser extension.  
@SoulAsylum have you?

All: The issues I am viewing when going to this link the OP posted, the app in question is also not listed on the Google Play store, US at least. If users are getting this app from Github, that is most likely the issue. Github has become a repository for malware over the past couple of years. Norton isn't seeing users installing it and nailing it most likely for those reasons. The app hasn't been properly vetted via Google at this point and time. 

https://chrome.google.com/webstore/detail/jfedfbgedapdagkghmgibemcoggfppbb(link is external).

SA

Norton 360 Deluxe II

@xifangczy
Norton 360 - version#? = v22.x.x.x or v24.x.x.x?

xifangczy:

The user has this extension installed in both Chrome and Edge. The cat-catch code for these two browsers is identical, but Norton only handles the Chrome extension. According to the user, the cat-catch on Chrome has been deleted twice. Moreover, it is not completely deleted every time; there will suddenly be a day when it is reported and then automatically deleted. I am not sure what PUA.MalBrowExten exactly is. Could it be caused by not using an extension for a long time? Or is it due to some other reason?

Sorry, I'm not knowing how to reproduce...my side.

We'll try to call attention:  No promises.  No timeline. 

Sorry, I'm not familiar with cat-catch...so, I'm not fully using the extension.  

For Norton technical issues please include details:

• Norton product or service name and version
• Operating system - version / build 
• Norton error message / error code / screen shot (mask PII)
• Steps to reproduce issue
• DO NOT post any Personally Identifiable Information (PII) such as your email address, product key or phone number

 bjm_:
I'll install cat-catch on Chrome...now, as test. 

xifangczy:

The user has this extension installed in both Chrome and Edge. The cat-catch code for these two browsers is identical, but Norton only handles the Chrome extension. According to the user, the cat-catch on Chrome has been deleted twice. Moreover, it is not completely deleted every time; there will suddenly be a day when it is reported and then automatically deleted. I am not sure what PUA.MalBrowExten exactly is. Could it be caused by not using an extension for a long time? Or is it due to some other reason?

File name: PUA.MalBrowExten
Full path: Not available
____________________________
____________________________
On computer
Not available
Last used
Friday, 5/17/2024 ( 19:29:34 )
Startup item
No
Started
No
Threat type: Security risk. A program that poses a security or privacy risk and has not been classified as malicious.
____________________________
PUA.MalBrowExten
Location
Unknown
The number of users in the Norton community who have used this file is unknown.
Unknown
The version of this file is currently unknown.
Low
This file is low risk.
____________________________
Source: External media
____________________________
File operation

=================================================

You're reporting cat-catch extension on Chrome is deleted by Norton? while cat-catch on Edge is not deleted by Norton?  Okay, I had installed cat-catch on Edge.  I'll install cat-catch on Chrome...now, as test. 

Sorry, I've not heard of Norton deleting a browser extension.  

What OS? What Norton? What Chrome version? 

For Norton technical issues please include details:

• Norton product or service name and version
• Operating system - version / build 
• Norton error message / error code / screen shot (mask PII)
• Steps to reproduce issue
• DO NOT post any Personally Identifiable Information (PII) such as your email address, product key or phone number

The user has this extension installed in both Chrome and Edge. The cat-catch code for these two browsers is identical, but Norton only handles the Chrome extension. According to the user, the cat-catch on Chrome has been deleted twice. Moreover, it is not completely deleted every time; there will suddenly be a day when it is reported and then automatically deleted. I am not sure what PUA.MalBrowExten exactly is. Could it be caused by not using an extension for a long time? Or is it due to some other reason?

文件名: PUA.MalBrowExten
完整路径: 不可用
____________________________
____________________________
在电脑上 
不可用
上次使用时间 
2024/5/17 周五 ( 19:29:34 )
启动项 
否
已启动 
否
威胁类型: 安全风险。 会引发安全或隐私风险，且尚未归类为恶意程序的程序。
____________________________
PUA.MalBrowExten
定位
未知
Norton 社区中使用了此文件的用户数未知。
未知
此文件版本当前未知。
低
此文件具有低风险。
____________________________
来源: 外部介质
____________________________
文件操作
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\catch-script\catch.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\catch-script\i18n.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\catch-script\recorder.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\catch-script\recorder2.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\catch-script\search.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\catch-script\webrtc.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\css\options.css已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\css\popup.css已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\css\public.css已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\aria2-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\aria2.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\cat-down-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\cat-down.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\copy-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\copy.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\download-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\download.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\icon-disable.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\icon.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\icon128.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\parsing-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\parsing.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\play-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\play.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\player-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\player.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\qrcode-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\qrcode.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\regex-dark.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\regex.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img\web-favicon.png已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\background.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\content-script.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\download.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\firefox.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\function.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\i18n.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\init.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\json.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\m3u8.downloader.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\m3u8.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\media-control.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\mpd.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\options.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js\popup.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\base64.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\hls.min.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\jquery.json-viewer.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\jquery.min.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\jquery.qrcode.min.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\m3u8-decrypt.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\mpd-parser.min.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\mux.min.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib\StreamSaver.js已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_locales\en\messages.json已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_locales\zh_CN\messages.json已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_locales\zh_TW\messages.json已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_metadata\computed_hashes.json已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_metadata\verified_contents.json已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\download.html已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\json.html已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\m3u8.html已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\manifest.json已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\mpd.html已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\options.html已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\popup.html已删除
文件: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\privacy.html已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\catch-script已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\css已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\img已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\js已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\lib已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_locales\en已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_locales\zh_CN已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_locales\zh_TW已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_locales已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0\_metadata已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb\2.5.2_0已删除
目录: C:\Users\simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfedfbgedapdagkghmgibemcoggfppbb已删除

____________________________

文件指纹 - SHA:
不可用
文件指纹 - MD5:
不可用

Norton 360 Deluxe II

This is the log submitted by the user.

},
   "id": "jfedfbgedapdagkghmgibemcoggfppbb",
   "location": "INTERNAL",
   "manifest_version": 3,
   "name": "cat-catch",
   "path": "C:\\Users\\bjm\\AppData\\Local\\Microsoft\\Edge\\User Data\\Default\\Extensions\\jfedfbgedapdagkghmgibemcoggfppbb\\2.5.2_0",
   "permissions": {

What is a PUA (Potentially Unwanted Application) or PUP (Potentially Unwanted Program)?
https://us.norton.com/blog/malware/what-are-puas-potentially-unwanted-applications

How can I permanently remove PUA.MalBrowExten?
https://community.norton.com/en/forums/how-can-i-permanently-remove-puamalbrowexten 08-Oct-2021

Hello @xifangczy
Welcome to Norton Community
````````````````````````````````````````````````````

Do you know their Norton product + version number? 

as test: installed extension from Chrome store on W10 + Norton 360 v22.24.5.6
Web media sniffing tool - A music/video address display tool...

The cat-catch resource sniffing extension helps you filter the resources that list the current page. Various tools such as sniffing, caching, capture, and video recording are provided to help scrape resources. You can add the types of resources you want to crawl in the settings, including resources such as images.

https://o2bmm.gitbook.io/cat-catch

When/How does extension get deleted? 
as test: downloaded YouTube.mp3 file

For Norton technical issues please include details:

• Norton product or service name and version
• Operating system - version / build 
• Norton error message / error code / screen shot (mask PII)
• Steps to reproduce issue
• DO NOT post any Personally Identifiable Information (PII) such as your email address, product key or phone number

Caveat: I'm not familiar with cat-catch