gnozal japbe - antivir found virus

Toshy · Post by **Toshy** » Tue Apr 21, 2009 3:27 am

I'm back with my "google-english"

i unpack the file "jaPBeForPB400_394.exe" from gnozals website an antivir found in file "displaysystemmetrics.exe" an virus called:
TR/Crypt.PEPM.gen.

wat ist "displaysystemmetrics.exe"?
in my old version it don`t exists.

Toshy

Post by **idle** » Tue Apr 21, 2009 5:58 am

most likely nothing, probably a false positive

The file may just be using a packer, which often set of lazy Anti virus checkers.

gnozal · Post by **gnozal** » Tue Apr 21, 2009 7:47 am

Toshy wrote:i unpack the file "jaPBeForPB400_394.exe" from gnozals website an antivir found in file "displaysystemmetrics.exe" an virus called:
TR/Crypt.PEPM.gen.

All my files are packed [PECompact2 or UPX], this may trigger some false positive with some AV software, specially with heuristics enabled.
Small + packed = virus ...

Toshy wrote:wat ist "displaysystemmetrics.exe"?
in my old version it don`t exists.

A new plugin.
Source is here : http://www.purebasic.fr/english/viewtopic.php?t=37026

Kaeru Gaman · Post by **Kaeru Gaman** » Tue Apr 21, 2009 10:29 am

Warnings containing a ".gen" are definitely Heuristics Warnings.

Depending on Product and Heuristics level, some Antivirus Software is quite trigger-happy.

e.g. some will even mock a Minigame, when you include a JPG image via IncludeBinary.

You could report this False Positive to your AV Company to enable them to set "displaysystemmetrics.exe" on their greenlist.

Toshy · Post by **Toshy** » Tue Apr 21, 2009 1:39 pm

thanks.

toshy

PureBasic Forums - English

gnozal japbe - antivir found virus

gnozal japbe - antivir found virus

Re: gnozal japbe - antivir found virus