Getting positive trojan infexor when compiling..

[AlanFoo]

Hope someone can help me on this.

When I compiled the codes below to produce the exe code, it gives positive trojan results for
backdoor.Win32.infexor trojan by Emisoft and Ikarus. Even Kapaski gives the same result while compiling under certain conditions (not always... by deleting certain lines)

See http://www.foohokok.com/test/totalvirus.gif

However when I deleted the following line, it gives negative result for trojan.
" result3=WebGadget(10, 0, 31, 0, 0, "c:\visless\test.htm",#PB_EventType_DownloadEnd) "

I sent to http://www.virustotal.com for checking.
This is bad as any exe compiled with purebasic with Webget syntax will now give positive trojan.

Does this happen to anyone of you?

What should I do?

Tell the anti-virus company as false positives? Or should Purebasic themselves do it?

Warmest regards and thanks

Alan

Code: Select all

If OpenWindow(0, 10, 20, 500, 500, "AGE Paperless Homework ",#PB_Window_Maximize | #PB_Window_MaximizeGadget |#PB_Window_MinimizeGadget | #PB_Window_SizeGadget)
  CreateStatusBar(0, WindowID(0))
    StatusBarText(0, 0, "Welcome to the world of AGE - to close the digital divides!  :)", 0)
    
    If connection=1 
      website$="www.paperlesshomework.com"
      Else 
      website$=""
     EndIf
         
  ButtonGadget(1,   0, 0, 50, 25, "Go Back")
  ButtonGadget(2,  50, 0, 50, 25, "Go Next")
  ButtonGadget(3, 100, 0, 50, 25, "Stop")
  StringGadget(4, 155, 5, 0, 20, website$)
  ButtonGadget(5, 0, 0, 25, 25, "Go")
  
  Frame3DGadget(6, 0, 30, 0, 2, "", 2) ; Nice little separator
       
  AddKeyboardShortcut(0, #PB_Shortcut_Return, 0) 
  ResizeWebWindow()    
   [b]result3=WebGadget(10, 0, 31, 0, 0, "c:\visless\test.htm",#PB_EventType_DownloadEnd)  [/b]     Repeat
    Event = WaitWindowEvent()            
     Select Event
      Case #PB_Event_Gadget
      
        Select EventGadget()
          Case 1
            SetGadgetState(10, #PB_Web_Back)
          
          Case 2
            SetGadgetState(10, #PB_Web_Forward)
          
          Case 3
            SetGadgetState(10, #PB_Web_Stop)
             
          
          Case 5
            SetGadgetText(10, GetGadgetText(4))           
        EndSelect         
       
      Case #PB_Event_Menu ; We only have one shortcut
       SetGadgetText(10, GetGadgetText(4))
       Case #PB_Event_SizeWindow
       ResizeWebWindow()                    
  EndSelect        
 Until Event = #PB_Event_CloseWindow  
EndIf

[Trond]

Tell the antivirus company about it. Many have an upload form where you can upload samples and false positives.

[PB]

This type of topic comes up from time to time. Here's the last such one:

http://www.purebasic.fr/english/viewtop ... =7&t=43016

Maybe join that topic, rather than have two separate topics started.

[AlanFoo]

Thanks for the advice.

I don't think it is unique in our software or something.

It seems to affect the command Webgadget command.

This should affect all users of purebasic not just I alone- logically.

Maybe users of purebasic would like to use this command and submit to totalvirus.com to check.

Ikarus anti virus reports backdoor.Win32.infexor trojan to all my programs big and small with this command.

Have sent a report to them through contact page. There dont seem to have any false positive report page.

Alan

[ultralazor]

Just an FYI: There are digital signatures in PB compiler that mach ones used in PE trojan generators and 'cryptors'. It doesn't mean it's even remotely malicious, or potentially.

I doubt you'll get a response from any AV vendor, they seem to think the public don't know what's good for them, cause they can write *signature engines* and you can't. ^^