Page 1 of 1
gnozal japbe - antivir found virus
Posted: Tue Apr 21, 2009 3:27 am
by Toshy
I'm back with my "google-english"
i unpack the file "jaPBeForPB400_394.exe" from gnozals website an antivir found in file "displaysystemmetrics.exe" an virus called:
TR/Crypt.PEPM.gen.
wat ist "displaysystemmetrics.exe"?
in my old version it don`t exists.
Toshy
Posted: Tue Apr 21, 2009 5:58 am
by idle
most likely nothing, probably a false positive
The file may just be using a packer, which often set of lazy Anti virus checkers.
Re: gnozal japbe - antivir found virus
Posted: Tue Apr 21, 2009 7:47 am
by gnozal
Toshy wrote:i unpack the file "jaPBeForPB400_394.exe" from gnozals website an antivir found in file "displaysystemmetrics.exe" an virus called:
TR/Crypt.PEPM.gen.
All my files are packed [PECompact2 or UPX], this may trigger some false positive with some AV software, specially with heuristics enabled.
Small + packed = virus ...
Toshy wrote:wat ist "displaysystemmetrics.exe"?
in my old version it don`t exists.
A new plugin.
Source is here :
http://www.purebasic.fr/english/viewtopic.php?t=37026
Posted: Tue Apr 21, 2009 10:29 am
by Kaeru Gaman
Warnings containing a ".gen" are definitely Heuristics Warnings.
Depending on Product and Heuristics level, some Antivirus Software is quite trigger-happy.
e.g. some will even mock a Minigame, when you include a JPG image via IncludeBinary.
You could report this False Positive to your AV Company to enable them to set "displaysystemmetrics.exe" on their greenlist.
Posted: Tue Apr 21, 2009 1:39 pm
by Toshy
thanks.
toshy