It makes 2 days since i reported and nothing,
i tryed adding it to exclusions and it still blocks Phantasy Star Online. (SHPsoBBw.exe)
Come on Avast let me play it when there is nothing wrong with it lol…
http://schtserv.com/forum/viewtopic.php?f=65&t=93248
Hi Otaku Ichise
Here at the latest VT results avast does not flag it: https://www.virustotal.com/en/file/2d50e814f7fba19ee6612aaa3ea3998736cb9ee7f47879ee08e4a7f5756920ea/analysis/
Probably it is flagged as a FP because of y0da’s Crypter v1.2
The amount of av’s detecting it were 17 initially and that has gone down to 5 that flag this now in VT.
Consider the analysis here: http://www.threatexpert.com/report.aspx?md5=f4c62362de094fde5c69fdb742afdc1a
For the mutex used: http://coal.carboncapturereport.org/cgi-bin//profiler?key=ddrawdriverobjectlistmutex_ddrawwindowlistmutex&pt=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication]+*+Name registry modification is also found for autorun worms
and the generic detection apparently appeared on boot…
Considering: %System%\GameGuard\npgl.erl
All in all probably a false positive i.m.h.o. and should be reported as such, and SHPsoBBw.exe could be excluded in the mean time.
polonus
Thanks for the info Polonus,
also forgot to update avast program even though virus definitions are up to date ~_~
after updating program got to say i like the new looks xD
Avast found 2 of these
win 32: dropper gen
on my desktop and I moved them to the chest. Now what do I do to remove them? I found this- http://www.im-infected.com/trojan/win32-dropper-gen-drp.html
any ideas or will avast remove them with a patch?