Generic Trojan DX recognized and removed by McAfee

All topics about ZGameEditor goes here.

Moderator: Moderators

Post Reply
Just4Fun
Posts: 4
Joined: Mon Jul 06, 2009 6:24 pm

Generic Trojan DX recognized and removed by McAfee

Post by Just4Fun »

Hello:

I just stumbled onto ZGE. I decided to download it and give it a try. It looks like a great program.

Problem: My virus checker automatically removes a file: kkruncher.exe and gives me a false positive for a generic Trojan DX.

I notice that this topic has come up previously as a problem, but I don't find a fix. Maybe I just can't use the software. I don't want to create software that sends out false positives for a virus.

Can anyone tell me more about this? I'm running Vista. McAfee is the virus checker.

Thanks :D
Top
User avatar
Kjell
Posts: 1895
Joined: Sat Feb 23, 2008 11:15 pm

Post by Kjell »

Hello,

This is a known problem, and to be honest .. I think kkrunchy.exe should be excluded from public releases / beta's to prevent this kind of confusion. Let me explain the situation.

Kkrunchy is a so-called "packer". A program that compresses a .exe file, making it significantly smaller in file size. At the moment, when you're creating your .exe from ZGE you have 3 options. A normal exe / screensaver without any compression, UPX compression ( I haven't seen any AV's give false positives on this compression as of yet ), or KKrunchy .. which unfortunately returns false positives with some AV's simply because they are not familiar with the compression.

So don't worry .. you can use ZGE without any problem and build your .exe without any compression or using UPX compression.

Welcome to the club :wink:
Kjell
Last edited by Kjell on Mon Jul 06, 2009 7:37 pm, edited 1 time in total.
Top
User avatar
VilleK
Site Admin
Posts: 2280
Joined: Mon Jan 15, 2007 4:50 pm
Location: Stockholm, Sweden
Contact:
Contact VilleK

Post by VilleK »

Hi,

It's a shame because kkrunchy is a more efficient packer than upx and it is not a damaging program in any way (as Kjell explains above).

Since this is a recurring problem I've now removed kkrunchy from both the beta and standard download of ZGE.

If anyone still wants to use kkrunchy it can be downloaded here: http://www.pouet.net/prod.php?which=26088
Put kkrunchy.exe in the Tools subdirectory of ZGameEditor and then select kkrunchy compression setting in Settings-dialog inside ZGameEditor.

/Ville
Top
Just4Fun
Posts: 4
Joined: Mon Jul 06, 2009 6:24 pm

Post by Just4Fun »

Hi:

Thanks for your quick replys and the explanation. I will delete the version that I just downloaded and re-download the version without kkrunchy.exe.

I'm getting a few hickups with the current software and Vista so I will do a clean install.

Too bad about kkrunchy.exe. Seems like it a neat feature to use the compression. It's a shame we all have to worry so much about viruses, etc.
Top
kattle87
Posts: 402
Joined: Wed Sep 26, 2007 9:06 am
Location: Italy

Post by kattle87 »

Good thing that UPX compression is still viable (as usual WAY LESS false positives)... Well, it doesn't really matters getting that 10-20% extra compression from kkrunchy!
And BTW: welcome to the forums!
In the fall of 1972 President Nixon announced that the rate of increase of inflation was decreasing. This was the first time a sitting president used the third derivative to advance his case for reelection.
-=Hugo Rossi=-
Top
Post Reply

Return to “General discussion”