What he posted is correct.
When a computer program is made that an Antivirus doesn't know how to interpret (such as a program packed with an executable obfuscator such as Themida) it flags the program as a malicious file because of the way Themida scrambles the file.
If everyone makes their program look the same on the surface, then it gives you this warning detection as it cannot 'look at' the file without executing the code, which may or may not be malicious.
Most AntiViruses tend to flag the file as malicious as there is no way to determine whether a file is malicious or not, hence why it says generic in the description - not all Gen2 files are malicious, but some may be.
The reason AV programs do this is mainly for work computers; a common user at work has all their executables whitelisted by their systems administrator and you don't typically need to protect code sections while doing work - or using any application that doesn't need to be protected to prevent cheating. When in situations like this, antivirus vendors tend to err on the side of caution rather than have a hacker have a free ticket to compromise a computer by buying a product like Themida and have a free bypass for their AV software.
Here is a virustotal link of the application.
https://www.virustotal.com/en/file/4...e998/analysis/
Notice the detections in some programs flag it as Themida, this is because some of the code sections are missing/mislabeled.
[You must be logged in to view images. Log in or Register.]
For more information on Themida, read up here:
http://www.oreans.com/themida.php
08-12-2014, 03:30 PM
Linear Mode
