Go Back   Steam Users' Forums > Steam Game Discussions > Publisher & Developer Discussions > LucasArts > Armed and Dangerous

Reply
 
Thread Tools Display Modes
Old 01-03-2011, 03:16 AM   #1
RJK3
 
Join Date: Jun 2010
Reputation: 1
Posts: 19
ArmedandDangerous.exe contains Trojan-PWS.Win32.LdPinch (multiple scanners)

I was in the middle of installing Armed and Dangerous, and my virus scanner (Avira) alerted me to the executable armedanddangerous.exe containing TR/PSW.LdPinch.asvt

My heuristics are set to high, so I disabled Avira (to unlock the file) so I could send it to the online scanners:

http://virusscan.jotti.org/en
http://www.virustotal.com/

and the results are below:

Jotti's Virus scanner
http://virusscan.jotti.org/en/scanre...c8e4c987d2b096
8 out of 18 scanners reported malware.

Virus total
http://www.virustotal.com/file-scan/...f80-1294052999
Result: 17/ 42 (40.5%)

A number of them call it LDPinch, while there are generalised names and one instance of Artemis.

Perhaps Steam might wish to investigate.

(I've deleted the game from my hard drive)
RJK3 is offline  
Reply With Quote
Old 01-03-2011, 04:20 AM   #2
MSaint
 
 
 
Join Date: Aug 2010
Reputation: 9
Posts: 84
Got the same problem just seconds ago - armedanddangerous.exe was recognized by Avira as malware.
MSaint is offline   Reply With Quote
Old 01-03-2011, 08:07 AM   #3
RJK3
 
Join Date: Jun 2010
Reputation: 1
Posts: 19
There was a thread in August 2010 on Steam where users wrote it off as just a Kapersky problem: http://forums.steampowered.com/forum....php?t=1639491, but obviously it's no longer just Kapersky saying it.

There is also a thread in the Lucas Arts forum from December 2010 with the same problem, and it was written off by another user as just a Kapersky false positive:
http://forums.lucasarts.com/thread.j...44615&tstart=0

Really, it'd be better for an official word on this as there are a number of scanners reporting a similar trojan. Big companies aren't immune to malware, such as when IBM accidentally distributed infected USB drives at AusCERT security conference which was quite ironic.
RJK3 is offline   Reply With Quote
Old 01-03-2011, 09:02 AM   #4
RJK3
 
Join Date: Jun 2010
Reputation: 1
Posts: 19
Sent to Avira to test as possible false positive; I'll update when I have more information.
RJK3 is offline   Reply With Quote
Old 01-07-2011, 05:43 AM   #5
RJK3
 
Join Date: Jun 2010
Reputation: 1
Posts: 19
False positive Re; Armed and Dangerous trojan

Just letting anyone interested know that Avira has confirmed that this particular detection is actually a false positive, so the Steam version of Armed and Dangerous is safe to use.

You will have to tell your virus scanner to always ignore ArmedAndDangerous.exe.
RJK3 is offline   Reply With Quote
Old 01-11-2011, 07:59 AM   #6
MSaint
 
 
 
Join Date: Aug 2010
Reputation: 9
Posts: 84
It's nice to be sure about that, thanks for the info.
MSaint is offline   Reply With Quote
Old 01-16-2011, 12:46 PM   #7
curryburry
 
 
 
Join Date: Oct 2009
Reputation: 1
Posts: 223
some anti-virus programs see steam games exe files as viruses. it happened to me in metro 2033 with nod32. dunno why but its weird.
curryburry is offline   Reply With Quote
Old 01-20-2011, 08:31 PM   #8
whollymindless
 
Join Date: Dec 2009
Reputation: 0
Posts: 3
Microsoft Security Essentials also hit

Microsoft Security Essentials flagged ArmedAndDangerous.exe and testapp.exe as having "PWS:Win32/Kurit!rts" - a password stealer.

I'm assuming that this is a similar hit and will report as a probably false positive for their review.
whollymindless is offline   Reply With Quote
Reply

Go Back   Steam Users' Forums > Steam Game Discussions > Publisher & Developer Discussions > LucasArts > Armed and Dangerous


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -7. The time now is 08:06 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site Content Copyright Valve Corporation 1998-2012, All Rights Reserved.