|
|||||||
 |
|
|
Thread Tools | Display Modes |
01-03-2011, 03:16 AM
|
#1 |
 Join Date: Jun 2010
Reputation: 1
Posts: 19
|
ArmedandDangerous.exe contains Trojan-PWS.Win32.LdPinch (multiple scanners)
I was in the middle of installing Armed and Dangerous, and my virus scanner (Avira) alerted me to the executable armedanddangerous.exe containing TR/PSW.LdPinch.asvt
My heuristics are set to high, so I disabled Avira (to unlock the file) so I could send it to the online scanners: http://virusscan.jotti.org/en http://www.virustotal.com/ and the results are below: Jotti's Virus scanner http://virusscan.jotti.org/en/scanre...c8e4c987d2b096 8 out of 18 scanners reported malware. Virus total http://www.virustotal.com/file-scan/...f80-1294052999 Result: 17/ 42 (40.5%) A number of them call it LDPinch, while there are generalised names and one instance of Artemis. Perhaps Steam might wish to investigate. (I've deleted the game from my hard drive) |
|
|
|
01-03-2011, 04:20 AM
|
#2 |
|
Join Date: Aug 2010
Reputation: 9
Posts: 84
|
Got the same problem just seconds ago - armedanddangerous.exe was recognized by Avira as malware.
|
|
|
|
|
01-03-2011, 08:07 AM
|
#3 |
|
Join Date: Jun 2010
Reputation: 1
Posts: 19
|
There was a thread in August 2010 on Steam where users wrote it off as just a Kapersky problem: http://forums.steampowered.com/forum....php?t=1639491, but obviously it's no longer just Kapersky saying it.
There is also a thread in the Lucas Arts forum from December 2010 with the same problem, and it was written off by another user as just a Kapersky false positive: http://forums.lucasarts.com/thread.j...44615&tstart=0 Really, it'd be better for an official word on this as there are a number of scanners reporting a similar trojan. Big companies aren't immune to malware, such as when IBM accidentally distributed infected USB drives at AusCERT security conference which was quite ironic. |
|
|
|
|
01-03-2011, 09:02 AM
|
#4 |
|
Join Date: Jun 2010
Reputation: 1
Posts: 19
|
Sent to Avira to test as possible false positive; I'll update when I have more information.
|
|
|
|
|
01-07-2011, 05:43 AM
|
#5 |
|
Join Date: Jun 2010
Reputation: 1
Posts: 19
|
False positive Re; Armed and Dangerous trojan
Just letting anyone interested know that Avira has confirmed that this particular detection is actually a false positive, so the Steam version of Armed and Dangerous is safe to use.
You will have to tell your virus scanner to always ignore ArmedAndDangerous.exe. |
|
|
|
|
01-11-2011, 07:59 AM
|
#6 |
|
Join Date: Aug 2010
Reputation: 9
Posts: 84
|
It's nice to be sure about that, thanks for the info.
|
|
|
|
|
01-16-2011, 12:46 PM
|
#7 |
 Join Date: Oct 2009
Reputation: 1
Posts: 222
|
some anti-virus programs see steam games exe files as viruses. it happened to me in metro 2033 with nod32. dunno why but its weird.
|
|
|
|
|
01-20-2011, 08:31 PM
|
#8 |
|
Join Date: Dec 2009
Reputation: 0
Posts: 3
|
Microsoft Security Essentials also hit
Microsoft Security Essentials flagged ArmedAndDangerous.exe and testapp.exe as having "PWS:Win32/Kurit!rts" - a password stealer.
I'm assuming that this is a similar hit and will report as a probably false positive for their review. |
|
|
|
|
|
||||||
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT -7. The time now is 04:46 PM.
© 2012 Valve Corporation. All rights reserved. All trademarks are property of their respective owners in the US and other countries.