Steam installeren
inloggen
|
taal
简体中文 (Chinees, vereenvoudigd)
繁體中文 (Chinees, traditioneel)
日本語 (Japans)
한국어 (Koreaans)
ไทย (Thai)
Български (Bulgaars)
Čeština (Tsjechisch)
Dansk (Deens)
Deutsch (Duits)
English (Engels)
Español-España (Spaans - Spanje)
Español - Latinoamérica (Spaans - Latijns-Amerika)
Ελληνικά (Grieks)
Français (Frans)
Italiano (Italiaans)
Bahasa Indonesia (Indonesisch)
Magyar (Hongaars)
Norsk (Noors)
Polski (Pools)
Português (Portugees - Portugal)
Português - Brasil (Braziliaans-Portugees)
Română (Roemeens)
Русский (Russisch)
Suomi (Fins)
Svenska (Zweeds)
Türkçe (Turks)
Tiếng Việt (Vietnamees)
Українська (Oekraïens)
Een vertaalprobleem melden
look at the google result for "TR/Crypt.ZPACK.Gen2 Trojan" it is flagged as a false positive a fair amount, also if a file does have a virus whats to say it was that initial file that was infected, it could be a payload offloaded via a worm etc if it is indeed a virus at all.
I am well aware of what a false positive is. Having multiple experiences with malware / keygens / cracks, its almost UNHEARD of for official legimite software to trip heuristics, if your well versed with false positives that is.
What strikes me as very odd is the fact that I had no such detection for the past 2, yes TWO YEARS running this game, those files were clean - until a very recent change it seems. Steam has yet to fess up about their steam url exploit debacle, let alone admit that they have a problem, I highly doubt that a false positive is involved here.
It really makes no sense whatsoever at how multiple, clean, 2 year old files got swapped out overnight and *coincidentally* my game stopped working at the exact same time, while tripping my AV guard, all at once.
To fix it you'll need to add an exeption to your virus scanner, and verify your game cache to restore the files.
Dully noted, thanks for the input. Unfortunately adding an exception is not my defintiion of a fix, until I get some transparency on the matter. I am wondering if I can submit my files to some sort of malware lab to run an extensive investigation on the decompiled / dissembled files.
Ideally, if someone could provide me with a previous clean version of these files, that would be much appreciated!
The MD5 checksum for my server.dll is 4C59FE83C8D540E0195119D62A967C38 (on both my server and my client). If your MD5 checksum matches mine, then you do have 'clean' versions.
You might be waiting for a long time for a fix. Packers are a common feature in software. http://en.wikipedia.org/wiki/Executable_compression
Thanks for sharing your insight,
On that note regarding the occurence of false positives, I have run into numerous false positives on pirated software - but never once on legitimate software, for example out of my entire steam games library, L4D2 is the ONLY game that tripped heuristics and whats even stranger - It passed malware detection tests just fine for the past two years.
Regarding my AV definition updates - I have killed the update service / updates are disabled. To update, I have to re-enable my updater service and do it manually. Additonally I'm running an ancient build dated back from 2010 ; has the exact heuristics that passed the previous versions of L4D2.
What worries me most is that these files are currently residing on the steam servers and being propogated all around as a game update, steam update servers pushing these suspicious files out to clients.
By the way, could I bother you to upload your files to try? I have yet to run MD5 sums on my files as they are in quarantine though logic says that the files should be scanned prior to comparing MD5 sums as those might be MD5 sums of the infected dlls themselves.
The files are :
S:\Steam\steamapps\common\left 4 dead 2\bin\stdshader_dx9.dll
S:\Steam\steamapps\common\left 4 dead 2\left4dead2\bin\server.dll
S:\Steam\steamapps\common\left 4 dead 2\left4dead2\bin\server.dll