全スレッド > Steam 掲示板 > Steam Discussions > トピックの詳細
FighterSoldier 2023年11月29日 16時12分
Malware spotted from Steam file
I just got a notification from my antivirus that a malware has been spotted from a Steam file. Has anyone else's antivirus spot anything suspicious from Steam too or is it just me?

Edit: It is likely a false positive. My antivirus is Webroot, and I don't know if this is exclusive to Webroot, but it considers that Steam file as a threat.
最近の変更はFighterSoldierが行いました; 2023年11月29日 19時28分
このトピックの作成者がこの投稿に質問への回答というマークを付けました。
こちらをクリックすると、その投稿へ移動します。
投稿主: Kage Goomba:
Well lookie here.
https://www.reddit.com/r/antivirus/comments/186jxp9/webroot_detecting_a_temporary_steam_startup_file/

Looks like its a new thing.
Research shows its a known and frequent target of malware but generally not a threat unless your system is already compromised.

Odds are - its a false positive and webroot fudged up.

If it was a threat - I'm rather confident my package would have stuck a fork in steam already.

Id flag it with webroots folks - and make an exception to ignore it/restore it or you'll risk breaking steam or something.

UNLESS - you do have a problem - one can never be too careful - but odds are in your favor (that being its not a problem)

May want to notify Steam Support as well - they have the weight to give Webroot the evil eye and tell them to "Knock it off"
< >
1-15 / 51 のコメントを表示
DarkCrystalMethod 2023年11月29日 16時15分 
Only a few times in a few foreign games. They were all false alarms though.
#1
Kage Goomba 2023年11月29日 16時16分 
1: Which antivirus? There's dozens out there - many of which are shoddy/fake/hostile
2: What is the actual malware/message.

Now I'm running a VERY aggressive security suite
Steam is clean as clean as it gets - so pretty sure you have a false positive.

Unless you are modding or using 3rd party software that tampers with your steam client.
#2
FighterSoldier 2023年11月29日 16時17分 
DarkCrystalMethod の投稿を引用:
Only a few times in a few foreign games. They were all false alarms though.

Interesting...

My antivirus said the threat has been removed though so maybe in my case it was a real malware.
#3
Kage Goomba 2023年11月29日 16時18分 
FighterSoldier の投稿を引用:
DarkCrystalMethod の投稿を引用:
Only a few times in a few foreign games. They were all false alarms though.

Interesting...

My antivirus said the threat has been removed though so maybe in my case it was a real malware.

You still have yet to identify who/what.
Might help if you fill in the blanks.
#4
FighterSoldier 2023年11月29日 16時18分 
Kage Goomba の投稿を引用:
1: Which antivirus? There's dozens out there - many of which are shoddy/fake/hostile
2: What is the actual malware/message.

Now I'm running a VERY aggressive security suite
Steam is clean as clean as it gets - so pretty sure you have a false positive.

Unless you are modding or using 3rd party software that tampers with your steam client.

1. Webroot Security
2. Don't know exactly, but apparently it's from a Steam file, and now it says threat removed
#5
Kage Goomba 2023年11月29日 16時21分 
FighterSoldier の投稿を引用:
Kage Goomba の投稿を引用:
1: Which antivirus? There's dozens out there - many of which are shoddy/fake/hostile
2: What is the actual malware/message.

Now I'm running a VERY aggressive security suite
Steam is clean as clean as it gets - so pretty sure you have a false positive.

Unless you are modding or using 3rd party software that tampers with your steam client.

1. Webroot Security
2. Don't know exactly, but apparently it's from a Steam file, and now it says threat removed

You don't know...... no malware program out there would say you have something without saying what that something is.

It makes it hard to identify if you have a problem or not.
But alas - if steam is still working and your ok - then you can go about your gaming day.

Or you can keep digging - and maybe report to the Devs that they had a false positive - IF that's what that is.

AFAIK Steam hasn't really ever triggered a false positive in ages - but then I I'm running Security suites on Steroids - and they are extremely picky.
最近の変更はKage Goombaが行いました; 2023年11月29日 16時22分
#6
FighterSoldier 2023年11月29日 16時23分 
Kage Goomba の投稿を引用:
FighterSoldier の投稿を引用:

1. Webroot Security
2. Don't know exactly, but apparently it's from a Steam file, and now it says threat removed

You don't know...... no malware program out there would say you have something without saying what that something is.

It makes it hard to identify if you have a problem or not.
But alas - if steam is still working and your ok - then you can go about your gaming day.

Or you can keep digging - and maybe report to the Devs that they had a false positive - IF that's what that is.

Yeah I don't know how to find that removed malware in Webroot, I'm trying to find out exactly what it is.
#7
Aluvard 2023年11月29日 16時23分 
FighterSoldier の投稿を引用:
Kage Goomba の投稿を引用:
1: Which antivirus? There's dozens out there - many of which are shoddy/fake/hostile
2: What is the actual malware/message.

Now I'm running a VERY aggressive security suite
Steam is clean as clean as it gets - so pretty sure you have a false positive.

Unless you are modding or using 3rd party software that tampers with your steam client.

1. Webroot Security
2. Don't know exactly, but apparently it's from a Steam file, and now it says threat removed
Strange that it didn't inform you what exactly it is removing and from where nor asked for permission to do it.
My inner cynism says, that it was most likely false positive and done solely to improve statistics.
最近の変更はAluvardが行いました; 2023年11月29日 16時26分
#8
DarkCrystalMethod 2023年11月29日 16時24分 
I don't know much about webroot but most good antivirus programs have a log of actions taken. Also perhaps the virus file was "quarantined" (moved to a safe location where it can't do any harm, but it could be restored if you really needed that file... and it should tell you what the original location was)
#9
FighterSoldier 2023年11月29日 16時25分 
Aluvard の投稿を引用:
FighterSoldier の投稿を引用:

1. Webroot Security
2. Don't know exactly, but apparently it's from a Steam file, and now it says threat removed
Strange that it didn't inform you what exactly it is removing and from where nor asked for permission to do it.

Yeah I just ran a scan and I guess it got removed during the scan.
#10
Kage Goomba 2023年11月29日 16時25分 
FighterSoldier の投稿を引用:
Kage Goomba の投稿を引用:

You don't know...... no malware program out there would say you have something without saying what that something is.

It makes it hard to identify if you have a problem or not.
But alas - if steam is still working and your ok - then you can go about your gaming day.

Or you can keep digging - and maybe report to the Devs that they had a false positive - IF that's what that is.

Yeah I don't know how to find that removed malware in Webroot, I'm trying to find out exactly what it is.

Open Webroot itself - check the systray to do that - most are hiding there (near your windows clock in the corner) - check for preferences/settings - anything that says logs history quarantine jar etc.
Those key words should point you to some kind of record or history as to what it did.
最近の変更はKage Goombaが行いました; 2023年11月29日 16時26分
#11
Aluvard 2023年11月29日 16時29分 
Kage Goomba の投稿を引用:
1: Which antivirus? There's dozens out there - many of which are shoddy/fake/hostile
2: What is the actual malware/message.

Now I'm running a VERY aggressive security suite
Steam is clean as clean as it gets - so pretty sure you have a false positive.

Unless you are modding or using 3rd party software that tampers with your steam client.

Out of curiosity - what kind of security suite?
#12
DarkCrystalMethod 2023年11月29日 16時30分 
John wicks pencil🖉 の投稿を引用:
You mean Zlib1.dll? i got the same as well. apparently its to compress and decompress files on steam maybe.
If it is that file and its part of the windows installation of steam then it "should" come back when you restart steam... perhaps triggering the antivirus again.
I have C:\Program Files (x86)\Steam\zlib1.dll and its 115,048 bytes(properties window of the file). Neither Norton360Premier or SystemMechanicPro is complaining about it.
最近の変更はDarkCrystalMethodが行いました; 2023年11月29日 16時32分
#13
FighterSoldier 2023年11月29日 16時30分 
Kage Goomba の投稿を引用:
FighterSoldier の投稿を引用:

Yeah I don't know how to find that removed malware in Webroot, I'm trying to find out exactly what it is.

Open Webroot itself - check the systray to do that - most are hiding there (near your windows clock in the corner) - check for preferences/settings - anything that says logs history quarantine jar etc.
Those key words should point you to some kind of record or history as to what it did.

Tried to check, appears no threat log saved, but I did find the execution history, trying to check there.
最近の変更はFighterSoldierが行いました; 2023年11月29日 16時31分
#14
FighterSoldier 2023年11月29日 16時33分 
DarkCrystalMethod の投稿を引用:
John wicks pencil🖉 の投稿を引用:
You mean Zlib1.dll? i got the same as well. apparently its to compress and decompress files on steam maybe.
If it is that file and its part of the windows installation of steam then it "should" come back when you restart steam... perhaps triggering the antivirus again.

Yeah I got the notification after the Steam update I think.
#15
< >
1-15 / 51 のコメントを表示
ページ毎: 1530 50

全スレッド > Steam 掲示板 > Steam Discussions > トピックの詳細
投稿日: 2023年11月29日 16時12分
投稿数: 51
新しいスレッドを作成

ルールとガイドライン