I should also add that the infection is labeled as W32.rogue.gen

The same thing showed up for me except it's in c:\program files (x86)\steam\package\tmp\bin\

The same showed up for me as well. I restarted my computer and the webroot is no longer a virus.

Scratch that, as soon as I opened steam the it detected the virus again

It's a false positive. SOme virus programs have overly sensitive heuristics.

How do you know it is a "false positive"? I also have it reported within the last half hour. Webroot says it is in the "steamservice.exe" file.

Just make sure to quarantine it and delete it but other than that it was nothing.

Originally posted by ozkat (VegasOZ):

How do you know it is a "false positive"? I also have it reported within the last half hour. Webroot says it is in the "steamservice.exe" file.

Submit it to virus total. Thing is, in downloading games or updates... files are downloaded in parts. sometimes AV progies with sensitive heuristics see those parts as questionable and take action. If you're downloading from steam the file has generally been through more virus checks than anything and the publisher would be an outright idiot to do that since thier name, billing address and banking info are all known to steam

When the parts are deleted or quarantined the file as a whole winds up missing a chunk so when the file is completed it hjas holes in it which will generally prevent it from running.

If you have doubts send the file to Virus Total. If it trips less than 10 out of the 40 it's a false positive.

I just opted out of the STEAM system beta and the notice of the w32.rogue.gen has stopped showing up. Are the rest of you that are getting this notice also enrolled in the STEAM system beta?

Also, I'm NOT able to find the steamservice.exe file that the W32.rogue.gen is supposed to be embedded in. I searched the entire Steam folder and do not find it. So, how can I submit it to virus total or other to be verified? Any ideas?

Update: I finally found "steamservice.exe" and ran it through virus total. It comes back clean: "probably harmless", it scored 0 indicators.

Strange how when I opted out of the Steam system beta it cleared up.

Thanks for the tip on virus total. I was not aware of that site/service. I am NOW...

Originally posted by ozkat (VegasOZ):

Update: I finally found "steamservice.exe" and ran it through virus total. It comes back clean: "probably harmless", it scored 0 indicators.

Strange how when I opted out of the Steam system beta it cleared up.

Thanks for the tip on virus total. I was not aware of that site/service. I am NOW...

Not strange. You have to remember that anti virus programs look for probably viruses I.e programs that look suspicious due to certain signatures.. Think of it as the soft ware equivalent of of racial profiling. It makes sense on the software level. suspicious stuff is calle dt to the user's attention, and their decision is taken. Safe bet is usually to tell your AV program's real time protection to exclude the steam folders.

Beta releases due to the way beta operates (frequent changes modifying other files in small ways, tends to raise so red flags to AV programs by nature.

1

Originally posted by ozkat (VegasOZ):

How do you know it is a "false positive"? I also have it reported within the last half hour. Webroot says it is in the "steamservice.exe" file.

Because it often happens. THe way Steam heuristics work are similar to bits of code within viruses.

The likelihood of Steam having viruses is beyond minimal. Furthermore, if they did, they are LEGALLY BOUND to advise ASAP and there's NOTHING on these forums.

Originally posted by Mosephuss:

I use Webroot as my antivirus

I stopped reading right here. Webroot Anti Spyware is on the list. This list has not been updated for some time, it seems, so your antivirus may not get along with Steam either.

https://support.steampowered.com/kb_article.php?ref=9828-SFLZ-9289

мда