Overclock.net › Forums › Video Games › PC Gaming › HELP! Portal 2 trojan ? [Solved - Kaspersky removed the two false positives]
New Posts  All Forums:Forum Nav:

HELP! Portal 2 trojan ? [Solved - Kaspersky removed the two false positives]

post #1 of 7
Thread Starter 
Kaspersky Internet Security just popped this message:



Is this a real trojan or has Valve screwed up or Kaspersky screwed up ?


From the options available, Kaspersky will disinfect it either way, the first being the safest - I just hope it doesn't mess with the DLC in a few days.



Edit: added screenshot where you can see the full path.
Edited by tpi2007 - 10/4/11 at 10:22am
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
post #2 of 7
Pretty sure it's a false positive. Upload the file in question to VirusTotal to be sure and see what the other scanners have to say about it.

edit: I have Portal 2 installed and here is my virustotal on that file: http://www.virustotal.com/file-scan/...792-1317657305

Kaspersky is the only one that detects it as you can see so it's definitely a false positive.
Edited by Dopamin3 - 10/3/11 at 9:01am
Beast
(14 items)
 
Dell XPS Faptop
(8 items)
 
Alura :)
(11 items)
 
CPUMotherboardGraphicsRAM
i7 4790k Asus Z97 Pro WIFI-AC Sapphire Nitro Radeon R9 Fury Tri-X OC+  G.Skill 4 x 8GB F3-2133C9D-16GXH 
Hard DriveOptical DriveCoolingOS
2 x Intel 730 480GB SSD in RAID 0 Asus DRW-24B1ST/BLK/B/AS Noctua NH-D15 Winblows 10 Pro x64 
MonitorKeyboardPowerCase
Pixio PX277 Logitech G510 Seasonic SS-660XP2 Fractal Design R4 Blackout 
MouseMouse Pad
Logitech G500 Xtrac Ripper 
CPUMotherboardGraphicsRAM
Core 2 Duo T5250 @ 1.5ghz Dell 0N6705 Mobile Intel 965 Express 2 x 2GB Hyundai/Kingston DDR2 533mhz 
Hard DriveOptical DriveOSMonitor
OCZ Summit 60GB SSD Slot Load DVD-RW Windows 7 Ultimate x64 13.3 inch 1280x800 
CPUMotherboardGraphicsRAM
i5 2500k Asus P8Z68-V Pro MSI R7970 Lightning BE 2 x 4GB G.Skill Ripjaws 2133mhz 
Hard DriveOptical DriveCoolingOS
Mushkin Enhanced Chronos 240GB and WD Black 1TB Asus DRW-24B1ST Cooler Master Hyper 212 EVO Windows 7 Ultimate x64 
MonitorPowerCase
Hannspree 24 inch Thermaltake Tough Power TP-750P 750W Gold Cooler Master HAF 932 
  hide details  
Reply
Beast
(14 items)
 
Dell XPS Faptop
(8 items)
 
Alura :)
(11 items)
 
CPUMotherboardGraphicsRAM
i7 4790k Asus Z97 Pro WIFI-AC Sapphire Nitro Radeon R9 Fury Tri-X OC+  G.Skill 4 x 8GB F3-2133C9D-16GXH 
Hard DriveOptical DriveCoolingOS
2 x Intel 730 480GB SSD in RAID 0 Asus DRW-24B1ST/BLK/B/AS Noctua NH-D15 Winblows 10 Pro x64 
MonitorKeyboardPowerCase
Pixio PX277 Logitech G510 Seasonic SS-660XP2 Fractal Design R4 Blackout 
MouseMouse Pad
Logitech G500 Xtrac Ripper 
CPUMotherboardGraphicsRAM
Core 2 Duo T5250 @ 1.5ghz Dell 0N6705 Mobile Intel 965 Express 2 x 2GB Hyundai/Kingston DDR2 533mhz 
Hard DriveOptical DriveOSMonitor
OCZ Summit 60GB SSD Slot Load DVD-RW Windows 7 Ultimate x64 13.3 inch 1280x800 
CPUMotherboardGraphicsRAM
i5 2500k Asus P8Z68-V Pro MSI R7970 Lightning BE 2 x 4GB G.Skill Ripjaws 2133mhz 
Hard DriveOptical DriveCoolingOS
Mushkin Enhanced Chronos 240GB and WD Black 1TB Asus DRW-24B1ST Cooler Master Hyper 212 EVO Windows 7 Ultimate x64 
MonitorPowerCase
Hannspree 24 inch Thermaltake Tough Power TP-750P 750W Gold Cooler Master HAF 932 
  hide details  
Reply
post #3 of 7
Thread Starter 
Quote:
Originally Posted by Dopamin3 View Post
Pretty sure it's a false positive. Upload the file in question to VirusTotal to be sure and see what the other scanners have to say about it.

edit: I have Portal 2 installed and here is my virustotal on that file: http://www.virustotal.com/file-scan/...792-1317657305

Kaspersky is the only one that detects it as you can see so it's definitely a false positive.


Thanks! Rep+

I didn't know that site existed. Will keep in my bookmarls for future reference.


So... I guess I should contact Kaspersky then. From the options above, it seems it will disinfect the file, meaning I will surely have problems with the DLC in a few days.
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
post #4 of 7
Quote:
Originally Posted by tpi2007 View Post
Thanks! Rep+

I didn't know that site existed. Will keep in my bookmarls for future reference.


So... I guess I should contact Kaspersky then. From the options above, it seems it will disinfect the file, meaning I will surely have problems with the DLC in a few days.
Add it as an exception, then verify the game files for Portal 2 in Steam, that way you shouldn't have any issues when the DLC is out.
Wingman Fuzzi
(16 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.6GHz 1.37v Gigabyte Z68X-UD5-B3 Zotac GTX 680 @ 1215/3005MHz (347.09) 2x8GB Kingston HyperX Savage 1866Mhz 
Hard DriveHard DriveCoolingOS
Samsung 840 120GB + 850 1TB + Intel 520 240GB Samsung F3 1TB Thermalright Venomous X w/ FM122 Windows 7 Pro x64 
MonitorKeyboardPowerCase
Dell U2312HM 1920x1080 @ 60Hz Ducky Shine II (Blues w/ White Backlight) Corsair HX 620W Fractal Design XL (Black Pearl) 
MouseMouse PadAudioAudio
MX518 Steelseries QcK+ Creative X-FI Xtreme Music Sennheiser HD598 
  hide details  
Reply
Wingman Fuzzi
(16 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.6GHz 1.37v Gigabyte Z68X-UD5-B3 Zotac GTX 680 @ 1215/3005MHz (347.09) 2x8GB Kingston HyperX Savage 1866Mhz 
Hard DriveHard DriveCoolingOS
Samsung 840 120GB + 850 1TB + Intel 520 240GB Samsung F3 1TB Thermalright Venomous X w/ FM122 Windows 7 Pro x64 
MonitorKeyboardPowerCase
Dell U2312HM 1920x1080 @ 60Hz Ducky Shine II (Blues w/ White Backlight) Corsair HX 620W Fractal Design XL (Black Pearl) 
MouseMouse PadAudioAudio
MX518 Steelseries QcK+ Creative X-FI Xtreme Music Sennheiser HD598 
  hide details  
Reply
post #5 of 7
Thread Starter 
Quote:
Originally Posted by Fusion Racing View Post
Add it as an exception, then verify the game files for Portal 2 in Steam, that way you shouldn't have any issues when the DLC is out.
Thanks, I'll try that. Rep+

vgui2.dll in the same folder is also reported as being or being infected with the same trojan - actually this one ends with .ddx instead of .dbn.

I couldn't even upload the first file to the virustotal site. Kaspersky now reports that the files will be processed after the computer reboots (I had to chose one of two actions, none one them being adding an exception).

Let's see if I can manage to add it do the exceptions list after I reboot and tell steam to verify the files.
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
post #6 of 7
Sounds like a false positive to me, especially if you downloaded it directly from Valve.

If you have any concerns though it doesn't hurt to double check with Jotti's Viruscan. Handy little website that you upload a small file to and it will check it across 30+ scanners.

http://virusscan.jotti.org/en
Gaming Rig
(15 items)
 
  
CPUMotherboardGraphicsGraphics
i5 2500k @ 3.33ghz Gigabyte Z68-UD3H-B3 EVGA 460 GTX SC EE MSI 460 GTX HAWK 
RAMHard DriveOptical DriveOS
8GB Mushkin Blackline 1.5v 996995 Samsuing Spinpoint F3 1TB Sony 18x Windows 7 64-bit 
MonitorKeyboardPowerCase
Dell U2412M Microsoft Media Keyboard Antec NeoPower HE 550w Antec 300 
MouseAudio
Logitech G5 Logitech Z523 
  hide details  
Reply
Gaming Rig
(15 items)
 
  
CPUMotherboardGraphicsGraphics
i5 2500k @ 3.33ghz Gigabyte Z68-UD3H-B3 EVGA 460 GTX SC EE MSI 460 GTX HAWK 
RAMHard DriveOptical DriveOS
8GB Mushkin Blackline 1.5v 996995 Samsuing Spinpoint F3 1TB Sony 18x Windows 7 64-bit 
MonitorKeyboardPowerCase
Dell U2412M Microsoft Media Keyboard Antec NeoPower HE 550w Antec 300 
MouseAudio
Logitech G5 Logitech Z523 
  hide details  
Reply
post #7 of 7
Thread Starter 
I have to report that as of yesterday around midnight (GMT) I manually updated Kaspersky, and then told Steam to check the integrity of Portal 2's files, it downloaded the missing files, and, upon a manual scan of the bin folder, I have to report Kaspersky is no longer reporting any file as being a trojan.

Problem solved!
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
 
Metro 2033 review
Metro 2033
CPUMotherboardGraphicsRAM
Core i7-3820 Asus Sabertooth X79 MSI GTX 750 Ti TF Gaming 16 GB Corsair DDR3 1866 Mhz Dominator 
Hard DriveOptical DriveCoolingOS
Samsung SSD 830 128GB + WD Caviar Black 1TB Sony Optiarc DVD-RW Corsair A70 + Noiseblocker M12-P Windows 7 Home Premium 64-bit 
MonitorKeyboardPowerCase
BenQ RL2455HM Cooler Master Octane Corsair AX750 Professional Modular 80 Plus Gold Cooler Master HAF 912 Plus 
Mouse
Cooler Master Octane 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: PC Gaming
Overclock.net › Forums › Video Games › PC Gaming › HELP! Portal 2 trojan ? [Solved - Kaspersky removed the two false positives]