Avast WEBforum
Other => Viruses and worms => Topic started by: flaye on July 23, 2012, 10:16:35 PM
-
As of the last Avast update today ( 23/7/2012), STEAM is being identified as a trojan.
Any updates or knowledge about this?
Thanks.
-
Yeah, it's really annoying when i start up my pc the false positive pop-up appearing and blocking steamservice.exe
Hope the problem is solved soon
-
do you have the file in avast chest?
right click the file and upload to avast lab....you may add a link to this topic
-
I registered just so I can confirm that I'm having the same issue. I played Steam earlier today without issue, then after the update I tried turning it on again only to have Steam identified as malware and automatically placed in the Virus Chest.
I had to reinstall Steam files twice because of this. I added both Program Files (x86)\Steam and Common Files\Steam to the Exclusion List to no avail. Avast still picks them up as threats.
I've already submitted two of the files that Avast keeps picking up to the labs for analysis as False Positives. Hopefully this issue gets resolved soon, since I'm not all too keen on turning off the File System Shield just to play games.
-
Also registered to confirm I am having the same issue. :/ I was able to run Steam just fine yesterday. Also some googling shows me that the same issue happened back in February. Hopefully this gets sorted soon! I tried to submit it from my virus chest, but I got an error when trying to submit it.
-
Am getting it to...with C\Program Fles (x86) Common Files\Steam and Steam\bin
Restored them but when turn on again they put them back i the chest...What Program Name/Program Publisher and Program version do I need to put in the Submit to lab form?
Annoying...
-
I just started Steam and there's no FP. Virus definitions 120723-2.
DJBone
-
Good for you. I cannot get Steam to work now... added exceptions, rebooted, tried to fix etc etc.
Is kinda sad how this is a recurring issue.
Anyway now I have insane kernel irq locking, could this be related?
-
Count me as another one getting the same Avast complaint about steamservice.exe.
OS is Win 7 Ultimate 64-bit.
-
Got the same warning, updated to 120723-2, warnings are gone, everything is good.
-
Got Same warning, fixed with latest vps update 120723-2, so all is good it appears now, Thanks Avast labs for a fast fix
-
Remember to get Steam service to work you would need to add the file/s that have been given the false infection report; too both the 'Scan exclusion list' and the 'Real time shield' - 'File system shield' - 'Expert mod' - exclusion list.
-
Remember to get Steam service to work you would need to add the file/s that have been given the false infection report; too both the 'Scan exclusion list' and the 'Real time shield' - 'File system shield' - 'Expert mod' - exclusion list.
So did the update not fix the FP issue or are you still having to add the steam client to the exclusion list?
-
Aaand yes, on version 120726-02 I got the "virus" again..... Any fix coming soon or what?
-
I got the same issue. I'm unable to start Steam. You guys at Avast better sort this or I'm switching to another Antivirus program.
-
Same deal, I'm on 120726-2 and it thinks steam has a virus. Whatever its flagging is breaking steam overlay.
-
I got the same issue. I'm unable to start Steam. You guys at Avast better sort this or I'm switching to another Antivirus program.
that aint the solution at all ::) ...report the files blacklisted to virus@avast.com
send the files there with topic false positives and wait until next few virus defination updates..avast doesnt give a lot of FP's by the way..
I dont understand...when u use any AV program u must be ready to be patient enough to solve your issues...
-
I have this issue too and to be honest, I'm really not happy.
vstdlib_s.dll is the one it's blocking.
-
I have this issue too and to be honest, I'm really not happy.
vstdlib_s.dll is the one it's blocking.
best to do is add a exclusion in file shield for the file...if u are impatient :P
-
"vstdlib_s.dll is the one it's blocking."
Have the same problem. :(
-
"vstdlib_s.dll is the one it's blocking."
Have the same problem. :(
I said already...send to virus@avast.com with subject False positive OR upload via chest as FP and update definations manually...and wait for next few updates
If u are impatient..restore the file from chest..set a exclusion in file shield
see screenshot....
-
"I said already...send to virus@avast.com"
Already done.
"If u are impatient..restore the file from chest..set a exclusion in file shield"
Will try, thnx.
-
Will try, thnx.
Your Welcome! ;D the more number of e-mails they get on this...the more quicker will be the fix ;)
-
I have this issue too and to be honest, I'm really not happy.
vstdlib_s.dll is the one it's blocking.
best to do is add a exclusion in file shield for the file...if u are impatient :P
What if it is a true mal ware though? it seems to be well known on the internet for being some sort of malware/spyware. its being reported by antivirus programs enough times.. so why would someone unvlock it untill a professional from avast would say that the file itself is actually clean.. (something in that file must be triggering the alarm for avart to detect it)
Re: vstdlib_s.dll
-
What if it is a true mal ware though? it seems to be well known on the internet for being some sort of malware/spyware. its being reported by antivirus programs enough times.. so why would someone unvlock it untill a professional from avast would say that the file itself is actually clean.. (something in that file must be triggering the alarm for avart to detect it)
if it is real malware..then it wouldnt be everybody reporting the same files...after its fixed..u can remove the exclusion
-
Check my solution in the other Thread: https://forum.avast.com/index.php?topic=102105.0
-
Check my solution in the other Thread: https://forum.avast.com/index.php?topic=102105.0
I know..i already posted the exclusion option usage solution here.. ;)
-
I sent in a False Positive report as well. I doubt it will take too long for the problem to be corrected.
-
What if it is a true mal ware though? it seems to be well known on the internet for being some sort of malware/spyware. its being reported by antivirus programs enough times.. so why would someone unvlock it untill a professional from avast would say that the file itself is actually clean.. (something in that file must be triggering the alarm for avart to detect it)
if it is real malware..then it wouldnt be everybody reporting the same files...after its fixed..u can remove the exclusion
Why would avast just suddenly report it as a malware when i have had steam and skyrim V : the elder scrolls installed for some time and it never reported it as malware before .. and no recient updates from avast means no recient database changes on my lappy..
-
@c0mpute
you can always upload the file to www.virustotal.com and check. ;)
-
Why would avast just suddenly report it as a malware when i have had steam and skyrim V : the elder scrolls installed for some time and it never reported it as malware before .. and no recient updates from avast has meant no resent database changes on my lappy..
could be a issue with latest streaming update..or with the VPS..
-
Hi all,as of now you can just disable Avast while you play Steam games.I also informed Avast VIA Twitter,let's wait and everything will be fine.
-
@c0mpute
you can always upload the file to www.virustotal.com and check. ;)
Cheers mate.. Though this is what I use avast for.. to protect my lappy from happy viruses that want to get into my comp... lol... ;D
-
With this issue.
1. move your cursor over the yellow avast symbol bottom right hand side.
2. Left click it
3. Go to AVAST! Shield Controls
4. Disable for 10minutes
5. Try updating steam now.
6. Once update has finished , do the same to re-enable AVAST.
(if it doesnt work, go into your virus chest on avast, and right click on the file vstdlib_s.dll file, and click restore)
Thanks Avo.
-
Hi all,as of now you can just disable Avast while you play Steam games.I also informed Avast VIA Twitter,let's wait and everything will be fine.
That sounds good to me.. and btw. .I like your message.. There is no patch for human stupidity...lol.. it reminds me of a documentary i watched on google once called the deffinition of stupidity.. lol..
-
Update: Now avast reports the exe's of some games in steam :(
And can someone tell me why avast reported a ...Boot.txt while booting maybe?
-
@c0mpute
you can always upload the file to www.virustotal.com and check. ;)
Cheers mate.. Though this is what I use avast for.. to protect my lappy from happy viruses that want to get into my comp... lol... ;D
no security program detect 100%..... and none have zero false positive
uploading to virustotal or jotti.org may give you the info to find out if detection is correct....
as you test the file with 40+ scanners
-
Update: Now avast reports the exe's of some games in steam :(
send all to virus@avast.com with subject false positives ;D
-
seems to be fixed now
-
Update: Now avast reports the exe's of some games in steam :(
send all to virus@avast.com with subject false positives ;D
I think its just windows 7.. lol.. I just started steam to update it again .. thinking it will give me the error and it updated successfully.. and i didnt do anything.. didnt even reboot.. i find windows doing a lot of strange things these days.. things that it never used to do and i have a fresh install too... go figure... ::) ;D :P
Re: I was going to report the false positive...
-
With this issue.
1. move your cursor over the yellow avast symbol bottom right hand side.
2. Left click it
3. Go to AVAST! Shield Controls
4. Disable for 10minutes
5. Try updating steam now.
6. Once update has finished , do the same to re-enable AVAST.
(if it doesnt work, go into your virus chest on avast, and right click on the file vstdlib_s.dll file, and click restore)
Thanks Avo.
This will not work as Avast will detect them later while they are being used and it may crash your game.Just disable the Avast completely and play your game.We will keep you informed so don't worry guys.
Hi all,as of now you can just disable Avast while you play Steam games.I also informed Avast VIA Twitter,let's wait and everything will be fine.
That sounds good to me.. and btw. .I like your message.. There is no patch for human stupidity...lol.. it reminds me of a documentary i watched on google once called the deffinition of stupidity.. lol..
Yes,it's so accurate :) .
-
Aaand yes, on version 120726-02 I got the "virus" again..... Any fix coming soon or what?
Fixed.
Milos
-
This is happening to me as well even though it's been fixed for some people i use Avast 7 Free edition Virus defenitions version - 120726-2 Program Version - 7.0.1456
EDIT:well literally 1 minute after posting this avast Just updated to version 120727-0 and i removed steam exclusions and seems to be no problem now =D
-
Hi, I just updated to version 120727-0 and program 7.0.1456 and now I cant start steam because of a malware infection :/
-
I had the same problem this morning.
01. Updated Avast to Program Version 7.0.1456 and Definitions 120727-0
02. Disabled all protection for 1 hour
03. Added Exception for Steam Folder
04. Downloaded Steam Installation file from Official Site
05. Tried to repair the Steam Installation (because Avast deleted some files like vstdlib_s.dll)
- Repair keeps telling "Unable to poke open firewall" (I dont know what the hell that means lol)
- Installed OK!
WHILE AVAST DISABLED
06. Opened Steam and all works great, then closed Steam
ENABLED AVAST
07. Opened Steam and all works great, then closed Steam
08. Opened Avast and deleted the exclusion for Steam folder.
09. Reopened Steam and all works great !!
I believe the real problem is when Steam tries to update, but after that everythings fine. Hope Avast fix this problem soons anyway because will be a pain to do this everytime for updating
-
Being both an ex-security researcher and member of current security matters (since I author PECompact, and must work with security vendors to ensure interoperability), last year I founded a site dedicated to False Positive Reporting and Resolution (http://falsepositivereport.org). I was grateful to see many vendors willingly monitor it, as they have the best of intentions. Many of their automated submission forms and such aren't always so responsible.
The goal of the site is simple transparency. Who has the biggest problems with false positives - something that can now quickly turn into a whole web site being rated 'BAD'? Who has the fewest problems? Who has the fastest resolution? Etc... It is at http://falsepositivereport.org and I encourage participation if this site is to 'take off'.
Some security vendors did dub it the 'shame and name' project, and I must admit - I kind of like that idea. After all, being a software publisher, you can imagine when the unthinkable happens and your software is called a virus or other malware by error. When it keeps happening (there are lots of vendors, after all), or when there is a delay in fixing the false positive, then it starts to become more than just an annoyance.
NONE of us envy the jobs of the security vendors, and that site is NOT about crucifying them. Keeping up with malware that is regenerated daily is near impossible. Whitelists would work, except they tend to become exclusionary programs that you must pay for. Thus, we're left where we are now. Again, user education is the best defense, as most 0-day malware will slip through most security products (else we wouldn't have much of an issue). Once malware gets installed on your PC, it is often not detectable or removable while the OS is booted. Microsoft issues patches to clean some of it up from time to time. For whatever reason, only a handful of security vendors offer 'offline scans' (not off the network, an unbooted PC). I hope more offer such in the future.
-
After Steam automatic client update process, Avast 120805-0 detects FileSystem_Steam.dll as a Win32:Malware-gen.
So ... this seems to me as a recurring problem with Steam service and Avast. Hope you can fix this since I have been happy with Avast this far... :-\
-
i seem to have the same problem since i started my PC this morning. looks like im not the only one having troubles with this luckely
-
You're not the only person had the same problem I myself are on the same boat and I can tell it false positive, don't delete the file from avast chest until avast solved the issue it may take 24 hrs or less to fix the problem.
STEAM false positive: filesystem_steam.dll File location is *:\Program Files\Steam\bin
Virus Definitions Update Version: 120805-0 already submitted the sample file to Avast through the chest section half an hour ago.
Edit: WOW! :o That was bloody quick the problem has been fixed just run the virus definitions update to fix the issue ;)
-
I got this message. I know it is Steam, not sure what specific file
It is running a boot scan.
Should I just update once the scan is done? Is there anything I should be worried about
-
Virus Definitions Update Version: 120806-0 is reporting false positive on steam again. *sigh*
This time for Steam\tier0_s.dll , i run the steam beta client, Avast! does not play well with steam.
-
There have been several stream updates this afternoon (4), whilst I don't know if these may be related to a fix for the detections, I would suggest that you scan those files again and see if they are still detected.
I'm not a gamer so I can't check if this corrects the detection/s.
-
i scanned Steam it said no threat found but when i try to open it avast blocks claiming it as a virus with the new avast update it seems avast blocks steam every time it updates
-
The on-demand scan may not be scanning the file as it may not be present until you start the game - I don't know as I'm not a gamer, so if these files are created at the game start, then it would be the file system shield alerting.
What file is it alerting on ?
-
it does it on steam up or if steam is updated it comes up saying Win32.malware-gen right now steam is working but what happens when avast updates
-
I can't answer that as I'm an avast user like yourself.
-
i updated avast it seems fine for now but what i think it might be is that when steam updates avast has not done a update that has the new steam update added to it data base if it happens again after avast updates it self then it something to do with the avast data base
-
The avast database will be on signature information, now when steam updates there is a possibility that the changed file could be pinged again.
The reason for this is that no AV whitelists on file name alone as that could be absolutely anything in a malicious file of the same name. So it scans on content rather than simply on file name.
Now there is nothing to stop Steam users from adding the file name to their (avastUI > Settings > Exclusions & File System Shield > Expert Settings > Exclusions) exclusions lists. There would obviously be a limited risk in doing that as should that file become infected it wouldn't have been scanned.
Having seen some exclude the whole steam folder by using the * at the end of the path, this makes a larger hole in your security, so I believe any exclusion should be on the full path and file name not using the * wildcard.
That said, I don't know if Steam digitally sign those files or not, but if they were digitally signed I believe it would probably go a long way to their not being pinged.