Logger.Agent.ajy VIRUS in nasmw.exe from TORQUE 1.5
by Eric Morata · in General Discussion · 04/03/2007 (11:16 am) · 3 replies
I scared myself when i found my last EWIDO virus report: the nasmw.exe, from the BIN directory inside the last SDK (TORQUE 1.5) is infected with Logger.Agent.ajy , a logger who record keystrokes, enabling the hacker to get about anything you typed - from passwords to credit card numbers.
In http://www.virustotal.com , when i send the file, only ewido detects the threat - no any other antivirus lab detect it as a malware, so i'm guessing it could be a problem from ewido labs... but i may be wrong.
Ewido is one of the best anti-malware softwares on the market, it couldn't be a flaw... but you never know.
In any case, the "infected" file is only nasmw.exe. I extracted it from the very TorqueGameEngineSDK-1-5-0.exe uploaded when you do the purchase directly from Garagegames, so the file didn't got tampered by any black hats... outside Garagegame, that is.
In http://www.virustotal.com , when i send the file, only ewido detects the threat - no any other antivirus lab detect it as a malware, so i'm guessing it could be a problem from ewido labs... but i may be wrong.
Ewido is one of the best anti-malware softwares on the market, it couldn't be a flaw... but you never know.
In any case, the "infected" file is only nasmw.exe. I extracted it from the very TorqueGameEngineSDK-1-5-0.exe uploaded when you do the purchase directly from Garagegames, so the file didn't got tampered by any black hats... outside Garagegame, that is.
#2
There's been a few threads created over the years about this.
Stephen beat me to it, I really need to start typing faster. ;)
You know, this question has popped up rather frequently lately. I think I'll tell Michael to add it to the FAQ project.
04/03/2007 (11:27 am)
There's nothing wrong with the file. nasmw.exe gets flagged by some scanners as a threat. As I understand it the reason it gets flagged as a threat is because nasm tends to be an assembler of choice for black hats due to it's free price tag.There's been a few threads created over the years about this.
Stephen beat me to it, I really need to start typing faster. ;)
You know, this question has popped up rather frequently lately. I think I'll tell Michael to add it to the FAQ project.
#3
It seems that EWIDO turned into AVG anti-spyware recently, and maybe the software transition bugged the malware detection or something.
Anyway, i made a search with the "Logger.Agent.ajy" keyword in the forums and haven't got any return... if it has been reported before, the thread got deleted? If so, better let this one around - i feel that more people will be searching for it, if they're purchasing torque 1.5.
04/03/2007 (11:28 am)
OOfff... thanks Stephen! I feel relieved, a LOGGER is something VERY serious.It seems that EWIDO turned into AVG anti-spyware recently, and maybe the software transition bugged the malware detection or something.
Anyway, i made a search with the "Logger.Agent.ajy" keyword in the forums and haven't got any return... if it has been reported before, the thread got deleted? If so, better let this one around - i feel that more people will be searching for it, if they're purchasing torque 1.5.
Torque 3D Owner Stephen Zepp
nasm is an assembly language compiler, which stringent anti-virus programs think are bad (in some cases they are, but in this one, it isn't).