arma3.exe infected?

[Sn00ks]

Arma 3 is updating and Avast has just moved arma3.exe to the virus chest as it has identified that it is infected with Win32:BogENT [Susp]. I am guessing the [Susp] means suspected rather than confirmed.

[TwoBad]

Avast seems to have had this problem with Arma since at least September.  It's not the first game Avast has had problems with.
Company of Heroes 2 earlier this year
H1Z1 king of the kill in 2016
Planetside 2 in 2015
DayZ in 2014
To name a few.  Seems to be a common false positive.

[Galatoni]

It's related to punk buster injecting into the process. Memory injection is a common Dev tool to monitor particular processes to gain insight into their workings. It's also how malware works.

Sent from my Swift 2 using Tapatalk

[Chaosphere]

Wait are people still using avast? :norty:

I thought the consensus had shifted to windows defender and common sense, rather than antivirals...maybe with the odd screen from malware bytes.

[OldBloke]

... I thought the consensus had shifted to windows defender and common sense, rather than antivirals...maybe with the odd screen from malware bytes.

It has in my world.

[Whitey]

It has in my world.

Mine too

[Sn00ks]

Am I being old fashioned by running AV software? Maybe I need to reconsider my strategy?

[Chaosphere]

Seems that may be the case. I am sure some will be able to point you in the direction of some evidence... I just read the thread on here a while ago where the consensus was ditch dedicated AV and stick to an up to date Windows OS with defender, and maybe at a push the odd scan with something like malware bytes if you're a touch on the paranoid side.

[smilodon]

For October 2017 AV Comparatives gave Microsoft a 99.1% detection rate and 100% if you tweak a couple of obvious settings.

AV Test gave it 96.3% against zero day exploits (zero day calculations are always a problem as testing sites can only check in hindsight for zero days, as by definition zero day exploits are unknown......
Against regular virus/malware it gave Defender 99.9%

Chuck in Chrome/Firefox for browsing with the uBlock Origin addons, a splash of Malwarebytes plus some Lastpass/Dashlane goodness and I'm happy enough. Defender is free plus so far it hasn't suffered from the eye wateringly horrible holes the likes of Kaspersky, Norton, Trend Micro etc.

[Chaosphere]

I am sure some will be able to point you in the direction of some evidence....

I foretold of his coming, and it was so! Thanks smilo!

[smilodon]

I can't find the article anywhere so I'm going to paraphrase it here. It relates to some discoveries and issues found by the Google Team Zero guys that deal with security and software vulnerability etc. Tavis Ormondy is one of their team and made some discoveries about leading AV providers that shook up the security industry.

Here's the analogy I read..... somewhere.

Windows with built in AV - You own a castle, it has high walls, ramparts, turrets, a moat and drawbridge. Your castle is robust but it's not impregnable. Here and there are weak spots and places where someone might be able to sneak in. Also you have to let lots of merchants and citizens of your kingdom come and go to do business inside the castle. You're guards are all members of your immediate family and you trust them unquestionably to defend your castle and man your gate as best they can. They are not the best guards but their loyalty is unquestionable.

Windows with 3rd party AV - You own a castle, it has high walls, ramparts, turrets, a moat and drawbridge. Your castle is robust but it's not impregnable. Here and there are weak spots and places where someone might be able to sneak in. Also you have to let lots of merchants and citizens of your kingdom come and go to do business inside the castle. You hire in a private security company to provide guards to keep your castle safe. They are expert guards with the very latest weapons and skills. You give them all the keys to your castle and they have complete control over the castle gate, the treasury, your private quarters etc.

The problem - You're enemy realise it is very hard for them to cross your moat and scale your castle walls and when your family was guarding the castle they knew it was impossible to either bribe one of them or impersonate them. Now you have an outside company doing security the enemy can try to bribe a guard or sneak inside impersonating one of them with false ID etc. If they manage to infiltrate the new guard team (think every Mission Impossible film with the weird rubber mask things) they can run riot through your castle. They can steal everything, break everything and go everywhere. They have keys to all your private rooms and your treasury. Worse they can now start sacking real guards and replacing them with their own enemy guards. Soon they have completely taken over your castle and you find yourself thrown out and locked out of your home.


By definition AV software needs very deep integration into your Windows OS. It needs to have very elevated privileges in order to work properly. When 3rd party AV software works well it is a very useful tool to keep your PC safe. But hackers and malware writers know this and are increasingly looking at the actual AV software for bugs and flaws which they can exploit in order to compromise your machine. Apparently Windows Defender doesn't suffer so much from these problems as it's effectively part of your OS and written by Microsoft engineers. Balancing the better security from 3rd party AV software with the greater robustness of Windows Defender and the choice isn't so clear. Add in the fact that AV as a general solution to security issues is becoming more and more questionable and I can't see the argument for dropping £30-50 a year on something that probably gives me no more protection.

[Chaosphere]

Loved the analogy :thumbsupsmileyanim:

I hope sn00ks sees it! seems to make sense to even a non-techy like me.