Possible file infection/FP but not detected by Avast?

Hi,

I just downloaded a exe file which is meant to be a game mod for GTA IV (LCPD:FR) and looking at all the feedback, I thought i’d give it a go (over 53k downloads) but before I installed I uploaded the file to VT to see what it said first and this is what it returned:

https://www.virustotal.com/file/518c0dac1f98d633a8278b041c0de1c576abc0ad6b8fa63432ca768773cd04d2/analysis/1336188009/

According to that, Avast didn’t detect anything but 2 others are giving 2 detections but don’t know if their FP or not, any idea’s where I go from here?

Thanks

First seen by VirusTotal
2012-01-18 23:20:57 UTC ( 3 måneder, 2 uker ago ) 3 months old and only detected by 2…i say FP

you may upload to Avira and wait for analysis result http://analysis.avira.com/samples/index.php

The FP could be a heuristical flag for a bifrose variant (trojan/win32.chifrax,gen (and gen denotes it is a generic find!). These kind of detections could indeed be FP-prone. McAfee’s finds the “Heuristic.BehavesLike.Win32.Fake.O” here probably meaning that the program is behaving like a fake windows 32 file. Some game proggies like Pkdude behave in a similar way and therefore are FP-prone and run by testers. Here the wakoopa file was classified as “malware dropper”, see: htxp://www.prevx.com/filenames/920927429217678332-X1/03906147.html
Malware is also found up in game trainers like Trojan.Win32.Shutdowner!IK 20120407
I would also bet on a false positive in this case, but as files like this become uploaded and shared a lot, there is always a slight chance to stumble onto something from suspicious sources, like romanian upload & share sites for instance,

polonus

Yeah, i’ve come to the conlusion that it’s likely just a FP, as I downloaded the stable verison of the mod and not the beta one and it gives no detections at all on VT.

Thought when I do install, i’ll def keep an eye on how my PC acts after a few hours.

Thanks