win32:trojan-gen SIntfNT.dll

So here is the whole story. My friend is an idiot and downloaded a pirated version of Warcraft III. Upon running the game his Avast detected this threat and blocked it. As he continued to run the game each time this warning would pop up. I told him to stop and gave him my old warcraft 3 cd which I no longer use. However, I had lost the key code to the game and he used a keygen so that he could play at least the single player. I had him uninstall the game then re-install it using my disc however whenever he runs the game this message continues to pop up. I was wondering if it is possible that this is not actually malware but some security function on the game that avast is detecting? My expertise is pretty limited so any help would be great.

The trojan detected is win32:trojan-gen and its found in the file SIntfNT.dll

To know if a file is a false positive, please submit it to VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com. VirusTotal has a file size limit of 10Mb. Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.

Maybe you need to disable Hide protected operating system files and enable View hidden files and folders’ to manage the file(s).

As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button…
You can use wildcards like * and ?. But be careful, you should ‘exclude’ that many files that let your system in danger.

This link is a tutorial on how to help correct a virus detection that you believe to be false:
http://forum.avast.com/index.php?topic=25009.msg204838#msg204838
or http://forum.avast.com/index.php?topic=7779.msg62586#msg62586

Thanks for the help it looks like it must be a new virus, here are the results of the scan.

AhnLab-V3 2008.6.27.1 2008.06.30 -
AntiVir 7.8.0.59 2008.06.30 -
Authentium 5.1.0.4 2008.06.29 -
Avast 4.8.1195.0 2008.06.30 Win32:Trojan-gen {Other}
AVG 7.5.0.516 2008.06.30 Proxy.ACKA
BitDefender 7.2 2008.06.30 -
CAT-QuickHeal 9.50 2008.06.30 TrojanProxy.Ranky.kz
ClamAV 0.93.1 2008.06.30 -
DrWeb 4.44.0.09170 2008.06.30 -
eSafe 7.0.17.0 2008.06.30 Suspicious File
eTrust-Vet 31.6.5914 2008.06.30 -
Ewido 4.0 2008.06.27 -
F-Prot 4.4.4.56 2008.06.29 -
F-Secure 7.60.13501.0 2008.06.26 Trojan-Proxy.Win32.Ranky.kz
Fortinet 3.14.0.0 2008.06.30 -
GData 2.0.7306.1023 2008.06.30 Win32:Trojan-gen
Ikarus T3.1.1.26.0 2008.06.30 Trojan-Proxy.Ranky.KE.1
Kaspersky 7.0.0.125 2008.06.30 -
McAfee 5328 2008.06.30 -
Microsoft 1.3704 2008.06.30 -
NOD32v2 3228 2008.06.30 -
Norman 5.80.02 2008.06.30 -
Panda 9.0.0.4 2008.06.30 -
Prevx1 V2 2008.06.30 -
Rising 20.51.02.00 2008.06.30 -
Sophos 4.30.0 2008.06.30 -
Sunbelt 3.0.1176.1 2008.06.26 -
Symantec 10 2008.06.30 -
TheHacker 6.2.96.364 2008.06.28 Trojan/Proxy.Ranky.kz
TrendMicro 8.700.0.1004 2008.06.30 PAK_Generic.001
VBA32 3.12.6.8 2008.06.30 -
VirusBuster 4.5.11.0 2008.06.30 -
Webwasher-Gateway 6.6.2 2008.06.30 -

Yes, we’re having some false positives but not all of the detections are false.
avast is being, sometimes, one of the first on detection some viruses.

i reported this thing yesterday , but seems they fixed it…
http://forum.avast.com/index.php?topic=36662.0
i rechecked my file now , and it’s clear …
http://www.virustotal.com/it/analisis/2e6b4a89f01a7af222fbcc883dd07eb0

Can you post filesize and the md5 of the file ??

my file

File size: 24516 bytes MD5...: b243b3b01605f674b99c0f5fdcc52cd2