Update to earlier malware scare, Semi-technical, Seeking a tech/netsec opinion
Nothing ran at all - It flagged this file during download, from Steam's download cache directory.
No one else has reported anything similar on the Steam forums. When I asked there, the reply was "This game hasn't been updated in over two years, clearly a false positive" (The people on the ESET forums do not agree).
Full system scan came back clean, no further detections.
Notably, the specific detection being flagged in this case seems to indicate that the detection was made via ESET's Machine Learning algorithm, rather than a match to a previous malicious hash.
re: Update to earlier malware scare, Semi-technical, Seeking a tech/netsec opinion
@Phorm @anthracite yeah given the hex stuff this is almost certainly a false positive. At a guess I think the AV may have actually been at fault here- it and Steam didn't play nice when it tried to scan a partially-downloaded file, which resulted in minor file corruption.
Just delete the .exe and redownload, see what you get.
re: Update to earlier malware scare, Semi-technical, Seeking a tech/netsec opinion
@Doephin @anthracite
Yeah, I've done a redownload and it went through clean as a bean without issue the second time. It all adds up to a false positive to me, with that in mind (Particularly given the way that Steam allocates "empty" files prior to download).
There are some folks on the ESET forum claiming this could be something more malicious*, but I've zero ways to verify that, and tons of anxiety over it.
*(To quote: "This "smells" like malware process hollowing activity which in stage one, clears a portion of process memory while its in a suspended execution state, and then injects the malware code in the previously cleared memory space. In this instance however, the modified process wasn't executed but rather, would've been saved to disk.")