8 replies to this topic

[marko]

After writing up a great review for Project Blackout, and admittedly spending some considerable time playing the actual game, I'm somewhat shocked, stunned and a little horrified of a recent find whilst performing a full scan using SUPERAntiSpyware.

It alerted me to the presence of a Trojan in the uninstaller which I naturally assumed was a false positive, but then I remembered these guys also included OpenCandy in the installer, of which there is no mention of anywhere and in fact OpenCandy is (presumably) only installed on the secondary download of the game - the first download is merely the installer to kick off a secondary download for the main files for the game.

It's all got me a little suspicious if I'm honest ... I don't for one second believe there was an actual trojan in the PB files, but SUPERAntiSpyware had detected AND REMOVED the offending file so I thought it was worth a little note to the developers.   Here was there response:

Quote

Thank you for contacting the Project Blackout 1:1 support team regarding your inquiry.

We understand your concern regarding the findings of your spyware program. While we cannot verify the findings of your program, due to it being 3rd party, we can confirm that our files are thoroughly tested for integrity before they are released to our players. Should you have concern regarding those files, we urge you to use our official downloader (http://pb.gamerage.com/Download/Client-Download). If the issue persists, we would ask you to contact your Spyware/Antivirus provider regarding the threat detected.

I hope that I was able to answer your inquiry, should you have further questions, feel free to submit another 1:1 and I will be more than glad to assist you further! We thank you again for contacting us and we look forward to seeing you in-game soon!

In other words, they are denying all knowledge of a trojan in their uninstaller - but again, as someone who takes their security very seriously, if this were me the first thing I would have done would be to download SUPERAntiSpyware and perform the check myself - then I would have contacted the spyware developers asking for an explanation.   All seems a little odd to me that a developer would simply say, "nope, can't find nothing" and not attempt to verify things themselves.

Anyhow, I will be contacting SAS to see if they can determine where this alert may be coming from
Stay tuned !!

[Gremlinn]

Do you think you would be able to duplicate this in a virtual enviroment?

[marko]

Doing that as we speak Gremlinn

[Gremlinn]

Look at uuuu...haha
I wish i had a better pc, i'd love to be able to use them!

[Claw]

Gremlinn,  What are you running,dude???? I know it's XP.but,,,,,,,,,,,,

[marko]

Apologies it took so long, but here's the screenshot from the virtual machine I'm running with the details of what SUPERAntiSpyware found - I've already raised this as a possible false positive on the SAS site but I'm not sure if it will be investigated or not - for now I'd say caution is required ....

[Gremlinn]

I'm running athlon 3000 with 2gb mem and a aio x800. The x800 really doesn't like to play with such an old cpu but right now, it's all i have.
@ Marko, did you save that file? Maybe you could try virustotal and see what other scanners say about it. Superspyware is gen pretty acurate but there are false pos sometimes. I'd be careful with the game also.

[marko]

Every other vendor reports no problem with the file, it's just SUPERAntiSpyware that reports an issue with it.   As I say, I've already raised this on the SUPERAntiSpyware site so I'm awaiting a response there - hopefully they'll flag this as a false positive otherwise it's a sad day for this developer I'm afraid.

[marko]

Thankfully SAS have confirmed this as a false positive, panic over