TearDown Forum  

Go Back   TearDown Forum > Alien Assault > Report a Bug

Report a Bug Report any bugs/issues you have found

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 08-06-2010, 14:38
valkyrie valkyrie is offline
Junior Member
 
Join Date: 2010 Aug Fri
Posts: 5
Default Alien Assault reported as keylogger by Kaspersky

I am wondering whether my Alien Assault v1.2 is a cracked version as my anti-virus keep complaining that the game behaviour is similar to a keylogger.

Can anyone please let me know if this is a real threat or a false alarm from Kaspersky.

Thanks.
Reply With Quote
  #2  
Old 08-06-2010, 15:02
the_Fifth_Horseman's Avatar
the_Fifth_Horseman the_Fifth_Horseman is offline
TearDown developer
 
Join Date: 2009 Feb Tue
Posts: 3,244
Default

There is no "cracked version", because there is nothing to crack in the first place.

Please upload a copy of the executable somewhere and post a link so we can compare it with the original.
Where did you get your copy from?
__________________
Quote:
Let's face it, a weapon that hurls balls of white hot liquid fire is just fucking scary, no matter where or how you evolved.
Concepts in progress: Chrome Dawn, Humanity: Optional, Future Hack.
The future was yesterday. Welcome to the new world.
Reply With Quote
  #3  
Old 08-06-2010, 21:11
Niklas's Avatar
Niklas Niklas is offline
Founder of TearDown
 
Join Date: 2009 Feb Tue
Location: Stockholm
Posts: 6,715
Default

Where did you download it from? Strategy Informer? If not, get that version. If so, Google for another game/app made using Allegro. Can be Allegro that listens to the keyboard for inputs that generates the warning...
Reply With Quote
  #4  
Old 08-06-2010, 21:15
Niklas's Avatar
Niklas Niklas is offline
Founder of TearDown
 
Join Date: 2009 Feb Tue
Location: Stockholm
Posts: 6,715
Default

Also, do you mean v1.2 or v1.02? We habe not released a v1.2 but if you are using v1.02 you should get v1.022.
Reply With Quote
  #5  
Old 08-06-2010, 22:51
Killgore85's Avatar
Killgore85 Killgore85 is offline
Senior Member
 
Join Date: 2010 Jun Sun
Posts: 199
Default

v1.021 is actually the most recent version at strategy informer
http://www.strategyinformer.com/pc/a...ame/34785.html

You might have a more recent WIP version Niklas, but it isn't generally available.
Reply With Quote
  #6  
Old 08-06-2010, 23:28
Niklas's Avatar
Niklas Niklas is offline
Founder of TearDown
 
Join Date: 2009 Feb Tue
Location: Stockholm
Posts: 6,715
Default

Sorry, iPhone typo...v1.021 is the newest one, correct.
Reply With Quote
  #7  
Old 08-07-2010, 16:37
valkyrie valkyrie is offline
Junior Member
 
Join Date: 2010 Aug Fri
Posts: 5
Default

Thanks for the update. I forgot where i downloaded the game from but I was planning to upload the executable for you all to compare but things have gone bad.

My home network has been compromised and the router OS hacked. Basically disable all the security on the router. Now I am using mobile internet paying by the KBytes so I guess it will be expensive to upload anything for now. Anyway that still does not mean that this problem is due to the game itself until it is proven.

This is off topic but I would appreciate if somebody here who has any experience dealing with a hacker running loose in a network to give me some pointers.

Basically already formatted the compromised PC and losing all my high stat marines.
Change the password to the router (but forgot to erase and reinstall the firmware) and I thought all is well until i discover the router OS has been replaced again. The malware is still hiding somewhere in the network or has establish a backdoor somewhere.

Going to download a new firmware from linksys and overwrite the router. I guess all password should be entered using a virtual keyboard.

All computers are disconnected from the network for now, even the NAS. Just using the laptop with mobile connection. It is a losing battle.

I really do not want to format all the pc if i don't have to but i will not have any options left if the problems still exist after the replacing the router firmware. I have been trying to look for the offending program using netstat but so far no luck.

The pains of using windows.

Thanks.
Reply With Quote
  #8  
Old 08-07-2010, 20:53
Niklas's Avatar
Niklas Niklas is offline
Founder of TearDown
 
Join Date: 2009 Feb Tue
Location: Stockholm
Posts: 6,715
Default

I have no good advice to give, but I feel you pain.
Reply With Quote
  #9  
Old 08-07-2010, 23:00
Killgore85's Avatar
Killgore85 Killgore85 is offline
Senior Member
 
Join Date: 2010 Jun Sun
Posts: 199
Default

Malware removal guide
http://forums.majorgeeks.com/showthread.php?t=35407
Do yourself a favor and read through it thoroughly before you dive in and start changing a lot of settings and especially before editing the registry.

2 very useful programs for those situations
Spybot search & destroy http://www.safer-networking.org/en/download/index.html
ccleaner (crap cleaner) http://majorgeeks.com/download4191.html

As long as you only do what they recommend, you should be fine. If you want to edit your registry beyond it's recommendations, there's a risk that you could have to format your drive and start from scratch.
Reply With Quote
  #10  
Old 08-07-2010, 23:34
the_Fifth_Horseman's Avatar
the_Fifth_Horseman the_Fifth_Horseman is offline
TearDown developer
 
Join Date: 2009 Feb Tue
Posts: 3,244
Default

There's also HijackThis, which you could use to check both retgistry autoruns and currently active processes.
Quote:
If you want to edit your registry beyond it's recommendations, there's a risk that you could have to format your drive and start from scratch.
Not that bad. As long as you backup your registry beforehand, there are ways to restore it even if the original was so badly mauled that you can't start up the system at all (which, in all respect, should be rather difficult to achieve other than on purpose).
__________________
Quote:
Let's face it, a weapon that hurls balls of white hot liquid fire is just fucking scary, no matter where or how you evolved.
Concepts in progress: Chrome Dawn, Humanity: Optional, Future Hack.
The future was yesterday. Welcome to the new world.
Reply With Quote
  #11  
Old 08-08-2010, 02:21
Killgore85's Avatar
Killgore85 Killgore85 is offline
Senior Member
 
Join Date: 2010 Jun Sun
Posts: 199
Default

I had that happen several years ago.
Reply With Quote
  #12  
Old 08-09-2010, 16:13
valkyrie valkyrie is offline
Junior Member
 
Join Date: 2010 Aug Fri
Posts: 5
Default

Killgore,

Thanks for the useful link to the support forums. Run through the steps as suggested but did not find any malware on any of my networked PCs but nevertheless the forum provided a good systematic way to deal with malware.

I guess i have the problem taken care of after formatting my pc and flashing my router with the latest firmware. I hope...

Unfortunately this also means I got nothing to upload for the comparison. What I will do now is to download the game from the recommended site and see if kaspersky will give me the same keylogger complain.
Reply With Quote
  #13  
Old 08-09-2010, 16:52
Niklas's Avatar
Niklas Niklas is offline
Founder of TearDown
 
Join Date: 2009 Feb Tue
Location: Stockholm
Posts: 6,715
Default

Looking forward to what it will say.

Just for the record, Our game has been given "spyware free" awards by two sites.
Reply With Quote
  #14  
Old 08-09-2010, 17:41
Orgetorix Orgetorix is offline
Member
 
Join Date: 2009 Dec Sat
Posts: 40
Default

There is nothing to worry about. I run Kaspesky and that is a generic warning it gives you with just about any game software, because the game is echoing the keyboard for your input, so technicaly they are correct. The program COULD be keylogging, but almost universially the program isn't. I get tired of it so I just disable that notification.
Reply With Quote
  #15  
Old 08-09-2010, 17:57
valkyrie valkyrie is offline
Junior Member
 
Join Date: 2010 Aug Fri
Posts: 5
Default

Quote:
Originally Posted by Niklas View Post
Looking forward to what it will say.

Just for the record, Our game has been given "spyware free" awards by two sites.
I used the link provided in this website and downloaded AA v1.021 from strategy informer. Kaspersky reported the same keylogger warning. I attached a jpg for comments.
Attached Images
File Type: jpg Kaspersky report screen capture.JPG (67.5 KB, 7 views)
Reply With Quote
  #16  
Old 08-09-2010, 18:43
the_Fifth_Horseman's Avatar
the_Fifth_Horseman the_Fifth_Horseman is offline
TearDown developer
 
Join Date: 2009 Feb Tue
Posts: 3,244
Default

From what I understand, PDM.Keylogger is a false positive given by recent versions of Kaspersky on nearly any piece of software that utilises keyboard input.
http://support.kaspersky.com/kis2010...?qid=208281028
__________________
Quote:
Let's face it, a weapon that hurls balls of white hot liquid fire is just fucking scary, no matter where or how you evolved.
Concepts in progress: Chrome Dawn, Humanity: Optional, Future Hack.
The future was yesterday. Welcome to the new world.
Reply With Quote
  #17  
Old 08-10-2010, 12:59
valkyrie valkyrie is offline
Junior Member
 
Join Date: 2010 Aug Fri
Posts: 5
Default

Quote:
Originally Posted by the_Fifth_Horseman View Post
From what I understand, PDM.Keylogger is a false positive given by recent versions of Kaspersky on nearly any piece of software that utilises keyboard input.
http://support.kaspersky.com/kis2010...?qid=208281028
OK but what was reported was pid 0 which I would assume to be some OS processes but mine was having a pid 245.

I think it is fairly safe to say that is a false positive since Orgetorix also reported that his kaspersky give the same warning.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT +1. The time now is 04:11.


Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.