BOClean found a trojan!

Hi folks,

I just downloaded a new game to play (one of those 60 minutes free trial, then buy it if you like it deals) and the second I started it up - bam! BOClean found a trojan!

The company is called “SpinTop Games”, and the game is called “Amazing Adventures The Lost Tomb”.

http://tinyurl.com/2zx5cw

The game installed itself into C:\program Files even though I would have preferred it elsewhere, but BOClean found “BKDR-RBOT.IK” in the exe file.

Has anyone else experienced this? Any chance it could be a false positive or something like that?
I’ve never downloaded anything from SpinTop before, but they looked like a reliable company and even guarantee on their website that all their games are 100% malware free!

http://tinyurl.com/yv2wy2

Looking forward to any comments or suggestions…
Thanks in advance!
Neil :slight_smile:

Hi and welcome,

Submit the file to Comodo. I wouldn’t give them the benefit of doubt for now though, judging on the background you’ve just explained. No reason to think that the positive is false.

Hi Japo, and thanks for the quick reply!

How exactly do I submit the file? (and where?)
Sorry to sound so dense, but I’ve never done anything like this before!

Thanks in advance,
Neil :slight_smile:

I think you can do it here:

But I’m not sure whether you’ll get any feedback. You can upload it here and you’ll get the results from several top-notch antiviruses:

Cheers :slight_smile:

Wow, that was incredibly easy and fast too!
Thanks again, and I’ll post back here with results…

Neil :slight_smile:

File AmazingAdventures.exe received on 11.21.2007 23:19:43 (CET)

Additional information
File size: 1335296 bytes
MD5: a00736e92740a52b1b246b7cf5590e9f
SHA1: d6a824afe0c1a53b61b68b25c54efef4de7c4671
packers: Armadillo
packers: Armadillo

[attachment deleted by admin]

once again, Boclean shows how well it can protect you where other AVs fail!!!

In a detection method you need as many eyes trying to detect it as possible… cos one might miss it!! :wink: The way boclean concentrates on the malware its a great addition, a must have, if i may so, to any AV…

Melih

Thanks, everyone! :slight_smile:

I guess this means I shouldn’t play the game then, eh?

All seriousness aside, I really wanted this game for my wife’s computer, so it’s a good thing I tried it out on mine first! (I wish there was a way to remove the trojan for good and still try out the game demo.)

Oh well, I appreciate all your help!
Neil ¦¬D

I ran it by the Comodo and Kaspersky labs and both report nothing malicious in the submitted file.
CBOC has fixed what now looks to be a false positive.
Thank you for your help in identifying this!

You’re welcome, Cat! I’m glad that I helped (by asking the question) and that everything is A-OK!

Just for thread continuity, I found the same game from the parent company (PopCap) and it installed and runs without any red flags from BOClean or my AV, CounterSpy, etc.

Thanks again everyone!
Neil ¦¬D