Originally Posted by SuezanneCB

I installed 40012 last night and my antivirus reports the presence of the Bifrose.YM backdoor trojan, a keylogger and password sniffing program.

I told the antivirus program to ignore this warning. I am now getting warnings when using Hipihi.

There have been other reports of this sort about other versions of Hipihi, from folks that reported using antivirus programs other than the one I use. I use AVG from Grisoft.

Here's the warning message I get a lot now when using Hipihi:



Hipihi needs to take some effort to keep people from seeing that. Just checking with Kaspersky isn't sufficient to prevent users from seeing this notice, users that will include reviewers, bloggers, authors of books on virtual worlds, investors, etc.

Checks should be done with the AVG, Avira, Panda, and other common malware detection programs. The purpose of the checks with multiple anti-malware programs is to prevent users - or would-have-been users, in the case of those who just abandon the use of Hipihi when they get the warning - from getting false positives.

Originally Posted by Google Groups

During installing I get an alarm that a virus had been found in the
newly created "Uninstall.exe" (BDS/Bifrose.Gen).

I'm not sure what to make of it but I'll trust my antivirus program a
little more than HiPiHi.

I can't tell whether there is a backdoor program or not, since even if
there would be such program in action, it would be hidden! I did not
start the game rather erased it.

Note: The original HiPiHi_world_30014_sp2.exe file does not cause a
virus alarm!

Originally Posted by Wikipedia

The uninstall routine of HIPIHI tends to be infected with a Trojan. With releases up to 30014 it was BDS/Bifrose.Gen from the Bifrost family. The new releases 40011 and 40012 feature the backdoor program Packed.64. The change indicates that the Trojan is deliberately inserted in the code.

Originally Posted by Lianne Marten

AVG decided, completely out of the blue, that the main executable of Vampire: TM: Bloodlines was a virus and deleted it. I had to reinstall and manually tell the damn thing to leave it alone.

It's probably a problem with AVG. It seems to enjoy getting false positives from games you are enjoying at the moment. Try another virus scanner and see if it gets triggered as well.

Originally Posted by ZATZAi

Yah that's very possible, though apparently other anti-virus programs pick it up as well. Fortunately AVG was able to repair the file in my case so I could go on using it.

Nice avatar btw.

Originally Posted by Lianne Marten

That wikipedia mention is interesting, though i'd like to see a citation for it, since I have no idea what they're talking about. It's something to keep in mind if you're playing/planning on playing though, for certain. Thanks.

Originally Posted by Not Possible IRL

HiPiHi (type that intentional cuteness five times in a row!) for English language users is now in limited Beta testing. You will have to submit your personal info, including your address and cell phone number, and wait to hear if you have been accepted. Oh, and the uninstall of the current release "30014" is infected with the backdoor Trojan BDS/Bifrose.

Originally Posted by Massively

Update:

We performed an independent test to see if this could be the result of pre-existing trojans or software threats on people's machines.
Our test setup:
An old PC with no network access, and an Ubuntu Feisty Linux installation CD.
Procedure:

We freshly installed Ubuntu and while we waited for that we downloaded the HiPiHi 40011 installer on a spare linux box and burned that to a rewritable CD to avoid potentially contaminating anything.

We loaded the HiPiHi installer, onto the fresh linux install, and unpacked it by the simple expedient of installing it using wine.

Once it was all installed, we checked it out with two virus scanners, which we freshly installed and updated: Clam Antivirus, and Grisoft's AVG (Free Edition).
Results:
Clam Antivirus did not find any problems.
AVG reported the trojan signature from the bifrost family, as the story originally reported.
Conclusion:

This could still, honestly, be a false positive - in which case, we urge (and have urged) the HiPiHi people to get in touch with Grisoft to clear it up. The mention in the Wikipedia article casts some doubt on the matter.

"The uninstall routine of HIPIHI tends to be infected with a Trojan. With releases up to 30014 it was BDS/Bifrose.Gen from the Bifrost family. The new releases 40011 and 40012 feature the backdoor program Packed.64. The change indicates that the Trojan is deliberately inserted in the code." -- from Wikipedia.

Either the uninstaller is being routinely infected (we don't believe for a moment that that would be condoned or intended by the HiPiHi company), or AVG's scanner is a bit hypersensitive.

Until it is confirmed either way, you should exercise caution. The family of trojans that are claimed to be involved are quite rude strangers to have on your machine, and you want to avoid them. By all means, take a look at HiPiHi, but be careful.

Originally Posted by Bjorn

we hear ya at HiPiHi here, tests internally on various virus scans have reflected inconsistent results on the presence of this "trojan". dun seem to have any real threat but we are keeping an eye out for it.

if any of you folks out there have updates to this problem, give us a holler by replying here.

Originally Posted by Bjorn

strange, my earlier comment seems to have disappeared..

I am from HiPiHi and our team has run a number of tests with different virus scanning softwares. It appears the trojan result from AVG is an anomaly. Nonetheless, the inconsistent trojan results is a cause for concern and we are looking into it.

if any readers here have follow on updates to this problem, give us a holler by replying here..