These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

Forum Index

EVE Forums » EVE Communication Center » EVE General Discussion » Rootkit, Virus, or overlly sensitive antivirus

Topic is locked indefinitely.

Rootkit, Virus, or overlly sensitive antivirus First post
Author

Previous Topic Next Topic

10
Surf Bum Likes received: 10	#1 - 2011-10-06 06:42:35 UTC 1 My antivirus blocked the download of Payload 2 of the eve client for Windows. It detected "MalAgent.F_114 (Trojan)". So my question is if this is a rootkit that CCP uses for the game, or is the file actually infected, or is my antivirus too sensitive and got a false positive?

CyberShield Inc HYDRA RELOADED 93
Garia666 CyberShield Inc HYDRA RELOADED Likes received: 93	#2 - 2011-10-06 06:43:32 UTC 1 what virus scan are you using? cause if ccp installs an rootkit. ill be pissed off.

C C P C C P Alliance 1,898
CCP Spitfire C C P C C P Alliance Likes received: 1,898	#3 - 2011-10-06 06:45:21 UTC 1 Hello, Could you please let me know what antivirus you're using? I'll pass it along to our security team. CCP Spitfire \| Marketing & Sales Team @ccp_spitfire


Surf Bum Likes received: 10	#4 - 2011-10-06 06:45:50 UTC 1 I have a SonicWall TZ210 that includes a gateway antivirus. I believe it uses Cloud antivirus for its engine.


Surf Bum Likes received: 10	#5 - 2011-10-06 06:48:59 UTC 1 Garia666 wrote: ... cause if ccp installs an rootkit. ill be pissed off. Not all rootkits are bad. Some software companys use them for DRM or to run processes with elevated privileges making them more difficult to crack.

Forcas armadas Brave Collective 1,019
Renan Ruivo Forcas armadas Brave Collective Likes received: 1,019	#6 - 2011-10-06 06:49:48 UTC 1 Is that a well known antivirus software? I'd refrain from using antivirus software that isn't on the top 10 list of most used.. The world is a community of idiots doing a series of things until it explodes and we all die.


Surf Bum Likes received: 10	#7 - 2011-10-06 06:50:57 UTC 1 Extremely well known in the Linux community.


CCP Spitfire C C P C C P Alliance Likes received: 1,898	#8 - 2011-10-06 06:51:17 UTC 1 Surf Bum wrote: I have a SonicWall TZ210 that includes a gateway antivirus. I believe it uses Cloud antivirus for its engine. Yep, thanks for the info. I'll let you know as soon as I hear back. CCP Spitfire \| Marketing & Sales Team @ccp_spitfire

Renan Ruivo

Forcas armadas

Brave Collective

Likes received: 1,019

#9 - 2011-10-06 06:51:29 UTC

Surf Bum wrote:

Garia666 wrote:

... cause if ccp installs an rootkit. ill be pissed off.

Not all rootkits are bad. Some software companys use them for DRM or to run processes with elevated privileges making them more difficult to crack.

And how exactly isn't that bad?

Rootkits are a security breach no matter who makes them.

I live by a saying "If you have to hide it from your mother, it probably is bad for you"

The world is a community of idiots doing a series of things until it explodes and we all die.


Surf Bum Likes received: 10	#10 - 2011-10-06 06:54:47 UTC 1 That's like saying matches are bad because they burn down forests. Don't confuse the tool with the intention. It just sounds bad because they got a lot of coverage from virus writers abusing them.

Renan Ruivo

Forcas armadas

Brave Collective

Likes received: 1,019

#11 - 2011-10-06 07:04:07 UTC

Surf Bum wrote:

That's like saying matches are bad because they burn down forests. Don't confuse the tool with the intention. It just sounds bad because they got a lot of coverage from virus writers abusing them.

A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications.

I have no problems with people who write viruses. I have problems with people who write the DRM packages you were talking about.

They both operate in the same fashion, but i didn't paid for the first.

Matches might be tools, but i do not allow people to light them in my house without my permission to do so.

The world is a community of idiots doing a series of things until it explodes and we all die.

The Apostle

Doomheim

Likes received: 942

#12 - 2011-10-06 07:11:49 UTC

Renan Ruivo wrote:

Surf Bum wrote:

That's like saying matches are bad because they burn down forests. Don't confuse the tool with the intention. It just sounds bad because they got a lot of coverage from virus writers abusing them.

this^^

Anything that ends with "ive" is dangerous. Invasive, explosive, mishchive. What?

[i]Take an aspirin. If pain persists consult your local priest. WTB: An Austrian kangaroo![/i]


Surf Bum Likes received: 10	#13 - 2011-10-06 07:17:02 UTC 1 The Apostle wrote: Anything that ends with "ive" is dangerous. Invasive, explosive, mishchive. Live. There, I said it. Anyways, starting to get off topic. I'm sure you all are eager as I am to hear CCP's response.

Naran Eto

Caldari Provisions

Caldari State

Likes received: 118

#14 - 2011-10-06 07:17:35 UTC

The Apostle wrote:

Renan Ruivo wrote:

Surf Bum wrote:

That's like saying matches are bad because they burn down forests. Don't confuse the tool with the intention. It just sounds bad because they got a lot of coverage from virus writers abusing them.

this^^

Anything that ends with "ive" is dangerous. Invasive, explosive, mishchive. What?

orly?

Live
Objective
Decisive
Adaptive
Active
informative

I get it...... Roll

1,725
Sarmatiko Likes received: 1,725	#15 - 2011-10-06 07:20:32 UTC 1 Surf Bum wrote: Extremely well known in the Linux community. Also well known for alot of false positive results. Please before you post next time something that could possibly scare simple user in GD, test files with more than one AV software (and probably not broken like SonicWall)

Renan Ruivo

Forcas armadas

Brave Collective

Likes received: 1,019

#16 - 2011-10-06 07:22:22 UTC

Naran Eto wrote:

orly?

Live
Objective
Decisive
Adaptive
Active
informative

I get it...... Roll

Live. Live what? Can be dangerous...
Objective. What? can be dangerous....
Decisive. Bad decisions are dangerous...
Adaptive. Adaptive Nano Membranes on the wrong fit are dangerous...
Active. Can be REEEEEALY dangerous....
Informative. You blabber too much to the wrong people.. dangerous to yourself..

The world is a community of idiots doing a series of things until it explodes and we all die.

PIE Inc. Khimi Harar 825
Ciar Meara PIE Inc. Khimi Harar Likes received: 825	#17 - 2011-10-06 07:25:30 UTC 2 Surf Bum wrote: Extremely well known in the Linux community. All five of them? - [img]http://go-dl1.eve-files.com/media/corp/janus/ceosig.jpg[/img] [yellow]English only please. Zymurgist[/yellow]


Surf Bum Likes received: 10	#18 - 2011-10-06 07:28:54 UTC 1 It could very well be benign and just exhibit similar signatures. A bit of a search will show that the virus signature description is that of a key logger. Any MMO software company that wishes to protect the game from botters and the likes will use code that will log keystrokes and mouse movements.

The Apostle

Doomheim

Likes received: 942

#19 - 2011-10-06 07:29:34 UTC

Renan Ruivo wrote:

Naran Eto wrote:

orly?

Live
Objective
Decisive
Adaptive
Active
informative

I get it...... Roll

Sensitive

[i]Take an aspirin. If pain persists consult your local priest. WTB: An Austrian kangaroo![/i]

Renan Ruivo

Forcas armadas

Brave Collective

Likes received: 1,019

#20 - 2011-10-06 07:30:13 UTC

Surf Bum wrote:

It could very well be benign and just exhibit similar signatures. A bit of a search will show that the virus signature description is that of a key logger. Any MMO software company that wishes to protect the game from botters and the likes will use code that will log keystrokes and mouse movements.

You new to EVE ain't you

The world is a community of idiots doing a series of things until it explodes and we all die.

12Next page

EVE General Discussion

CyberShield Inc

HYDRA RELOADED

C C P

C C P Alliance

Forcas armadas

Brave Collective

Doomheim

Caldari Provisions

Caldari State

PIE Inc.

Khimi Harar