EQGame.exe is Spyware now? (1 Viewer)

[teslatrader]

Check this out. Since the patch, I can't get into EQ because Symantec keeps deleting EQGame.exe as a highly suspicious process. Note this flag: "Keystroke capture." Is Sony overstepping it's bounds in the privacy area yet again?

Full Path: Not Available
____________________________
____________________________
On computers as of:
8/10/2011 at 10:48:28 AM
Last Used:
8/10/2011 at 10:48:28 AM
Startup Item:
No
Launched:
Yes
____________________________
____________________________
Very Few Users
Fewer than 5 users in the Norton Community have used this file.
____________________________
High
This file risk is high.
____________________________
Threat Details
SONAR Protection monitors for suspicious program activity on your computer.
____________________________
Origin
Downloaded from URL Not Available

Source File:
eqgame.exe
____________________________
File Actions
File: c:\Name\games\eq\eqgame.exe
Removed
____________________________
Network Actions
Event: Network activity (Performed by c:\Name\games\eq\eqgame.exe, PID:5456)
No action taken
____________________________
System Settings Actions
Event: Process start (Performed by c:\Name\games\eq\eqgame.exe, PID:3688)
No action taken
____________________________
Suspicious Actions
Event: Keystroke capture (Performed by c:\Name\games\eq\eqgame.exe, PID:3688)
No action taken
____________________________
File Thumbprint - SHA:
Not Available
____________________________
File Thumbprint - MD5:
Not Available
____________________________

 

[Yasty2]

Can you not add the exe to the allow/exception list? Also just out of curiosity why Symantec? I have only ever seen that AV on work machines.

 

[Noobhaxor]

Well, before all the doom and gloom people get on here about they are cracking down on macro users and BS of the sort, I want to point out something.

Sony back in 2005ish modified their eqgame.exe with the express intention of catching macroquest2 users. It was highly successful, so successful that they couldn't ban the MQ2 users. Something like 20-30% of their subscribers were using it BACK THEN! I'm sure this number has risen, and they aren't going to do crap.

That being said, I do find it interesting that they are capturing keystrokes. They might be trying to weed out that small percentage of people that use mq2 for total automation. Where the pulling, killing, looting, AA spending, leveling, all macroed controlled. Myself just leveled a char using RAF from 51 to 90 with 1k AA in about 5 days.

 

[Noobhaxor]

(DOUBLE POST)

 

[sorenbro]

Filed a report with https://complaint.ic3.gov/default.aspx

With Sony Networks so easily compromised. Is it really a good idea to let them have a keystroke recorder? I mean what if we log in to are banks wile playing the game? or buy something online? are we to just trust Sony will keep are passwords save? like they have in the past?

 

[sorenbro]

this was from my scan


IObit Malware Fighter

OS: Windows 7
Version: 1.0.0.12
Define Version: 1035
Time Elapsed: 00:46:09
Objects Scanned: 81668
Threats Found: 1
Save Time: 8/10/2011 1:48:23 PM

|Name|Type|Description|ID|
Trojan.KIdent - Quarantined, FILE, C:\Program Files (x86)\Sony\Station\LaunchPad\lp_plugin.exe, 4007633

 

[Yasty2]

Filed a report with https://complaint.ic3.gov/default.aspx

With Sony Networks so easily compromised. Is it really a good idea to let them have a keystroke recorder? I mean what if we log in to are banks wile playing the game? or buy something online? are we to just trust Sony will keep are passwords save? like they have in the past?

If Sony was actually recording keystrokes more than likely it would be modified to only capture keystrokes that are within the client itself and not things outside the game. As having it record all keystrokes on the computer would have some sort of legal recourse.

 

[Yasty2]

this was from my scan


IObit Malware Fighter

OS: Windows 7
Version: 1.0.0.12
Define Version: 1035
Time Elapsed: 00:46:09
Objects Scanned: 81668
Threats Found: 1
Save Time: 8/10/2011 1:48:23 PM

|Name|Type|Description|ID|
Trojan.KIdent - Quarantined, FILE, C:\Program Files (x86)\Sony\Station\LaunchPad\lp_plugin.exe, 4007633

No offense but try using a better malware scanner. That one is not exactly reputable.

 

[teslatrader]

This is probably a false positive with my Symantec "SONAR" application, but I've been using for about 6 months with no false positives before. Consider:

"Five years ago, the Sony BMG music company was found to be illegally inserting malware on music CDs that would install “rootkits” into Windows laptops to prevent them from “ripping” MP3 files. Sony BMG eventually paid $575 million in fines and payouts connected with multiple lawsuits."

Illegal? Yes. But it wouldn't be the first time they got caught...

I'm just sayin'.

 

[n785f4f]

NOD32 doesn't pop this as malware.

 

[Teichou]

Antivirus	Version	Last Update	Result
AhnLab-V3	2011.08.10.02	2011.08.10	-
AntiVir	7.11.13.12	2011.08.10	-
Antiy-AVL	2.0.3.7	2011.08.10	-
Avast	4.8.1351.0	2011.08.10	-
Avast5	5.0.677.0	2011.08.10	-
AVG	10.0.0.1190	2011.08.10	-
BitDefender	7.2	2011.08.11	-
CAT-QuickHeal	11.00	2011.08.10	-
ClamAV	0.97.0.0	2011.08.11	-
Commtouch	5.3.2.6	2011.08.11	-
Comodo	9703	2011.08.11	-
DrWeb	5.0.2.03300	2011.08.11	-
Emsisoft	5.1.0.8	2011.08.11	-
eSafe	7.0.17.0	2011.08.10	-
eTrust-Vet	36.1.8495	2011.08.10	-
F-Prot	4.6.2.117	2011.08.11	-
F-Secure	9.0.16440.0	2011.08.11	-
Fortinet	4.2.257.0	2011.08.11	-
GData	22	2011.08.11	-
Ikarus	T3.1.1.107.0	2011.08.11	-
Jiangmin	13.0.900	2011.08.10	-
K7AntiVirus	9.109.5003	2011.08.10	-
Kaspersky	9.0.0.837	2011.08.11	-
McAfee	5.400.0.1158	2011.08.11	-
McAfee-GW-Edition	2010.1D	2011.08.11	-
Microsoft	1.7104	2011.08.11	-
NOD32	6367	2011.08.11	-
Norman	6.07.10	2011.08.10	-
nProtect	2011-08-10.03	2011.08.10	-
Panda	10.0.3.5	2011.08.10	-
PCTools	8.0.0.5	2011.08.11	-
Prevx	3.0	2011.08.11	-
Rising	23.70.02.03	2011.08.10	-
Sophos	4.67.0	2011.08.11	-
SUPERAntiSpyware	4.40.0.1006	2011.08.11	-
Symantec	20111.2.0.82	2011.08.11	-
TheHacker	6.7.0.1.274	2011.08.10	-
TrendMicro	9.500.0.1008	2011.08.10	-
TrendMicro-HouseCall	9.500.0.1008	2011.08.11	-
VBA32	3.12.16.4	2011.08.10	-
VIPRE	10133	2011.08.11	-
ViRobot	2011.8.11.4616	2011.08.11	-
VirusBuster	14.0.162.0	2011.08.10	-

in short...no its not true....its a False +...like when ur gf tells u she might be knocked up and she is not!

 

[breakfast]

so you're saying I should throw the EQGame.exe down the stairs just in case?

 

[ss44]

so you're saying I should throw the EQGame.exe down the stairs just in case?

ha!

 

[Maskoi]

lol

 

[impatientuser]

so you're saying I should throw the EQGame.exe down the stairs just in case?

omfg. I might have hurt myself laughing. Wife didn't find it as funny though =/.

 

[Noobhaxor]

so you're saying I should throw the EQGame.exe down the stairs just in case?

fuking hilarious...