I need some help about this.
2 hours ago, more or less, I decided to download Star Wars The Old Republic. I had already played it before a few years ago, but that might not be really relevant. After having the launcher installed, I opened it so that it would download the files for the game. Then I decided to open my hard drive, because the download was taking longer than expected and I just wanted to see the space it was occupying. I opened my hard drive D:, where I had it installed and I noticed a blank file named "end" at the bottom. This file was created at the same time that my SWTOR folder was created, at 23:35. I opened it with the notepad but it was empty. The same exact file was in my C: drive as well. I tried to research a bit about it and some other people had this file as well that was coincidentally related to SWTOR. For some the file was empty too, for others it said something like "conduitOK" I think. I'm really f***ing paranoid and this blank, empty file being created on BOTH hard drives is really raising my anxiety levels. I deleted the file on D, but on C it required admins permission, though I deleted it as well. I can't post this on the game's forum, because I have to be a subscriber, that's why I came here, because I'm really panicking. I wanted to know if someone here that plays SWTOR has the same stuff or if anyone in general can give some information about it.
I'm the most careful guy with it comes to their own PC. My machine is sacred so when I feel some insecurity, I can't even tell... Again, they were both empty files and got deleted, but my paranoia doesn't let me rest. Any help please?
Before I deleted the files, I scanned them both, but McAfee didn't detect anything.
I just finished a full scan too and it also didn't detect anything, but I'm still restless.
I tried to install the game on another laptop. I downloaded the launcher ALONE and as soon as I ran it, it did some stuff, created some folder in the AppData folder in the C: drive, which I think it was normal, but even before I chose the directory for the actual game in the D drive, that "end" file was already in the C drive, empty as well. So the conclusion is that the SWTOR installer launcher created that file on C only. I decided to also install the game on the other driver and only after the installation did the file appear also on D drive, empty as well. So, I would like to conclude that this might not be malware, but I REALLY needed the opinion of a more "expert" person on this matter.
Not a malware expert but will make a suggestion or two in case no-one else visits.
If the file has text in it saying conduitok that is, so google says, an indication of possible malware but a empty file seems to imply not so.
to be sure I would first load the installer file to www.virustotal.com and see what they say then
Scan your PC with several free scanners Getsusp will pick up anything Mcafee thinks is suspect and the free malwarebytes as well as Zemana. and some others. That said if nothing found delet the file or another thought is rename it to endfile.old.
See if another adds more experienced comments
Both files were empty and McAfee didn't detect anything. But I got the game in another computer, just to see if it would get the files too and it did, empty as well.
I uploaded the files to VirusTotal like you said on the other computer, I had to restore them first from the recycle bin, but nothing was detected as well. Both had a 0/57 community score if I know how to read this, so I think it should be fine. If anyone else had anything to add I'd appreciate it too. Thanks for the help.
What about the Launcher file did you upload that to Virustotal? If you scanned it and your PC with some of those scanners and clear it should be ok..
as I said malware not my area so I hope someone answers. Good luck
Uploaded the launcher in VirusTotal and apparently out of 68 results, 1 was a detection. All were undetected besides the VBA32 engine that says Suspected Of Trojan Downloader.gen.h. I don't know about this VBA32, but nothing else detected it. Should I be worried? Or can this be a false positive on the VBA side? I didn't want to worry, because all the AV's that I know (the most popular ones I guess) don't detect anything, but this single red result is a bit unsettling. It even says it's a signed file with a valid signature if that is relevant.
Pity would have been nice to have none. Running out of suggestions I feel it is just part of the launcher .Where did you get the launcher was it from a legit site or downloaded via a torrent etc?
That said I have only 2 remaining suggestions
1 Follow this link shows how to submit the files to Mcafee for review. if they happy you should.
2. Did you scan with several of the scanners I suggested?
No, I only tried McAfee, since it's the one I have. About the launcher, I got it from the official website of SWTOR, you scroll down a bit and you have a "Download" button on the right side, literally anyone can get it, I don't download anything from places I don't know or trust. I had played it a few years ago on my previous PC and it's a popular game with a BIG name, this being Star Wars, that's why I say I "trust" this, but I don't even know anymore. You have been a great help too, so thank you. There hasn't been any strange behaviour on my PC as well, but paranoia, you know...
I would definately try some of the scanners they are free. I use Malwarebytes and getsusp regularly but make sure if you install Malwarebytes that you deactivate the real time scanning options as it can clash with McAfee.
It sounds that things are fine if you got it from the website i would relax if above scans are fine.