Its a named threat that you can look up on malware forums. That doesn't mean this is the actual virus only that it is acting like one and flagging a named and known virus.
If this is a virus and not a FP then you are allowing a trojan MBR virus to access your hard drives and replicate in your zero sector of every hard drive, thumb drive or on rare occasion floppy disc you put in your computer then compromising anyone you share data with. This is indeed a high threat by name virus. Since it is heuristic then it may be a FP. I find that strange since it is being labeled as a known high threat virus.
Read my previous post if this is not a FP it is serious and the fix is knowing how to replace the zero sector of your various hard drives, SSd's, flash drives, and floppy's. That will require knowing how to make or get a boot disc then digging up the process for overwriting your zero sector and hoping your HD/SSD/Et cetera takes and doesn't frag. So I think I would rather a drive wipe than replace my many hundreds of dollars worth of SSD'd and HDD, and FD's. Just saying if this turns out to be a real virus I will expect restitution from SOE. No 15$ class action will do. I have 1k$ worth of drives roasting if this is actually that bug.What is worse is if this is that virus then I can't back up all my data because the infected drives will infect any new drive installed. So yes this is potentially way worse than HDD wipe of previous days. Its the loss of unatainable software with paying for it again and the loss of physical equipment. A lot of people say I am spreading paranoia but I am simply highly concerned, and see little open attention being given to keep us in the loop as to what is being done to fix it.
well your loss i work a tech support dumb *** it just a coding in the patch where it causes avast to detect it that all i've been on 6 times this week and no problem so shove it ******* if you have a problem with then sit there and wait for them whitelist
Might be it is a very new virus, so only avast knows it yet. While you wait for white listing it you could get more anti viruses to start recognizing it instead..
Von, you would have better lottery chances then finding a brand new virus that is not yet "in the wild" suddenly appearing in a patch update from a professional vendor. Anyways it has already been run through virustotal, its clean.
I'm sorry, but this is just plainly incorrect and definately a case of paranoia: 1. A bad MBR does not render any disk non-functional, it will just not boot the OS it was supposed to. (At least in this case according to the only semi-detailed source I've found regarding this potential virus and it's MBR-payload) 2. A bad MBR will not be transferred when backing up. (Unless you use linux dd command, which I don't reccomend in this case) (The virus in question overwrites the MBR (according to same source as above), which likely means upon execution of the infected file. But if you want to be really sure, boot a linux/live OS from a USB-stick and do the backup there) 3. The fix, as noted in the source mentioned in previous point, also directs you to a quite straight forward and simple way of detecting and removing any infection (by for example scanning the MBR with a tool from Avast). Regarding if this is a FP or not: Virustotal notes (under "Additional information") that F-secure and Symantec does notice something suspicious in their scans: F-Secure Deepguard Suspicious:W32/Malware!Gemini Symantec reputation Suspicious.InsightYet they do not flag the file as a virus; this seems to indicate that there is indeed some offending code that Avast heuristics could/should react on, however, this code may simply be logging and tracing for example to collect data for the current optimisation initiative (which doesn't seem too unlikely, with other words). Additionally, the details from McAfee on this virus seems to indicate that it is not, infact, so severe as the other source claims. Lastly, my MBR is untounched since the patch, nor do I have any suspicious services nor network activity on any ports. With all likelyhood this is a false positive. (But this does NOT mean that you should disable your File system shield! Bare minimum if at all!)
Yeah, you're really impressing me with your stellar intellect and masterful butchery of the English language. Thanks for showing your true colors by being so obviously helpful and holding your temper so well </sarcasm>
Ran deep scans with Malwarebytes, Spybot, Defender and Avast. Only Avast picked up "infections" in Sony. i unistalled Avast, and installed AVG, updated all the others and did deep scans with them all including AVG, no infections found and can run the game again.
Now that could mean that Avast is reporting a false positive. Or, it could mean that only Avast could detect the infected files. Remember that even the launcher, at times, will report an infected file. I'm not telling you that this is a bad idea, and in fact, I may be foolish in avoiding the game until I hear more official reports on the matter or until the DEV team can repair the coding that's caused a virus alert on Avast's part. But I would rather keep my system safe and secure, than open a back door for a dangerous threat to get into my system and even infect the core files. I think that people should consider the risks of allowing an exception through Avast's System Shield, that they should realize that they might be allowing a potentially hazardous program to manifest in their system. After I excluded the program in Avast, I ran a scan a couple days later with MalwareBytes. MBAM found seven infected files on my system and removed them. Now, whether or not these were caused by excluding the above mentioned files or not is something I do not know, but what I do know is that this could be another sign of the files actually containing a virus. What I would like to see, because of this, is for the DEV team to take some time and find out just what it is that is causing Avast, and their launcher to flag the patch as being infected with a virus. But I do know that they're busy working with the optimization patch at the moment, and since that this issue is only exclusive to the Avast users of the game, OMFG takes higher priority as it should. They have at least said they were looking into the issue. And, until it's been fixed, that will have to do.
UPDATE: It looks like something was resolved. I just now successfully updated and launched the game without modifying anything on my Avast client. If you've had this issue over the past week, please try again and report your results (just in case I'm experiencing an anomaly).
So, if anyone's missed it, SOE has made some replies both on the ps2 forums (other thread) as well as on Avast forums
From what I can tell the avast issue is fixed. They did an update and I sent the many "infected" files to them for checking. Got a response from avast that there is no virus present.
None of what I've tried on this thread have had any effect - now it endlessly throttles your connection, even if it's been excluded.
This is not fixed. On a boot scan I had done recently, because my computer was running slow, Avast quarantined three Planetside 2 files and several others with win32:hoblig. From this point forth, I have been unable to access Planetside 2. When I load the game, the point right after you click Play, where the screen goes black, is as far as it takes me. The screen remains black and the splash screen remains in the background. Furthermore, I have to bring up the task manager to get rid of the game after this, and it keeps the Planetside 2 cursor and prohibits me from using the mouse to actually click anything in the task manager and what have you. I have to use hotkeys to actually end the program. I tried restoring the quarantined files, this did not work. I tried disabling Avast, and this too did not work. I finally uninstalled Avast, this didn't work either. I reinstalled Planetside 2, and again...nothing has fixed the problem. I am at a loss, and quite disappointed.
