Who the hell use active antivirus protection these days? I see that you download to much **** in .exe or .bat from bad sources.
I felt like my computer has been a bit slower and startup was weird with a black screen since yesterday i let the thing through by disabling shields. Also got 2 virus popups on Microsoft .NET but this happened before though. I dont really want to write in any passwords or such before i KNOW its a false positive (i got avast) Anyone got some more info? (still cant play, though i did play after disabling shields last night) virus is still popping up when trying to install shields. Had 5 different files in my virus chest from the Planetside 2 folder with different names. I suppose these are patch files that just have different names but the same problem. Really sad we havent gotten a proper response yet from someone from the patch/tech team.
Did you upload those files from the chest to Avast for false positive detection and/or contacted Avast?
I have run Planetside2.exe twice since adding just that .exe to the exclusion list, then run extensive scans and even manual file and registry checks for this virus, and found no evidence of it. Give that, plus a) it has shown up as a false positive before and b) only one other antivirus package is reporting it, makes me 99% sure that this is a false positive. I also encourage everyone to run active antivirus protection simply because you are running on WINDOWS! Run firewall software too. Even if you never open a web browser, read an email, nor chat, and run on a dedicated game box only, do not trust that you are safe, as windows has too poor a history of vulnerabilities, though I do recognize that it is far better than it used to be. The risk is not worth the 2fps gain.
Sooo, more than 2 days and no proper responce from SOE, except for "it's a false positive" with no actual proof or official statement.... But, hey, you fixed some helmets, that's what really matters, right......
Hey, my avast is haveing the same ("virus" update) problem. I noticed there was a option to auto sheild against the "virus" I was scared that it would stuff up my computer so I clicked it. After scanning the internet for this problem i came across many people who had the same ploblem and said it was a fluke so I decided I was going to report as a false positive next time that annoying red box came up but when I redownloaded the update the red box came up but with no option to "report as a false positive" I think this is because I auto sheilded against it. Is there any manual way (not to technical please) to report as a false positive? potato, pook
See the trouble here is that the triggered even is an actual virus that exhists and is now in the PS2.exe. So I do question why would any Sony rep not err on the side of caution. If you are wrong you are telling a lot of people it is okay to let this trojan into there system. This trojan infects and rewrites the MBR of your drives. The deinition of win32:hoblig [Heur] via http:// www. im-infected.com/trojan/win32hoblig-b-heur. html Spaces added to remove the link... courtesy and all. Win32:Hoblig-B [Heur] is a malware that can infect master boot record (MBR) of the computer. It also possesses backdoor feature that may give remote access to an attacker. Virus-like function of Win32:Hoblig-B [Heur] allows it to spread quickly by infecting files on the computer and its network location. If this Trojan is executed, it modifies the master boot record. This important part of the PC contains commands that are launch during computer boot up. During Win32:Hoblig-B [Heur] infection, MBR will be replaced by the Trojan code. Thus, it is executed on when user power-on the computer. The original part of the MBR is placed on the last drive sector including codes and other encrypted data. Presence of Win32:Hoblig-B [Heur] on the PC can cause remote attacks. The Trojan can link victim’s PC to a remote server in order to receive commands. This channel is utilized by the residing Trojan to accept instructions from command and control server (C&C). The connection also allows Win32:Hoblig-B [Heur] to download files and update its payload. Additional task not included in the usual infection that may be added are the following: Open a backdoor on the PC The Trojan ends processes related to antivirus software Hide the bootkit and other malicious data "The Trojan ends processes related to antivirus software" What part of this warning suggests you should tell people it is a false pasitive? It is a known virus that blocks your AV from stopping other viruses. Just admit your software got the flu give it a fix and get us back in game with credits for the passive cert gain for all days until it is fixed. That of course starts on 16 Oct 2013.
I updated my game today and found that it went smoothly without any more warnings. But I'm going to run a scan and make sure I simply didn't just deem it a FP.
Your test you are showing is for a file from "Analysis date: 2013-05-11 19:51:10 UTC ( 5 months, 1 week ago )" This arguement is not valid since the PS2.exe updated on 16 Oct 2013. It isn't just the newer or older avast because it was picked up by version 7 as well when I installed an old version. Aside from that in the last few months It has never triggered in any scans I have run. This suggests that either Sony got hacked AGAIN. Lets not forget our 6 months free play last year in PS1 or the BMG music thing either. To say that it doesn't happen is foolish. For all we know SOE has just opened a gold mine for some Russian/Chinese hacker.
@XLander: Thank you for the insight. I'm not playing this game until SOE fixes the issue. If you ask me to trust Sony (they would never give us a virus), you're a damned fool.
Your very sure about that? because at the moment its looking like its not a false positive, there are 2 infected files that mine picked up, on doing a boot sector virus scan, the files are now deleted. But until get the all clear from Avast now. The offending software has i believe, now been uploaded to them (Avast) for analysis. i have no intention of running PS2, i deleted the file folder with a secure shredder, when they fix it, i'll reinstall, but not until i know its safe to do so. In the meantime i would suggest anyone using Planetside 2 not use that particular computer for any secure transactions/online banking.
I'm having a similar problem, the game tries to update and says it can't find the planetside2.exe file right at the end. I checked the location and found it was gone, I tried reinstalling it on steam and the .exe disappeared while the update was in process (I checked before and after, the .exe was there before the update and wasn't after). Any suggestions? It could be my Avast being difficult but I can't be sure as it was late when this happened and didn't have time to figure out what to do.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Happened exactly as you said it would.. i Avast-excluded folder,(allowing the flagged .exe and .exe.part files through - fyi:, this is in the 44Mb patch that came AFTER the 300Mb one) got patched, played... next day restart, keyboard got locked-out,restarted, got net spikes(without any applications running)..disconnected modem,Avast-scanned folder, found following infected with Win32:Hoblig [Heur] : Planetside2\Planetside2.exe Planetside2\Planetside2.exe.temp Planetside2\trz13E3.tmp Planetside2\trzAFF4.tmp Planetside2\trz36B1.tmp not sure if submitting to Avast from within scan worked, so angry-me,against better judgment, went online to manually submit said files to Avast(56Mb each file), then quarantined, deleted files..even the launcher ran MBAM, found following in the partition where the game folder was(D:\): RiskWare.Tool.CK in D:\System Volume Information\_restore{...............................\A00O7100.EXE Malware.Packer.as in D:\System Volume Information\_restore{...............................\A00O90O1.exe Trojan.Downloader in D:\System Volume Information\_restore{...............................\A00O9014.exe deleted immediately...still had older restore points available, so panicky smart_ss me decided to restore... on restore,BOTH MY AVAST + MBAM DISABLED.. even on undo-restore..still..on any/all restore points.. <<screenshots available for ALL of above if Sony ever wants it>> also, somehow you CANNOT manually delete above restore points.. did Full windows re-install (C:\) -lost/had to reinstall everything..2days.. New Avast's boot-scan still shows above(Mbam doesn't pick it, neither does McAfee/Defender) guess i'll have to backup/format partition, or the whole bloody hardrive... no reply yet from either organization.. WHY??? ps.,even my SOE login to reply here(+the Account one) password didn't work, no, didn't forget, i'm staring at the 'written down' one, had to change to new one(should show in SOE logs)... <<again, screenshots available of ALL of above, including Mbam logs + Avast tickets to SOE only if they ever read this>> but just an acknowledgment that something did f-up, that they have fixed it, and its safe to get back in to play the game we love.. til then, bye-bye P2 just thought i'd share my experience..
