Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
Trojan found!
KRILE0N
Member UncommonPosts: 299
These idiots can't even compile a dang EXE properly.
They've encrypted the files within the EXE (BIG red flag for some anti-virus software), which has given the individual files random names.
Upon downloading of the Stonehenge Patch (WTF? Why is it a manual download? Idiots.). If you use such software as Avast or AVG or other good anti-virus software. It'll claim the program is introducing a trojan.
Now obviously it's not, but why should this matter you say?
Because a company that can't even properly compress an encrypted EXE is making your game! How do you solve this false positive? You put the damn EXE in a RAR or ZIP. Problem solved. Why is that so hard for them to do?
My MAJOR concern is why is it a manual download and WHY is it so insanely encrypted. I've never encountered issues like this before, because any encrypted files I've downloaded was compressed properly (who the hell puts low compression EXE up anyway?).
I've come to the conclusion that they encrypted the files and made it a seperate download because they wanted to prevent modders from making SP knock offs of the stonehenge content, which is a very good reason to encrypt it, but why so extensively to randomize file names? I just can't find a good explination for their actions.
I KNOW it's not a virus it is a FALSE POSITIVE (a red flag trigger from files that present LIKENESS to a real virus), BUT I refused to give the game another try simply because of their incompetense. Not to mention from what i've been told Stonehenge is roughly 1 hour of content. Not including the endlessly boring gear grind (no where near as fun as Diablo2 gear grind.. as you actually did this with a full group of people and had a blast.. grouping barely brings better gear the difficulty gets INTENSE when you add to many people).
So take from this what you will, but i'm done with Hellgate and FSS. IMO they're a bunch of incompetent designers and it really makes you wonder why they "left" blizzard.
Comments
theres loads of games and other product that highlight as virus activity, sticking to the gaming world - Mircosofts own xbox development environment also comes up as having virus components.
Your post doesnt make a point, you ask why then supply the reason, it looks like an ok reason to me, certainly it didnt make me uptight and aggro over the fact i had to click 1 more button to download it <gasp>.
In 12 years of gaming, I've never had a manual patch trigger anti-virus.. ever.. that's because the developers are smart enough not to package and encrypt files in suspicious ways.
Get this. My attempt to warn others against downloading ANYTHING that triggers a red flag on their forums and posts of other people having the exact same issues.. were all deleted. All of them. I didn't even break any rules in my posts. I was just giving an unbiased opinion on the matter. So they deleted my posts. They also gave NO warning. NO e-mail. NO pm. NOTHING. The posts and any reference to the posts, VANISHED.
Lets go down a list of why this is a problem:
1) Why is it a manual MANDATORY patch? It's certainly not to big to download through in game patcher. (300mb)
2) There is NO official comment from FSS about this issue on their forums.
3) They are deleting any posts that are against or suspicious of such activity.
4) The viruses that attempted to download was traced back DIRECTLY to their file. It was not a spawn of a pre-existing virus. The patch generated the files it self.
5) Why are these randomly named files plugged into the temp folder as .exe format? This is the pattern of a trojan. (I've done over 10 scans with roughly 6 different programs. It is NOT a pre-existing virus. I've done spyware removals from 3 different sources and I've done 2 rootkit scans.)
So you people that ignored the warning and installed the patch. All I can say is you potentially now have a Rootkit on your system. It is probably spawning files in your temp folder. If you see things like 3521jfsa.exe in your temp folder or close to it or have a anti-virus trigger presenting such file. Then it is spawning viruses or attempted to.
I am not one to take suspicious behavior litely. I aim to insure my system is secure. Is it a false positive? That's a posibility, but I ask you.. are you willing to take that chance? This coming from a company that's done nothing more but epically fail at creating a quality game and bring nothing but short comings. It's your choice to ignore it or not and hay I could be wrong, but again.. are you willing to take that risk. I'm just here trying to give a friendly warning.
So be honest to your selves. Connect the dots and then tell me you aren't even the least bit suspicious of such activity. Continue to ask your self, "WHY is a mandatory patch manually downloaded instead of through the file by file patcher." The reason being is the patcher will download faster/fast as manual download and presents a guaranteed pause/resume with no file corruption. So why is it manual?
Good luck folks.
people who trust antivirus programs should not use computers.
The fault of the false positive isn't FSS, it's your antivirus. BTW avast is a horrible antivirus.
Umm, yeah HGL is a Trojan in itself!
Yeah I forced myself through the entire game, and was just horrified at how poorly the game was put together! I really can't see why they even call this a game, let alone list it as an MMO! Heck Diablo should be listed an MMO then if this one is!
Kemih ~ 13 Red Mage | Currently playing FFXI & LOTRO, awaiting Warhammer Online & Aion...
Trojans can also lay dormant and add them selvs to random files. It is not forced to be the patch.
I'm aware of this, but all it takes is a little trace work and you can find the source.
The trojans were generated directly from their server once I made a connection to initiate the download. The trojans was riding a long with the patch. I don't think the patch is compromised, but I do believe their FTP server possibly was, which isn't hard to do.
And to the fool who says not to believe anti-viruses.. good luck. As said this is the first time in years i've had any game related files be "mistaken" for a virus. It's not hard to create a damn executeable that doesn't run with virus like behavior.. it's not re-inventing damn rocket science.. it's just compiling a couple freaken files properly.. not hard to do.. obviously in FSS case.. it was hard to do, but as I also said. That's not my major concern. You and everyone else STILL fails to explain why a tiny 300mb mandatory patch is downloaded manually. There is no excuse for this.
Also, Avast works perfectly fine. It's not the best in the world i'd admit, but nothing is. There's always something that's bound to slip in, which is why I have 2 other AVs that I do bootup scans with regularly. I'm considering buying the ZoneAlarm Security Suite and getting spyware, adware, rookit, virus, firewall protection all in 1 bundle.
Just for your benefit and my amusement I am downloading the stonehenge patch direct from their server and will be doing a scan with both NOD32 and Kaspersky and tell you what the results are. You claim that is is the fault of FSS yet do not even take into consideration that it may be a false positive and a problem with whatever AV software you are using.
I'll let you know in about 15 minutes what my results are.
wow .. a little paranoid are we? Do you practice getting your keys out and unlocking your door in case a serial killer ever chases you home?
btw I'm lovin HGL and I think it is only gonna get better as time goes on. I switch between it and Eve regularly while I wait for AoC
only bikers understand why a dog hangs his head out the window.
Patch_NA_Europe_Germany_MP_1.0_(1.0.27.4101.a)
scanned with NOD32 v2.70.39 Virus signature database 2949(20080315) all files checked clean..
at this point I think the problem either lies in your AV software or elsewhere on your computer.
I already know it's a false positive.
{ Mod Edit }
The issue isn't the damn false positive for the last time. The issue is why is a mandatory 300mb patch downloaded manually instead of via in-game patcher. Please folks.. read the posts..
Hmm the issue in a thread titled "Trojan found!" isn't about a false positive trojan but about that dislike that you have to download the file not get it through the patcher?
Gotta say this is a pretty deceptive thread since reading through it at one point I thought you were infected with a trojan that you got from downloading a patch.
I think it's fine to want them to do the patch through the patcher.
The fact that your antivirus program flags the patch falsely as a virus/trojan is really a problem with your antivirus software and you might want to contact the vendor.
Claiming that you are infected or that their is in fact a trojan is just a lie by your own admission.
I think this thread should be closed as it is somewhat inflamitory and missleading to people that would want to patch their game.
---
Ethion
I really hate reading the forumns on here. Everyone is so cynical. They never stay on topic. they derail posts constantly. And, 90% they are employees of the company that the OP's are complaining about.
If you're a friggin employee, just come out and say you're an employee and you're defending your company. Enough with the shinanigans.
The OP wasn't deceptive. I clearly understood the post in the first sentence. There's no mystery to what he's talking about. Just by the title alone i KNEW he wasn't going to talk about HL making a trojan, hell that's be national news I think. I knew instantly he was going to point out some flaw about the game. Doesn't take rocket science. Doesn't take a membership to [whatever the name of that genius club]
If you feel somehow deceived that's your own character flaw. Don't ascribe your own short comings to someone else. Stay on topic and stop trying to derail the post. A simple "I disagree" would be enough.
Well I can tell ya the FSS guys aren't posting on here, they're too busy on the official forums. Also I think they learned not to rear their heads on sites filled with zealous "MMO Elitists" (read: obnoxious WoW Kiddies who think they know everything about game development and what defines an MMO.)
As for the OP, the only part I really want to question with him is the questioning of the 300 MB patch for manual download. My only theory is that perhaps the patch included necessary stuff for the networking client including the patching process (performed in the client, not an external patcher per se like most online games), and that perhaps it was just easier on server bandwidth as well as time spent on client side to have an external application patch that part in.
This is a total nooblet shot in the dark as to the why, however everything you said about archiving is pretty straight forward.
More like a 300 MB download off their servers to every punter would cost them an arm and a leg so they let Fileplanet host it instead.
Maybe they will stick in some adverts during downloads in future titles.
Trojans can also lay dormant and add them selvs to random files. It is not forced to be the patch.