Virius
mommyoftwo
Posts: 1 Arc User
I was playing and all of a sudden i got a quarrintien message and perfect world dissaperared completely. I went to my quarrinteine manager and it says that the game is transmitting a trojin virius. So I uninstalled the game and then reinstalled it but it still does it how do I fix this I want to play this game and it has happened to my brother too on his computer. We are both running windows 7 so you know. Thanks for your time.
Post edited by mommyoftwo on
0
Comments
-
I am having the same problem as above for both me and my real life husband.
here is the trojan my virus scanner found in the elementclient.exe, launcher.exe and patcher.exe file.
Trojan.Win32.Generic.pak!cobra
needless to say I can not launch pwi nor can my husband. I am on the phone with my virus support as I type this. But they are claiming that it is not a false positive and to not un-quarantine the files until I have made contact with the devs for pwi.0 -
I sent them a message and am waiting for a response now so hopefully we can get back to playing soon.0
-
Make sure that you do a double scan with a couple of different programs. Then try redownloading and reinstalling the game.
Make sure that you use the direct download, and not a torrent, to be on the safe side.Do you need help learning about patching the game, installing it, changing antivirus/firewall settings, changing network settings, learn how to use a computer, keeping your PC maintained and more?
Visit our BRAND NEW Knowledge Base & Support Website! - Tech Support Flowchart - Panda Caught on Camera0 -
I did that once already and i'm trying to do again we will see.0
-
Ok just got off the phone with our Virus scanner company. since it is a generic trojan that it is recognizing most likely it is a False positive and they have instructed me on what I needed to do next to verify it and also allow it.
I had actually called back to get a different person for support with my virus scan company after reading the info in the knowledge base.
https://support.perfectworld.com/ics/support/default.asp?deptID=15058
And I have scanned it at Virus Total and it is clean.0 -
If it works please let me know0
-
OK mommy first we need the name of the virus you found to help you. If it is the same one found on our pc then you can un-quarantine it and then allow it via your virus scanner/ firewall. But if you are unsure scan it using Virus Total first.0
-
Trojan.Win32.Generic.pac!cobra is the file name0
-
I ran a my anti-virus and it found 2 trojan viruses in the patcher and element client files for PWI, I have not had such issues until this massive update, my fiance also had the same trojans attached to the same files.
Risk name: Trojan.Win32.Generic.pak!cobra
Source: Scanner
Risk level: High
Risk category: Trojan
Description: Trojan is a general term for malicious software that is installed under false or deceptive pretenses or is installed without the user's full knowledge and consent. Most Trojans exhibit some form of malicious, hostile, or harmful functionality or behavior.
Advice: This is a high risk and should be removed immediately as it may compromise your privacy and security, make dangerous changes to your computer's settings without your knowledge and consent, or severely degrade your computer's performance and stability.
Found in my desktop PWI link
progam files\Perfect World Entertainment\Perfect World International\element\elementclient.exe
progam files\Perfect World Entertainment\Perfect World International\launcher\Launcher.exe
progam files\Perfect World Entertainment\Perfect World International\patcher\patcher.exe
my fiance and I are careful about where we go online and PWI files on both of our computers were the only ones affected.0 -
yes that is the same one I found. After spending forever on hold with my virus scan company the 2nd time I called, we uploaded the 3 files for them to scan and it is a false positive.
I also directed them to PWI's knowledge base about this issue. Which is posted here. https://support.perfectworld.com/ics/support/default.asp?deptID=15058
It explains due to the security they use for our password protection that this can cause a false positive in some virus scan software.
I also uploaded the 3 exe files to this website which uses several differnt virus scanners and they all came up negative. The website I use is Virus Total and here is their Link http://www.virustotal.com/
I hope this helps.0 -
im having a very simular problem. everything was working and i was able to play yesterday, but when i got home last night and tryed to play, i started getting an error saying that patcher.exe that the shortcut reffers to has been altered or is missing.
i have uninstalled, and reinstalled 5 times. i have re downloaded the game both via direct download and via bit torrent and have not been able to make any progress.
the patcher.exe fails to show up after reinstallation.
i just reinstalled again and after it was finished i got the option to verify the files (have already done during download and all was ok). upon verifying after the install i got several errors...
elementclient.exe is broken, launcher.exe failed to open, patcher.exe failed to open.
after it was complete the verifying tool closed and gave no option to fix the issues. obviously reinstalling wont fix this, so now what?0 -
I reported the Trojan to customer-no-service, here is a copy and paste of my report and their reply. I did research on Trojan.Win32.Generic.pak!cobra and it has been in the top 10 nasty viruses for over a year, yet PWI is trying to say that is not a threat, to turn off the antivirus, or to allow it. This same virus crashed my fiance's old computer, and my brother's computer, but PWI said it is nothing to worry about. b:angryb:angryb:angryb:angryb:angry I guess they do not want people playing the game or they would look into Trojan.Win32.Generic.pak!cobra themselves, and clear it up. I run Vipre by SunbeltSecurities, and it has never failed me, the customer service there is researching the Trojan.Win32.Generic.pak!cobra virus, they are even having their department install the game and look into the virus. Till then I am not going to be playing PWI.
TROJAN found in your program
Details: I ran a my anti-virus and it found 2 trojan viruses in the patcher and element client files for PWI, I have not had such issues until this massive update, my fiance Demon_Hnter also had the same trojans attached to the same files.
Risk name: Trojan.Win32.Generic.pak!cobra
Source: Scanner
Risk level: High
Risk category: Trojan
Description: Trojan is a general term for malicious software that is installed under false or deceptive pretenses or is installed without the user's full knowledge and consent. Most Trojans exhibit some form of malicious, hostile, or harmful functionality or behavior.
Advice: This is a high risk and should be removed immediately as it may compromise your privacy and security, make dangerous changes to your computer's settings without your knowledge and consent, or severely degrade your computer's performance and stability.
Found in my desktop PWI link
progam files\Perfect World Entertainment\Perfect World International\element\elementclient.exe
progam files\Perfect World Entertainment\Perfect World International\launcher\Launcher.exe
progam files\Perfect World Entertainment\Perfect World International\patcher\patcher.exe
my fiance and I are careful about where we go online and PWI files on both of our computers were the only ones affected.
Where did you experience this issue? (If available in game, please note the coordinate numbers.):
Which character(s), NPC(s), item(s), skill(s), or quest(s) were involved?:
What exactly happened? Please be as detailed as possible.:
What do you believe should have happened?:
Attachment:
Solution
Solved:
(3/10/2011 6:49 PM PDT) It could be flagging the game as a false positive.
Add exceptions for the game's file(s) into your antivirus software. You can do this by including the game folder in the exception list.
Example: Include the folder for C:\Perfect World Entertainment\Perfect World International into the exception list for your antivirus software. Then restart your PC and try again.
You can also try temporarily disabling your antivirus software long enough to get the game installed and playing, then re-enabling your antivirus software.
Here are some links to some antivirus manufacturers' websites, to help you use their software if needed.0 -
Ok Mr. Farts,
No more warnings about spamming the forums, and violating the Terms of Service by sharing private emails between PWE and you.
Please see the other thread I replied to you on, and your ticket that Tech Support has replied to.Do you need help learning about patching the game, installing it, changing antivirus/firewall settings, changing network settings, learn how to use a computer, keeping your PC maintained and more?
Visit our BRAND NEW Knowledge Base & Support Website! - Tech Support Flowchart - Panda Caught on Camera0 -
I have also had the same virus pop up in the launcher on my computer. The anti-virus deleted the launcher and when I re-installed the launcher it happened again. I'm not even able to uninstall the game so I can re-install it.0
-
What is your antivirus provider?
All of you please tell us.Do you need help learning about patching the game, installing it, changing antivirus/firewall settings, changing network settings, learn how to use a computer, keeping your PC maintained and more?
Visit our BRAND NEW Knowledge Base & Support Website! - Tech Support Flowchart - Panda Caught on Camera0 -
One way you can go about installing the game is to pause your virus scanner or turn it off. The once you have the game re-installed you set it to Allow on the three exe files. Elementclient exe, Launcher exe and Patcher exe.
Rest assured I just got back the latest results from my virus scan company and since we use the business premier addition due to it also being our work computer they worked hard on this.
This is a false positive for the Trojan.Win32.Generic.pak!cobra0 -
It probably is a false positive but, if we can get info on which programs are flagging it, we can contact the software makers and let them know our game is ok if it is flagging it falsely. b:victoryDo you need help learning about patching the game, installing it, changing antivirus/firewall settings, changing network settings, learn how to use a computer, keeping your PC maintained and more?
Visit our BRAND NEW Knowledge Base & Support Website! - Tech Support Flowchart - Panda Caught on Camera0 -
I too am having this problem, and just got finished submitting a ticket for the issue (before I found this thread too, oops!). It is not a false positive. About two days ago my game play became severely laggy and slow. It exented not only to the game but my entire system. I ran my antivirus (Also VIPRE by Sunbelt) and the Perfect World.lnk, the launcher.exe, and the patcher.exe came up as infected by this trojan. I immeadiately deleted the three files and bam, my system began performing normally and upon rescanning my system it was gone. I completely uninstalled and reinstalled pw (using the direct download, not a torrent) and began having the issues again. There is definitely something going on here. I'd really rather not have to quit the game, but I'm certainly not about to compromise my systems security.0
-
Vipre and they have already made an update for it since I sent them the exe files to examine.
I believe someone mentioned Trend Micro also.0 -
This problem just happened to me as well. It was going all fine until Ad-aware auto-updated to its latest version.
I am relieved that I am not alone in that case and not infected after all.
I hope this problem will be solved soon.
Thanks!Maintenance time. Please choose a line:
- When is it over? OMG I need my fix!! *super spazzing*
- Fix the damn bugs, dammit! I'm so angry! I'll quit!!
- New codes out there? I like free stuff~ *wink*
- When will we get new content? QQ
- Will we get sales? I got a ton of gold to spend.
- I'm bored, I'll create a useless thread to annoy Opkorock.
- *Incessant poking on Sweetiebot* Fun~0 -
darthpanda16 wrote: »What is your antivirus provider?
All of you please tell us.
i use AVG0 -
Take the time to look for your answer before you post like an idiot.
There are two kinds of people in this world...
There are those who panic,
And then there is us.
~ Sarah Jane Smith0 -
Well After Careful Consideration after checking reference on the file though it shows nasty stuff....
I run Zonealarm and never had an issue....
i read the reports of false positives ...
i allowed my firewall to run the files...
thank you pwi as I had to reload my pc
all my taskbar icons didn't work could run any programs
i got errors relating to bad image on pc and on reboot
trojan Dropper.Win64.Mediyes.a attached to all three files files on latest update and upon review that virus has very little info about it other than 32 bit references ... which are known to create hidden image on pc and do all kinds of nasty stuff
More information posted shows you have this issue in forsaken world as well which i play but have not run because of this.....
if this is a false positive why would my av sw delete the files unable to be repaired first
and give me all the other issues too ?
Not 100 % sure as i am well aware of false positives but this is crazy I just want a solid answer
Email to support has been sent awaiting response0 -
Hello,
today i tried to start up my pwi game however my anti virus gave me warning that elementclient.exe contains Trojan.Dropper.Win64.Mediyes.a virus with high risk. After the warning it automatically quarantined and deleted the file. I cannot run game without that file and i tried to reinstall however it keeps deleting automatically. I have no idea what to do, it wont allow me to play.
I cannot add it to exceptions because file disapears few seconds after warning
Please help me, i alrdy submitted a ticket but i really want to play the game
Oh and my antivirus is zone alarm0 -
1. Nice necro dude, next time just start a new thread.
2. Zone Alarm is not a good product. For a good free one try Avast or Avira. If you want to pay for one, best on the market is BitDefender. (Kapersky came in second because it hogs system resources and slows down net traffic significantly. I test these myself.)
3. You need to go into the settings for you anti-virus and add the entire directory that PWI resides in to the exceptions list. Both for active scan, and also for scheduled scans. After you've done that, verify the files a couple of times.[SIGPIC][/SIGPIC]0 -
i tried adding to exceptions but it keeps deleting the file after installation, and zone alarm is a good antivirus, i had it for few years never had a problem
Also this MIGHT be a false positive, what if its not? what if there really is a virus of some kind in pwi file? i cant trust it just from what gms said that its PROBABLY a false positive... its false positive in SOME cases but in others its real...0 -
i checked around on Google what i could find on that virus. Most websites say to remove it. It seems to have alias names as well! Some links:
http://www.sunbeltsecurity.com/ThreatDisplay.aspx?name=Trojan.Win32.Generic.pak!cobra&tid=4657539&cs=29DCB1C69CD75AA70240E9118E40DCF1
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Sirefef.M
Links for false + possible unwanted positives:
http://www.lavasoftsupport.com/index.php?/topic/30953-false-positive-trojanwin32genericpakcobra/
Sunbelt security shows it is a possible treath. So not positive and not negative.
http://sunbeltsecurity.com/
I personally suggest to remove it, incase of doubt always remove to be save. But did you try IO Bit already? it may help a bit.0 -
It's because of a wget macro that the client uses to poll the server for information. Many virus scanners automatically flag this command as a macro virus, even though it may not be. (Yet you can insert a macro to format your hard drive and that goes un-detected, go figure.)
You have to add the entire PWI installation folder, not just the one file, to your exception lists.[SIGPIC][/SIGPIC]0
Categories
- All Categories
- 181.9K PWI
- 697 Official Announcements
- 2 Rules of Conduct
- 264 Cabbage Patch Notes
- 61K General Discussion
- 1.5K Quality Corner
- 11.1K Suggestion Box
- 77.4K Archosaur City
- 3.5K Cash Shop Huddle
- 14.3K Server Symposium
- 18.1K Dungeons & Tactics
- 2K The Crafting Nook
- 4.9K Guild Banter
- 6.6K The Trading Post
- 28K Class Discussion
- 1.9K Arigora Colosseum
- 78 TW & Cross Server Battles
- 337 Nation Wars
- 8.2K Off-Topic Discussion
- 3.7K The Fanatics Forum
- 207 Screenshots and Videos
- 22.8K Support Desk