Guild Wars 2

Hi all.

Just started up GW2 client to download the new patch and after the first white panel bit, where it shows the pre-DL info, disappeared as normal,the launcher didn’t come back for the main download.

A few minutes later I get a message from Trend Micro that it has deleted GW2.exe and guild wars 2 game client.lnk.

I’m guessing this is a false positive (wouldn’t be the first time) but just thought I would ask in case anyone knows about some accidental/disgruntled employee/hack-attack/government(!!!) shenanigans before I add anything to the exception list.

Thanks

You may want to check your entire system for infection. As Gw2.exe is an executable file with permitted firewall/anti-virus exceptions to access the internet, malicious software will look to alter it and other executables as they are run to allow the infection to spread and/or ‘call home’ and send your sensitive information over the internet. To be on the safe side, you should also look to change your email account password and game login password as soon as possible from a different computer or from that computer after you are sure that it is clean of infection.

Thrash Wolf.7892:

Hi all.

Just started up GW2 client to download the new patch and after the first white panel bit, where it shows the pre-DL info, disappeared as normal,the launcher didn’t come back for the main download.

A few minutes later I get a message from Trend Micro that it has deleted GW2.exe and guild wars 2 game client.lnk.

I’m guessing this is a false positive (wouldn’t be the first time) but just thought I would ask in case anyone knows about some accidental/disgruntled employee/hack-attack/government(!!!) shenanigans before I add anything to the exception list.

Thanks

Scan your system with the following;

TDSS KIller – Finds RootKits
HitmanPro – Finds lots of stuff including Rootkits
MalwareBytes – Finds Malware and some Botnets
CCleaner – Registry Scanner

then I would uninstall Trendmicro, download their latest client, and reinstall and update the definition files. then do a full system scan.

Since your running Trend and you got infected, I’m thinking your AV is compromised. Trend is the best AV detection kit there is for Real-time Detection;

Source – http://www.av-comparatives.org/wp-content/uploads/2013/11/avc_factsheet2013_10.pdf

So get it repaired and make sure your system is clean!

Just an FYI but i got this as well its likely a false positive from trend micro. Interestingly enough trend micro also hates Blizzard and TDSS killer.

Also note that MalwareBytes while a wonderful program can disagree with trend micro, i Do Not recommend running both at the same time.

Just a follow up, i can’t find anything on my desktop PC. However, i should note that i can’t replicate this issue on my laptop. My laptop has the same version of trend micro but is windows 7, (desktop is Vista). The only thing i noticed is that the update seems to have changed GW2’s software certificate in relation to the profile on my laptop. I don’t know if that’s related but it didn’t do that on my Vista desktop. Sooo.. I can’t say its not a Virus but eh.. probably not?

More information than you probably wanted but anyway ;p

Personally, I think that Trend Micro is garbage and the Op’s problem is just one example of the nonsense I’ve had to deal with on customer’s PC’s – because of TM.

I use Avast (free). It (in my opinion) is the best free-version AV out there. It also happens to have the lightest resource usage of any antivirus program I’ve ever used.

Yes, there are better AV’s out there – but they don’t have free versions.

abomally.2694:

Personally, I think that Trend Micro is garbage and the Op’s problem is just one example of the nonsense I’ve had to deal with on customer’s PC’s – because of TM.

I use Avast (free). It (in my opinion) is the best free-version AV out there. It also happens to have the lightest resource usage of any antivirus program I’ve ever used.

Yes, there are better AV’s out there – but they don’t have free versions.

I fully agree with you about TM and Avast is also my AV of choice. I don’t see myself using anything else for a long time to come. If a client seems unhappy with their current AV, or is interested in my preference, I do not hesitate to point out the positive aspects of Avast and encourage them to switch to it.

I’m sure there is a restore button somewhere in the logs.

I’m also using Trend Micro. I see no problem with it whatsoever.