So, I just wanted to update planetside 2, but Avast! Detected a virus named win32:hoblig
According to virustotal avast is the only one to flag it, but I want to be sure that it’s a false positive.
Many planetside 2 users said that is probably a fp, but we never know.
Is it better to do a full system reinstall to avoid the worse?
Just noting that I am getting the same error when trying to install planetside2 after it stopped working - the day after going to Avast 2014.
Can you post a Screen Shot of full detection, so we can see what is it about. Be sure that detected file is seen in Screen Shot
Too late sorry, I already formated all my drives and reinstalled the os. But it was in two files, if i remember exactly it was in planetside2.exe and planetside2.exe.part because it was downloading an update
Avast said that it got rid of the threat, everthing ended up in the virus chest
Formatting drives can get rid of this virus right?
With all likelyhood this is a false positive and I would say that formatting your drives is a gross overreaction, if nothing else since this patch was launched by Sony on wednesday and they have still not pulled it from their servers despite numerous posts about it on their forums. (They seem confident that there is no problem in their patch/file)
The problem is present in both Avast 2014 as well as the latest prior version (as in before 2014), including latest virus definitions (131019-1).
Avast first reacts to temporary copies and parts of the file upon installation of the patch via the game launcher/updater, as shown in of the chest screenshot attached.
(As a bonus issue, the “restore and add to exclusions” in the chest does not actually add any exclusion)
Edit: Virustotal analysis: https://www.virustotal.com/en/file/113662e24dd95de28536dbfa56396afd76f2a99e34d2186e18ea25922d1e0cf8/analysis/
Might be a FP then…
I found out that its not the first time that avast flag the file for the same infection.
Anyway, I formated all my drivers and cleaned the mbr after, so I even if it was an infection, there is no more
But even though, avast blocked it, so Im pretty sure its out of possibility that the infection would have survived to all of this.
I still wait an official comment from SOE
well file is new at VT. First submission 2013-10-16 14:10:35 UTC ( 3 days, 3 hours ago )
Advanced heuristic and reputation engines F-Secure Deepguard Suspicious:W32/Malware!Gemini Symantec reputation Suspicious.InsightBehaviour characterization Zemana keylogger
What does it mean?
(The quote)
Its the first time that the file is sent to VT, but not the first time user got an alert with avast and planetside 2 (same virus alert)
http://forum.avast.com/index.php?topic=123956.0
And do you think that will all the steps I did, if it wasn’t a false positive, would I be safe?
Btw why when I reload the page, it downloads index.php on my pc? (On this page?)! If you ctrl-r quickly few times in a row it download a file…
new file at VT…low detection rate… can mean a new virus that not many detect yet?
the info in the quote you will find at VT if you click the additional info tab
Or a FP 
But anyway, would I be clean with all the steps that I did? (Formatting, cleaning mbr…)
And If avast said that it blocked it, would that mean that the infection has not spread out?
yes i also think this is a FP so file should be sendt to avast lab so that they can correct
But anyway, would I be clean with all the steps that I did? (Formatting, cleaning mbr...)Yes
And If avast said that it blocked it, would that mean that the infection has not spread out?spread to where....you did a format
If I had not reinstalled, would Avast had been enough? ( that was the sence of the question)
Used http://public.avast.com/~gmerek/aswMBR.htm to scan, it found nothing. I guess everthing is back to normal now
Greetings -
Sony Online Entertainment has reached out to Avast and opened a support ticket for this False Positive.
Our internal forums address the issue here and have listed some known work arounds.
SOE also checked the latest PlanetSide2.exe with Virus Total and received similar results:
https://www.virustotal.com/en/file/113662e24dd95de28536dbfa56396afd76f2a99e34d2186e18ea25922d1e0cf8/analysis/
Avast is the only hit on the list.
We’re eager to find a suitable solution for everyone encountering this issue and are currently awaiting word back from Avast.
Thanks
Rob Thompson
Sr. QA Director
Sony Online Entertainment
www.soe.com
This should now be resolved.
If you encounter any other issues with Avast please post in these forums or on the official SOE Tech Support forums here: https://forums.station.sony.com/ps2/index.php?forums/general-technical-support.29/
Thanks
Rob Thompson
Sr. QA Director
Sony Online Entertainment
www.soe.com