You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/
Thank you for your understanding.
Trojan.peed.gen - Possible False Positive Involving Punkbuster
Hi,
As of last night BD (7.17980) has started to flag the file PnkBstrK.sys as part of Trojan.Peed.Gen. This has then gone on to stop me being able to play any PunkBuster enabled games as this file, located C:\Program Files\EA GAMES\Battlefield 2\pb and C:\WINDOWS\system32\drivers, is an integrale part of the PunkBuster system, and the file missing/access to the file being blocked can result in a PunkBuster ban (Gamehack).
From what I can find through google searchs only BD is flagging this file as a trojan. So due to this can I please submit the file for re-examination? And if it is a false positive have it removed from the virus list?
Thanks
Sy
/applications/core/interface/file/attachment.php?id=1679" data-fileid="1679" rel="">PnkBstrK.rar
Comments
-
Hi,
I just signed up this morning because I got the exact same warning from the exact same file. I have submitted it from the quarantine tab in bitdefender. I won't bother uploading it to the forum unless it turns out not to be a false positive (which i'm pretty sure it is).
edit although - the location was different c:\users\*myusername*\Appdata\local\PunkBuster\Cod4\pb0 -
Yep. I just found a similar msg on my PC this morning. \Punkbuster\BF2142\pb\PnkBstrk.sys and \Punkbuster\Crysis\pb\PnkBstrk.sys.
Both are valid legal installs.0 -
Yep. I just found a similar msg on my PC this morning. \Punkbuster\BF2142\pb\PnkBstrk.sys and \Punkbuster\Crysis\pb\PnkBstrk.sys.
Both are valid legal installs.
i have the same hit:
C:\ProgramFiles\Activision\Call of Duty 4-Modern Warfare\pb\PnkBstrK.sys infected: Trojan.peed.Gen
C:\ProgramFiles\Activision\Call of Duty 4-Modern Warfare\pb\PnkBstrK.sys Disinfection failed
C:\ProgramFiles\Activision\Call of Duty 4-Modern Warfare\pb\PnkBstrK.sys Moved
unfortunately i already uninstalled the game and re-installed it clean only to find the same hit.
then i set about to wipe it from the hard drive. i'm thinking i should have waited.
to make matters worse my BitDefender Antivirus V10 hangs at
C:SystemVolumeInformation\MountpointManagerRemoteDatabase
it hung like that for 7 hours overnight
if i use a file wiping software to remove that file, BitDefender Antivirus V10 will hang at C:SystemVolumeInformation.
i DO NOT Have any restore points on my 3 WD Raptors 150gig activated, so turning off/turning on doesn't work.
i could use some help on both fronts. i'm going to guess that we have a false positive on the PunkBuster front seeing as so many of us have come across it.
could you please confirm that? if you need me to send the file i can do that after i return from work later today or perhaps someone else will be able to access the file and send it forward in a compressed form. certainly someone there at BD plays any one of the aforementioned games. i don't know why my PB is hanging on the SysVol files, though.
thanks in advance.
(P.S. all programs are legal installs. the three drives are set in a JBOD array.)0 -
The location of PB will change on every install of PB enabled games. Interestingly I've also go a manual PB installation, as BF2 sometimes has problems updating PB itself and causing me to be kicked, but yet DB hasn't flagged that.
Anyway hopefully someone from BD labs will be able to give us a reply shortly and advise what's going on with this.0 -
I play BF 2 and all i can say is that on this game there is something strange with some of the servers ,they seem hacked.The infection may be real ,there must be an exploit or something, i encountered strange lags and behaviour while playing BF 2 on some servers.Avoid strange servers that are not EA certified.I dont consider anymore Punk Buster a secure aplication while playing BF2.Even if its a fake alert this game is not as secure as it was 1 year ago.
I think its not impossible some servers to replace your Punk Buster files ,so the cheaters to play (many of them have slots reserved with money)on one hand and in same time to deliver you some spyware,on the other hand.I heard there are BF2 cheats that are payed with a lot of money.I think i will just avoid playing BF 2 as long as EA will not release another patch.0 -
hi, im from belgium so ill do my very best for you guys to understand me.
today i also got the warning of a trojan.peed.gen on my punkbuster more specificly PNKBSTRK sys.
now i wanna know if it is a virus or something else because my BD cant remove or fix it so like u guys i am not able to play my favorite game.
i hope someone knows a way to fix this.
thx in advance
greetzz lex0 -
I guess I will add my two cents to the pot. I also recieved the Trojan.Peed.Gen warning last night while trying to log into COD4.
I also did the unistall/reinstall and found no change. I messaged the guys at evenbalance (Punkbuster) and they insist that it is a false positive and they
say they have already contacted BD about the PnkBstrK.sys issue. Hopefully it wont be long now..... I am starting to get the shakes already.
MM0 -
lexota,
As far as I'm concerned it's not a virus so your system is fine. But until BD resolve the issue with the PnkBstrK.sys file you won't be able to play any PunkBuster enabled game, well you could but you would need to restore PnkBstrK.sys from quarantine and add the directory as an exception rule in BD to stop it moving it.
But hopefully BD labs will issue a new virus definition update today and remove this file from it so we can carry on as usual.
Hope this helps, if not PM me and I'll try to re-word it or use a translator.
Ta
Sy0 -
I'm guessing what ever punkbuster uses to check people's sytems for cheats acts pretty suspiciously to an antivrus prog. On the other hand though, its a very commonly used prog for gamers so I would have thought more people would have experienced this false positive?
0 -
Lastnight I installed Call of Duty 4. When I fired the game up and tried online multiplayer, I got the BD popup saying that it had blocked a virus. The path led to my CoD4 punkbuster directory and was the same file as others are describing in this forum. This morining I had 40 Trojan.peed.gen hits mostly in C:\System Volume Information\_Restore{XXX...
Is it possible that Punkbuster downloaded the virus when they updated the software? Or is this truly a false positive?0 -
tcwh - google trojan.peed.gen and pnkbstrk or pnkbstrk.sys and bitdefender. Plenty of people are affected, unfortunately they don't seem of of signed up here.
0 -
Same problem here. Anything with PunkBuster is reported as the virus here. The original post with attachment is the file and should be easy for BD to exclude this from it's protection.
This doesn't surprise me though as the code in PunkBuster should likely be similar to many trojans.
I havent tested it but I'm hoping the directories can be added as exceptions from BD so these games can at least be played until this false positive is fixed.
This is a new issue as the files reported today with the trojan have been scanned on my PC for weeks prior (logged) without issue. Something in one of the recent definitions or engine updates is now identifying this file as the trojan.0 -
Hi, i've got the same probleme since yesterday night with Battlefield 2142...
I've scanned my computer and BD found 233 Trojan.Peed.Gen
I've got just one question : do you realy think that this problem will be resolved with a BD update?0 -
Hi , I also have the same problem I have version 10 antivirus plus , and the same file is being blocked by bitdefenders update from last night , I've just after contacted thier uk technical support hotline , and the girl i spoke to , i related her to this forum topic , she assured me tha someone from thier technical team will reply here shortly in regards to the people that play games with punkbuster since thats all the people its affecting. I hope they do send another update to help sort this problem otherwise only way of ever getting punkbuster fixed is by removing bit defender completely so that the pnkbstrk.sys file is allowed to install wivout being thought as a threat ,
Regards
Chris.
0 -
I'm glad I'm not the only one with this problem. Only problem is with all the new mods I have to restart from scratch cause these people can't fix an issue with punkbuster. I hope they solve it soon. I got same prob as everyone else
0 -
@omac1a - It could be a trojan. And it is possible that it could of become infected through the open PB port during gameplay. I know I shut down every process I can, including BD, whilst gaming to improve my ping and frame rate. But as only BD is flagging these files as a trojan and as it's only started as of last night for a lot of people I'm 99% positive that it will be a false positive and nothing to worry about.
@Sharkfood - Yeah you can just add the pb directory holding the PnkBstrK.sys folder as an exception to get around it for now. But do note that if this does actually turn out to be a trojan, which I highly doubt, you will be leaving your system wide open for it to do as it wishes.
@Steph9275 - It should be. The sample file I uploaded has been downloaded, I'd guess by BD labs, and if they find that it is a false positive then it can be removed from the virus defs and won't be quarantined in the future.
@Chris_442 - Thanks for posting the info. Hopefully they will have something sorted shortly or at least have a reply about the problem and letting us know what's going on. But take a look at my responce to Sharkfood above, to save you from removing PB.0 -
Yeah I wouldn't uninstall Pb but I would Uninstall bit defender completely if they cant sort the issue , I have many installations of online games that use punkbuster mainly of the game Enemy Territory . which means i cant add all thier PB folders as exceptions , My guess is thier working on it atm , since the girl said to me on phone she would discuss it with her colleagues , I've had one e-mail from them so far asking me to send them the file that was causing the issue , and doing so again when i replied to thier e-mail, i refered the link to this topic so that they are aware of us awaiting a reply here.
Kind Regards
Chris.
0 -
Hi i also have had that problem, How do i add it as an exception?
0 -
I'm not sure if this will work and it may be a bit risky in regards to your pc's security , but will diabling bit defenders realtime protection for the moment untill a solution is fixed allow us to play our punkbuster games?
Chris.
0 -
False positive, detection should be after the next update. Sorry for any inconvenience caused.
Best regards.0 -
Great news thx for reply , = happy customer
.... *if it works*
Chris.0 -
Sorry Chris in my reply above I meant BD not PB lol.
Benjahert - To add an exception open the main BD window and select settings. Once in there choose anti virus on the left and then the exception tab at the top. Then click the add button and browse to the directory holding the PnkBstrK.sys file that BD has been flagging within you game directory (don't worry about the ones showing in the system restore directory for now they can stay where they are and it won't cause you a problem). When you've added that directory apply or ok that window away. Now go to the quarantine tab and find the file PnkBstrK.sys in there (please be careful to choose the right file in case you have others in there that are malware) and restore it. You can then close the BD window and should be back to normal.
Please note though I've just done this blind as I'm currently at work so can't see the BD windows or even test to see if this will work.
Let us know how you get on please.
Ta
Sy0 -
###### my slow interwebz connection lol
0 -
Well, PnkBstrK.sys past all the detection checks....
Wish i was at my home computer so I could actually spark up a session of COD4 to FULLY check it out.
Good Job guys, I love the fast response.
MM0 -
Nice one, thanks for the conformation
0 -
If i might add, I'm playing Call Of Duty 4 and bitdefender does detect it as a false positive. i added the folder in which pnkbstrk.sys was originally contained in ("C:\Program Files\Activision\Call Of Duty 4 Modern Warfare\pb" in my case) and then restored pnkbsterK.sys.
Now, upon playing the game, i notice that PnkBstrK.sys is now being copied into the C:\Windows\System32 folder. I think we all agree that its not exactly the best idea to allow the whole System32 folder or accept all .sys extensions so yeah... Until this problem is solved i can't play online
0 -
I am very disappointed from Bitdefender antivirus.This is a serious problem,and bitdefender is the only antivirus solution with this problem.I search in the internet for the same problem on other antivirus's but i found no other with the same problem.Now i must uninstall bitdefender to play again,and i start to search for other antivirus.I lose my time and my money with bitdefender
0 -
I've tested the game with another computer who's got kaspersky anti-virus and there no problem, but when i try with the other computer who has bitdefender it stil blocks...
I wasn't kicked on only one server and i wonder why...?
Sym0n --> i can't find pnkbstrk.sys because it's always moved to quarantine and if i restore it it's straight away put back in quarantine... what can i do instead of that? wait for a new BD update?0 -
Theres no need to uninstall bit defender , just disable the real time protection till the new update is released , re-install punkbuster with the attached file i have to this post and you should be able to play again - it worked for me.
Regards
Chris./applications/core/interface/file/attachment.php?id=1682" data-fileid="1682" rel="">pbsvc.zip
0 -
ive had the same problem but mine hasnt been fixed... I am extremely unhappy with the present situation as i cannot play my favourite
game, Call Of Duty 4, i am unsatisfied with what i paid for and it seems the way to fix it is to uninstall bitDefender(something which i have
payed for)0 -
Well I've just got all the latest updates available and scanned/tested the PnkBstrK.sys file and everything appears to now be back to normal.
So thanks BD labs for the quick turn around on this.
So for those of you still suffering just update your BD now to the lastest defs and you'll be back on again getting pwned in no time lol.
Sy0 -
even with the laatest update it stil does it, but not on every server
so i've just put pnkbstrk.sys as an execption...0 -
What do you mean about the server?
BD and PB are totally seperate, as is your game.
You need to update BitDefender to the latest available definitions, then restore your files carefully from quarantine and then re-scan. If the scan comes back clean, at least for anything relating to PnkBstrK.sys or any other PB files then you should be fine to go ahead and game. If not then you need to upload a sample of the affected file and let BD labs know through the stickied thread in the Malware forum (title has something to do with sample examined in it).0 -
What i mean is : i went on a Battlefield 2142 server and a BD message appeared telling me that it had blocked Trojan.Peed.Gen and then i was waiting to be kicked by punkbuster but nothing happened so i went on a other server and then i was kicked! So i went back to the first server where i was and i wasn't kicked and it still doesn't kick me.
Quite strange...
But now i'm gonna try to play without puting pnkbstrk.sys as an exception.0 -
Steph which Engine version of BD are you running and how many virus signitures are available? Seems to me that you don't have the latest version.
The first server may not of kicked you as it may not be streaming PB so is outdated. Or PB may of just been running slow. I know last night it was taking it about 2 minutes to kick me for "communications failure" when BD had decided that PB was a trojan lol.0 -
I have BD Total Security 2008 with the newest update, PB has the newest update too.
For the server, i satyed on it 30 minutes before before i decided to go, so it isn't PB who is running slow. But there probably no streaming, that's what i thaught.0 -
Well I seem to be banned from COD4 servers now...
0 -
hi, i've just register to participate this topic (sorry if my english is not always perfect, i'm frech). I have BD internet security 2008 and i've got the same problem with peed gen/punkbuster/kicked from cod4. The updates don't solve the problem. It started today, ihave sent a message to french support and hope an answer within 2 days...
0 -
I just wat to tell you people, that this isnt a isolated bitdefender-problem.. My friend uses a completely different anti-vrius program and he got the same problem today.. mine started last night..
Seems like this could be something on punkbusters side, so to speek..
Its really annoying, because ive tried everything except formating the computer.. but i have a feeling that wont work.. seems like its not a "local" problem...
im really hoping for a solution soon..
Best regards
Phantomen0 -
I update my BD and BD no more detect Trojan.Peed.Gen in my pc
Updated mine and I still get a Trojan.peed hit in Call of Duty 4 PB.0 -
i had to reinstall COD4 and PB. i still get kicked from every PB server with PnkBsterB: PnkBsterK.sys ffa error. i tried to update my BD and i get this
"an error has ocurred during update (invalid MD5)
if the problem persists, please contact your local BitDefender representative or mail mailto: blah blah blah"
so that's great. i'm very close to nuking BD and finding something else, which is a shame since BD has been very good to me untl now. i signed up for a multi-year license last time because i was very happy and impressed. but that will over this year and whether i re-up depends greatly on the manner in which this issue is handled.0 -
I'm not sure what SymOn is up to there, but I can assure you that the pnkbstrk.sys problem still exists with BD.
I'm using BD v10 and have the latest virus definitions, and it still kills my pnkbstrk.sys file on sight.
I strongly advise you to fix this problem. BD has already cost me an entire evening reinstalling Enemy Territory Quake Wars twice and making backups of the file should BD kill them off again.
Please fix this!0 -
i was able to update my BitDefender V10 successfully and it still blasts that same PB file every time.
like Hassl, i wasted last night uninstalling/reinstalling and backing up. today i still can't manage a connexion to COD4.
i really appreciate all this headache and bother.0 -
Been battling with this problem since last night. Have tried everything suggested and more. Still getting the same message although I do seem to have stopped the Trojan.Peed.Gen alert. Unfortunately, this does not allow me to play CoD4. Slowly going demented as there appear to be no new updates for BD and reinstalling PB does not make any difference whether restoring the quarantined files or not. they have all been deleted and still no joy. I may have to go back to playing patience. Come on BD what's going on.
0 -
Ive had a bit of a relapse since Cd-mans first post about the all-healing update...
BD is back to blocking the PnkBstrK file again....
" />
I found out that if you turn off real time protection then you can play online again with PB...
but REMEMBER to turn it back on when youre done.0 -
Open 1 exception for the punkbuster.
Update your BD.
Ahoi there,
I'm also new here, also because of this particular topic
I reinstalled CoD4 (in my case), updated all the PB-Stuff and now after "killing" the Bit Defender v10 Prof. Services the effects are still the same..." />
I think I#ll try to get in contact with the Punkbuster / Evenbalance guys
greetz and:
hope faids at the latest!!!
Akira0 -
D1og0: What about your reading comprehension skills? I already wrote that my BD is up to date.
Moreover, v10 doesn't seem to give me an opportunity to set up an exception.
Instead, I chose to switch off Bit Defender and kill the bdagent process. As far as I can tell there are no more alarms by BD, yet I STILL CAN'T connect to the game server. Error message stays the same - PnkBstrB.exe driver failure due to missing PnkBstrK.sys file.
I need a real solution to this problem, and not some wise guy cracks by kiddies like D1ogO.0 -
okay D1og0, excluding isn't as easy as you think if you have BitDefender V10.
here's how it works.
1. double-click the BD icon in your system tray or from the start menu. get BD up on your screen.
2. move from the general screen to the antivirus screen by clicking the 'antivirus icon on the left side. make sure you're under the "Shield" tab
3. make sure your real-time protection is ON (if you disabled it so you can play your game, enable it now)
4. under 'protection level' click "custom level"
5. amidst a whole lot of nonsense you'll see (about 2/3's the way down the list) a + and a line that reads "exclude path from scan"
6. click on the little + symbol.
7. a line that reads 'New item' will appear, click on it.
8. now browse your computer for whereever your PB files are stored. when you get to it, make sure the PB file is highlighted and click 'ok'
for instance, i added 'C:\Activision\Call of Duty 4 Modern Warfare\pb to the list.
BUT NOT SO FAST
after that, BD didn't bite on the PB file, but it DID bite on a
C:\Windows\System32\Drivers\PnkBstrK file.
when you attempt to except this file, you'll find that after you click 'new item' in step 7, you can't get to that PnkBstrK file. at least i couldn't. the best i could do was to exclude the entire C:\Windows\System32\Drivers folder.
well, that's nice-- i'm sure no viruses could hide in that giant folder. make sure to remove these exceptions as soon as BD solves this issue. assuming they every do. but excluding those two folders is better than disabling active scanning, IMO.
this should have it. and BitDefender, thanks for letting me do your work for you.0 -
For those of you that can't play games, try connecting to a server that doesn't use PB. You will be able to at least play the game until a fix is made. I can play CoD4 on a non-PB server just fine.
0 -
What procedure works for version 11? I have added exceptions for all */pb folders. Does ver 11 only allow paths but not individual files like the C:\Windows\System32\Drivers\PnkBstrK file?
Thanks in advance!
Jackal0
