Deepguard keeps blocking EVE Online launcher

This problem is driving me up the wall. Yesterday I got an update from the EVE Online launcher, the first time after my F-Secure Internet Security got upgraded to 2015.

 

Deepguard detected a change and blocked the launcher, while it prompted me whether to trust the application. Like I have done so many times before I opted to trust the application. To no avail. The launcher is stuck in offline mode and the debug logs clearly state it cannot connect to the patch server, while if I manually call the URL I get a response.

 

I've gone into the settings of Deepguard and checked whether it was set to allow the launcher, which it did. Changing settings and changing them back didn't do anything. Removing it from the list didn't prompt a new detection from the client as it was being run (obviously, because it can no longer detect)

 

I went and reinstalled the entire thing (6 GB+ download) because this had helped in the past, but this time as soon it did exactly the same thing.

 

I am out of options, save disabling Deepguard completely and reinstalling everything AGAIN. Unless someone has experience with exactly this problem and knows a solution.

Comments

  • Simon
    Simon Posts: 2,667 Superuser

    Hi there,

     

    Sorry, I'm not a gamer so forgive the possibly ignorant question, but do you have to download the whole thing each time you want to reinstall it, or can you save the installation files on your PC?

     

    If the latter, then have you tried disabling F-Secure (Tools > Turn off all Security Features) before installing EVE?  And, I assume you've tried Gaming Mode, but I don't think that would affect the installation itself.

     

    Failing that, I can only suggest that you Submit a Sample of the download (the URL?) to the FS Labs, and hopefully they can whitelist it for you fairly quickly. 

  • There's no such thing as a dumb question. Smiley Wink Thanks for taking the time to reply.

     

    It differs per game, but basically the EVE Online installer is a small executable, which downloads and installs a snapshot of the game, including the launcher. Unfortunately there's no separate install for just the launcher (why not would be an excellent question for the people at CCP), so once Deepguard touched the executable it is messed up. I don't know the inner workings of Deepguard but putting back a snapshot, disabling Deepguard or anything else doesn't seem to affect the results.

     

    I have currently disabled Deepguard and succesfully reinstalled the entire game (again), this time with succes. I will follow up on your suggestion to submit a sample though. Perhaps this might prevent this specific file to be targeted by Deepguard.

     

    That still leaves the question why after allowing access to launcher.exe to Deepguard it fails to connect anyway.

  • Simon
    Simon Posts: 2,667 Superuser

    OK, now it's installed, does it still fail to connect if you use Gaming Mode?

  • Gaming mode seems to have very little effect on it. As far as I know Gaming mode mainly is a CPU-related feature, not a network one. I am currently running in Gaming mode and everything works fine. Deep Guard is currently disabled.

  • Simon
    Simon Posts: 2,667 Superuser

    I can't add any more to this, so I can only suggest that you persevere with Support by submitting the URL.  They usually check in here on a Monday morning, so hopefully someone will see this and respond.  :)

  • Ukko
    Ukko Posts: 3,727 Superuser

    Hello,

     

    It's can be (likely) that installer/launcher have check-process about "executable file". And if there was "patching" - it goes be disabled about some of features. Or simply something goes be wrong.

    When you allow application (DeepGuard have allow-decision) it's anyway goes be with hook/analysis by DeepGuard. Maybe with "allow"-decision (like any other decisions) there more actions around, than it can be... when situation without questions by DeepGuard (which can be after "whitelist-process").

     

    Anyway... with your situation (not sure... but probably it's missing under description there) maybe can be helpful (!?):

     -> Compatibility Mode (?!). Under DeepGuard settings.

     -> Trying to create exclusion list about folders/files for game (for manual scanning and for real-time scanning - there different lists). Such as... add to lists... files/folders about game.

     

    Maybe it's can be better, than simply "disabling" DeepGuard.

    Also.. there was without description for DeepGuard prompt. If it was "unknown application trying to connect with network" - there can be helpful (before) also:

     - Gaming Mode (current prompt should be ignored... during gaming mode);

     - Disabled current feature/option under DeepGuard settings (temporary as example);

    But it just as workarounds... if there was same prompt by DeepGuard.

    And it's can be helpful, because with current situation... it's mean - application should be "known" for F-Secure soon (related with how many users will be with current update or how soon someone transferred sample).

     

    Sorry for reply again.

  • Hello Greftek,

     

    If you still experience the issue, could you try emptying the ORSP cache? 

     

    To do so run in the command prompt"[f-secure installation folder]\orsp client\orspdiag.exe --cache-clear" or if you have 64 bit OS, run: "[f-secure installation folder]\my f-secure\apps\ccf_reputation\orspdiag.exe" --cache-clear.

  • Hi Ben,

     

    I sort of circumvented the problem by disabling Deepguard for now. I will try that later today, but if that's not working I am just leaving it off. Redownloading and installing almost 7gb per try makes it a bit hard to repeat often. 

This discussion has been closed.
Feedback on New Design