False Positive from Avast! Antivirus?

Started by MurrayL, Mon 29/10/2012 15:54:52

Previous topic - Next topic
Print
# Go Down Pages1
User actions

MurrayL

Mon 29/10/2012 15:54:52 Last Edit: Mon 29/10/2012 15:59:54 by MurrayL
One of the guys I'm working with has just told me that all compiled AGS games (or, at least, all 3.2.1 games we've made recently) are now coming up with a flag from Avast! Antivirus. This was on his computer, and on another person's, so it may well be across all PCs with Avast! installed. It only started happening today.

First they get this message:

(The file prevalence/reputation is low)

Then it says it couldnt find enough evidence to class it as malware but that [the user] should use extreme caution. The same error occurs with the game exe and winsetup.exe.

As a precaution, I uploaded the game exe to VirusTotal, but all 43 tests returned negative.

Something we should be aware of? This might mean Avast! is flagging all current AGS games as suspicious for some reason.

BigMc

#1
Mon 29/10/2012 16:42:14
So this Antivirus warns everybody who executes programs which are not widely used. So what?

Calin Leafshade

#2
Mon 29/10/2012 16:53:26
Seems that Avast sandboxes *everything* it doesn't recognise.

https://blog.avast.com/2012/03/20/autosandbox-why-are-you-annoying-me/

Nothing we can do really. Perhaps submitting some winsetups to them for analysis might mean they recognise the format.

In reality, the way AGS builds its files is fodder for anti viruses. Embedding binary data into an exe file is essentially a trojan and anti viruses often react to that in the way you would expect.

MurrayL

#3
Mon 29/10/2012 17:02:57
Quote from: Calin Leafshade on Mon 29/10/2012 16:53:26
Nothing we can do really. Perhaps submitting some winsetups to them for analysis might mean they recognise the format.

Yeah, I figured as much. Thanks anyway!

As I said, it only started happening today. Maybe an update they pushed or something? My concern was that people might be put off from playing an AGS game - especially a commercial one - if their antivirus starts telling them to 'use extreme caution' whenever they launch it. Avast! isn't exactly a minor player in the home user antivirus scene.

SSH

#4
Tue 30/10/2012 16:10:47
Quote from: Calin Leafshade on Mon 29/10/2012 16:53:26
Embedding binary data into an exe file is essentially a trojan and anti viruses often react to that in the way you would expect.

What other kind of data than binary do you have in YOUR exes? ;)
12

selmiak

#5
Mon 12/11/2012 21:49:38
*opens howtoavoidtrojans.pdf.exe*
Print
Go Up Pages1
User actions
SMF spam blocked by CleanTalk