Why to download "AGS 3.4.0" from AGS web is a VIRUS according to AVAST?????

Started by EdgarMonkey, Fri 10/02/2017 22:31:43

Previous topic - Next topic

EdgarMonkey

Exactly what is written in "subject"!!

I have just format my pc... so now I have a clean windows, and just installed avast antivirus, so I am trying to download the ags from your official web, to continue building my adventure... but avast tell me that this is a malware!!!!

here the proof:



I don't want to install it until I understand this problem... so, can sombebody help me!!?

Thanks!!!

LimpingFish

It's most likely a false positive, as Avast has a reputation for calling "Virus!" on everything that doesn't play nice with it's overly-sensitive scanner.

I've personally just downloaded and scanned the same file with a number of alternate services, and they all say it's clean. I'm confidant you can install it without worry. :)
Steam: LimpingFish
PSN: LFishRoller
XB: TheActualLimpingFish
Spotify: LimpingFish

Crimson Wizard

Avast has been reporting AGS being mailware for couple of years at least. It even blocks the games you create with AGS (a problem that I ran into myself whe using Avast for a short period of time).

E: I guess I will send them false positive form with link to our source code to check if they like.

To make it clear: AGS Editor sends anonymous system information to the server. This information includes: version of AGS and version of Windows. This makes us able to create this statistics to see which versions of AGS people use, and on which systems: http://www.adventuregamestudio.co.uk/stats.php
If you don't like that for some reason, you may turn it of in File->Preferences.
There should not be other "suspicious" behavior in AGS, for what I know.

Ponch

Quote from: Crimson Wizard on Fri 10/02/2017 23:49:47
To make it clear: AGS Editor sends anonymous system information to the server. This information includes: version of AGS and version of Windows. This makes us able to create this statistics to see which versions of AGS people use, and on which systems: http://www.adventuregamestudio.co.uk/stats.php
So by continuing to use v2.72 I'm flying under the radar and avoiding the watchful eye of Big Brother Blue Cup? :=

Avast is such a pain with AGS that I'm just in the habit of disabling my shields every time I fire up the editor. It's like a reflex at this point. I don't even think about it. :tongue:

Snarky

Avast is so fucking annoying when dealing with more obscure applications or programs you compile yourself that I'm dropping it for something that doesn't default to blocking without any user recourse.

EdgarMonkey

Thanks very much for your answers!!

I was already imaging that it's a false positive, but i wanted to be sure of it.

Thanks again!!!!

Danvzare

Quote from: EdgarMonkey on Sat 11/02/2017 09:05:36
I was already imaging that it's a false positive, but i wanted to be sure of it.
Well I highly doubt we'd all be hanging around a forum and making adventure games with malware that destroys your computer. (laugh)

Hicks J.

The problem its not for us, the users of AGS, who know its a false positive, but for the end-game users who you plan to distribute your games. I've been using AGS for less than a month, I did a mini point-and-click adventure for some members of my family and some had this issue with Avast.

That's not really a problem since they are family and they trust me, but what if you want to sell or give for free your game? People will think its a virus, even of you explain the problem about a false positive. Its more than annoying, it's a problem that I think causes (or can cause) AGS to stop growing.

What will you do to distribute your game? Add a big note on the installer like "DONT TRUST YOUR ANTIVIRUS! ITS A FALSE POSITIVE!"  .....  (roll)

I'm loving AGS but already started to look for alternatives without the false positives.  :-\


Khris

I'm a pretty big fan of Avast mostly because the free version, set to game/silent mode, doesn't do anything besides sitting quietly in the system tray. No popups whatsoever.
I also didn't have any AGS related issues with it for months if not years, but that's probably because I always do a custom install and disable everything but the file system check, and I've also disabled DeepScreen. If you do that, Avast is an awesome and completely unobtrusive tool.

Crimson Wizard

What is the file that causes Avast to trigger alarm - is it Editor, acwin.exe or compiled game exe? When does it alarms - when you compiled it, or run ready game?
Have you tried to send false positive report to Avast company, and if yes, did they say anything?


One of the possible reasons antiviruses do not like AGS games is that they have game data appended to exe, and also being read from there during the game. I recall someone experienced the issue once that AV slowed AGS game down because it was reading sounds from its own exe, and AV probably thought that's suspicious.


A simple test may display if that is the case. If you take acwin.exe from the Editor's program files, and distribute not your compiled game exe, but acwin.exe + YourGameName.ags raw data file found in Compiled folder (since AGS 3.4.0). If it is all because of data appended to exe, then antivirus should not complain.


Obvious solution is to add an option to put all the data into separate file(s) when compiling game. Editor already does that for Linux version.

abstauber

QuoteObvious solution is to add an option to put all the data into separate file(s) when compiling game. Editor already does that for Linux version.
Is there a reason not to add this for windows? Otherwise I'm all in.

@Khris: Is avast any better than Windows Defender if you disable all its features? Well... Anti Virus Tools are Snake Oil anyways so nevermind ;)

Crimson Wizard

Quote from: abstauber on Fri 07/04/2017 09:11:36
QuoteObvious solution is to add an option to put all the data into separate file(s) when compiling game. Editor already does that for Linux version.
Is there a reason not to add this for windows? Otherwise I'm all in.

What is the reason why AGS attaches everything to exe at the first place? I do not know why this was done initially.

abstauber

I can only assume that this was done to make decompiling/extracting assets a bit harder.

SMF spam blocked by CleanTalk