Virus Alert

Leisure Suit Harry · Tue 16/08/2022 06:32:08

I just finished creating a high quality full length game with AGS and started sending the compiled game (.exe) to betatesters.
Folks report that their antivirus programs (Kaspersky, Microsoft Defender, maybe others too) block the game because they detect a trojan.

It's possible for the players to bypass their antivirus program by temporily disabling it and tell it to ignore the game folder. BUT: I can't expect from the future players to do that!
I doubt it is still possible to report the false positive to the AV vendors.

What can I do? Why is my game file treated like that? Would it help to compile the game on another computer? What's causing this problem and how can I get rid of it?
I'm a bit desperate

. We spent 1000+ hours on this game and created something really wonderful for people looking for adventure game nostalgia. But this might be a real showstopper.

Thanks for any help.

js · Tue 16/08/2022 10:39:07

Which version of AGS are you using ?

Can you reproduce this with an empty project ?

Are you sure your computer is not infected with a virus ?

lapsking · Tue 16/08/2022 11:20:08

My game also gave virus warnings, it was because of the host I think. It said this file hasn't been downloaded much it might have virus. But it seems after some more downloads or changing the link download to more reliable website the problem is solved.

Crimson Wizard · Tue 16/08/2022 11:25:30

AGS has been known for false virus alerts for years. I had a guess that the reason is that it appends game data to exe file. This means that it constantly opens exe file for reading. Antiviruses probably don't like it. Sometimes they may slow it down, because each time it reads some game data, AV would halt it for another check.

If that's the case, then the solution would be to not attach game data to the engine exe, and instead distribute game as a separate engine exe (renamed to game's title) and *.ags file with game data in it. Such option was added since 3.5.1 and called "Attach game data to exe (Windows only)", and located in General Settings -> Compiler section. Perhaps you could try this and see if these alerts go away.

PS. I also wonder why did not i make it default to not attach since 3.5.1. Probably no one noticed that this option even exists.

eri0o · Tue 16/08/2022 12:12:57

Usually you can report false positives to the anti virus developer's website through a form or through email and they really quick at patching out these checks. I did for the AGS Editor many times - it gets checked by 70 something anti virus when I push it through chocolatey, and it's not unusual for one to give me a false positive.

Leisure Suit Harry · Tue 16/08/2022 15:52:00

Quote from: js on Tue 16/08/2022 10:39:07
Which version of AGS are you using ?

Can you reproduce this with an empty project ?

Are you sure your computer is not infected with a virus ?

I use AGS 3.4.1
Going to reproduce it. I had the issue with my previous project, too...
I'm 99.9% sure my computer's not infected. It's got an AV program, I only use if for the game design and it's hardly ever online (only when I exchange emails with trusted sources or upload the game on a data exchange plattform for testers and co-producers)

Leisure Suit Harry · Tue 16/08/2022 15:54:36

Quote from: eri0o on Tue 16/08/2022 12:12:57
Usually you can report false positives to the anti virus developer's website through a form or through email and they really quick at patching out these checks. I did for the AGS Editor many times - it gets checked by 70 something anti virus when I push it through chocolatey, and it's not unusual for one to give me a false positive.

Thanks, that's what I did for my previous project. But I'm not convinced they whitelisted it, and I can't find those reporting options anymore resp. they limited the file size to 10MB (the game has 18)...

Leisure Suit Harry · Tue 16/08/2022 15:56:15

Quote from: Crimson Wizard on Tue 16/08/2022 11:25:30
AGS has been known for false virus alerts for years. I had a guess that the reason is that it appends game data to exe file. This means that it constantly opens exe file for reading. Antiviruses probably don't like it. Sometimes they may slow it down, because each time it reads some game data, AV would halt it for another check.

If that's the case, then the solution would be to not attach game data to the engine exe, and instead distribute game as a separate engine exe (renamed to game's title) and *.ags file with game data in it. Such option was added since 3.5.1 and called "Attach game data to exe (Windows only)", and located in General Settings -> Compiler section. Perhaps you could try this and see if these alerts go away.

PS. I also wonder why did not i make it default to not attach since 3.5.1. Probably no one noticed that this option even exists.

Thanks, that sounds promising. I did make my game with AGS 3.4.1 though. Is 3.5.1 100% compatible?

Crimson Wizard · Tue 16/08/2022 15:59:53

Quote from: Leisure Suit Harry on Tue 16/08/2022 15:54:36
Thanks, that's what I did for my previous project. But I'm not convinced they whitelisted it, and I can't find those reporting options anymore resp. they limited the file size to 10MB (the game has 18)...

That is another problem with data attached to exe btw, every game exe is overall different (and may be huge), although the original engine exe is the same, and something about 2-3 MB.

Quote from: Leisure Suit Harry on Tue 16/08/2022 15:56:15
Thanks, that sounds promising. I did make my game with AGS 3.4.1 though. Is 3.5.1 100% compatible?

It should be, although I always recommend doing a backup before upgrade. Also, if some script commands don't work, you may need to adjust compatibility options in the General Settings (like set "Script compatibility level" to 3.4.1).

Also, it is possible to gather a game distribution by hand, combining game.ags file from Compiled/Data and the bare engine exe. Except you'll also have to rename the engine exe to your game's title, and change the file's icon with some tool, if you want one...

Leisure Suit Harry · Tue 16/08/2022 17:26:26

Quote from: Crimson Wizard on Tue 16/08/2022 15:59:53
Also, it is possible to gather a game distribution by hand, combining game.ags file from Compiled/Data and the bare engine exe. Except you'll also have to rename the engine exe to your game's title, and change the file's icon with some tool, if you want one...

If the latter option comes without upgrading AGS, I'd rather try that.
So, sorry if this may sound like a stupid question, but what do you mean by "engine exe" and where do I find it?

Crimson Wizard · Tue 16/08/2022 17:29:53

Quote from: Leisure Suit Harry on Tue 16/08/2022 17:26:26
So, sorry if this may sound like a stupid question, but what do you mean by "engine exe" and where do I find it?

Engine exe is acwin.exe, located in the editor's installation folder.

Leisure Suit Harry · Wed 17/08/2022 17:55:27

Quote from: Crimson Wizard on Tue 16/08/2022 17:29:53
Quote from: Leisure Suit Harry on Tue 16/08/2022 17:26:26
So, sorry if this may sound like a stupid question, but what do you mean by "engine exe" and where do I find it?

Engine exe is acwin.exe, located in the editor's installation folder.

Thanks! Looks like this solved it. So reliefed! Thanks a lot. Release of the game now imminent...