Prevent AGS from triggering antiviruses: Difference between revisions

From Adventure Game Studio | Wiki
Jump to navigation Jump to search
(Changes to clarify purpose of fix: primarily for game devs, not players, to fix F1 Help)
No edit summary
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
''Please note that the discussion about this topic is constantly updated on the AGS forums : [http://www.adventuregamestudio.co.uk/forums/index.php?topic=51050.msg636521555#msg636521555 How to remove alternate data streams from AGS files]
''Please note that the discussion about this topic is constantly updated on the AGS forums : [http://www.adventuregamestudio.co.uk/forums/index.php?topic=52724.0 Windows blocks downloaded help file]
''
''


== Introduction ==


<big>'''Introduction'''</big>
With the move to a more open source style of development for the AGS engine, game developers may use AGS builds that don't correspond to an official release. These are usually downloaded and extracted manually rather than installed with an installer and this can cause some problems with Windows security settings. Specifically, attempts to access the help file (ags-help.chm) from inside or outside the AGS editor may be blocked.


With the move to a more open source style of development for the AGS engine, game developers may use AGS builds that don't correspond to an official release. These are usually downloaded directly rather than installed with an installer, and this can cause some problems with Windows security settings or antivirus software. Specifically, attempts to access Help from the AGS editor may be blocked.
This is caused by something called "alternate data streams".


This is caused by something called "alternate data streams". This article explains how to resolve the problem.
== What are "alternate data streams"? ==


When a file is stored on a computer by the Operating System it's written in a particular way. In order to read a file back there is a need to know where it begins and ends on the disk, so a File System is used to store data. On Windows the most popular File System is NTFS which supports the use of alternate data streams. Normally the contents of a file will be saved into the NTFS $DATA attribute in the default stream but it is also possible to specify an alternate stream name and store data in a different location within the same file. One common alternate stream name is named "Zone.Identifier" which is used to indicate the Windows Security Zone that a file originates from. This is commonly used to indicate that a file originates from another computer, the origin being indicated by a zone number. The zone numbers are defined by Zone Security settings in Internet Options.


It's typically up to individual web browsers and download utilities running on Windows as to whether they write to the "Zone.Identifier" stream when a file is downloaded, and equally any application could choose to check the "Zone.Identifier" stream of a file when it is being opened. The help file viewer is one such application and will, by default, refuse to open a file if the "Zone.Identifier" indicates it originated from a different computer (i.e. it is potentially unsafe).


== What are "alternate data streams" ? ==
When looking at a file's properties, if a restrictive zone number is present in the "Zone.Identifier" stream the file will be listed as "blocked". Choosing to unblock the file will re-write the "Zone.Identifier" stream to indicate the file should not longer be restricted (i.e. programs shouldn't be able to identify the origin of the file


'''You don't need to understand what alternate data streams are to get rid of the issue.''' We just explain briefly, so that you have a better idea of what you're doing.
== How do I clean my AGS editor files of "alternate data streams"? ==


When a file is stored on your computer by your Operating System (typically, Windows), it's written in a particular, standard way, that Windows will be able to read later. That's called the "File System". That's how Windows sorts out and writes your files, under the hood. In Windows, the File System is called NTFS, and it's different on each big system: For example, in Linux and Macs, they use instead the "NFS" file system. And on USB sticks, they've been using the old "FAT32" file system for a very long time, to avoid compatibility issues.
Usually it's just the single "Zone.Indentifier" alternate stream on the help file that causes a problem.
* Right click the ags-help.chm file in Windows Explorer and press the unblock button.


Long things short, sometimes, Windows needs to mix data from a foreign file system (e.g. NFS) into its very own NTFS data. For example, when some files also need to be read on another system. That's when "alternate data streams" come in. They are a way for Windows to remind itself: "You don't understand this chunk of data that's written there? Well don't worry, that's normal, that's because it's from another system. Just keep it there and don't mess with it. Also, don't display it in the Explorer".
If the unblock button doesn't work this is usually because the AGS folder has been located somewhere where the user attempting to unblock does not have write permission (if this is the case it's likely that the user extracting the AGS Editor would have encountered a UAC prompt when extracting to the AGS Editor files and approved the process to run with elevated permissions). The easiest solution is to run the Windows program "'''streams.exe'''" with elevated permissions. It can be download from [https://technet.microsoft.com/en-us/sysinternals/bb897440 here].


So far so good. The trouble is that some smart arses started to use this to hide data, possibly fraudulent stuff. Alternate data streams started being used by viruses, for example. Don't get it wrong, it's very legit, but seeing alternate data streams in your files makes antiviruses suspicious of them, no matter what. And since AGS has started becoming cross-platform, there ''will be'' some alternate data streams in your files.
* Download the zip file and extract it to any temporary directory, e.g. the Desktop.
* Open a Windows Command prompt using "run-as administrator"
* In the command prompt, change to to directory where the files were extracted:
cd "<EXTRACTION FOLDER>"
(you need to replace "<EXTRACTION FOLDER>" with the path to where streams.exe was extracted. For example "C:\Users\MyAccount\Desktop\Streams")


== How do I clean my AGS editor files of "alternate data streams" ? ==
(use double quotes when the path contains spaces)
* Run the following command to recursively remove any alternate data streams:
streams.exe -s -d "<AGS EDITOR FOLDER>"


There's a tool for Windows called "'''streams.exe'''", that you can download here : https://technet.microsoft.com/en-us/sysinternals/bb897440
(you need to replace "<AGS EDITOR FOLDER>" with the path to where the AGS Editor folder was extracted. For example "C:\Users\MyAccount\My Documents\AGS Builds\ags_3.4.12")
# Download the tool. Extract it to any temporary folder you wish. For example c:\myfolder
# Open a Windows Command prompt (old-style access: Start-->All Programs-->Utilities-->Command Prompt) (you can also press the keystroke Windows+R, then type "'''cmd.exe'''" in the window that appears)
# I didn't test to see if it's required to run it as administrator. (If you encounter issues, then start the command prompt by right-clicking on its icon and selecting "run as administrator")
# in the command prompt, go to the folder where you've put streams.exe :
cd c:\myfolder
# run the following command to remove the alternate data streams:
streams.exe -s -d "<EXTRACTED FOLDER>"
(you need to replace "<EXTRACTED FOLDER> with the path to the AGS folder. For example "c:\Users\MyAccount\My Documents\AGS Builds\ags_3.4.12" (please note the double quotes)


== Read also ==
(use double quotes when the path contains spaces)
This article tells you more about alternate data streams : http://windowssecrets.com/top-story/hide-sensitive-files-with-alternate-data-streams/




An alternate solution is to move the AGS Editor files to a location that doesn't use an NTFS file system, and then move the files back to the computer again. Most USB memory sticks will be formatted with the FAT32 File System instead of NTFS. FAT32 does not support alternate data streams so they cannot exist on the memory stick.


''Please note that the discussion about this topic is constantly updated on the AGS forums : [http://www.adventuregamestudio.co.uk/forums/index.php?topic=51050.msg636521555#msg636521555 How to remove alternate data streams from AGS files]
== Read also ==
[http://blogs.technet.com/b/askcore/archive/2013/03/24/alternate-data-streams-in-ntfs.aspx This] article tells you more about alternate data streams.


[[Category:Advanced Tutorials]]
[[Category:Advanced Tutorials]]

Latest revision as of 02:25, 12 December 2015

Please note that the discussion about this topic is constantly updated on the AGS forums : Windows blocks downloaded help file

Introduction

With the move to a more open source style of development for the AGS engine, game developers may use AGS builds that don't correspond to an official release. These are usually downloaded and extracted manually rather than installed with an installer and this can cause some problems with Windows security settings. Specifically, attempts to access the help file (ags-help.chm) from inside or outside the AGS editor may be blocked.

This is caused by something called "alternate data streams".

What are "alternate data streams"?

When a file is stored on a computer by the Operating System it's written in a particular way. In order to read a file back there is a need to know where it begins and ends on the disk, so a File System is used to store data. On Windows the most popular File System is NTFS which supports the use of alternate data streams. Normally the contents of a file will be saved into the NTFS $DATA attribute in the default stream but it is also possible to specify an alternate stream name and store data in a different location within the same file. One common alternate stream name is named "Zone.Identifier" which is used to indicate the Windows Security Zone that a file originates from. This is commonly used to indicate that a file originates from another computer, the origin being indicated by a zone number. The zone numbers are defined by Zone Security settings in Internet Options.

It's typically up to individual web browsers and download utilities running on Windows as to whether they write to the "Zone.Identifier" stream when a file is downloaded, and equally any application could choose to check the "Zone.Identifier" stream of a file when it is being opened. The help file viewer is one such application and will, by default, refuse to open a file if the "Zone.Identifier" indicates it originated from a different computer (i.e. it is potentially unsafe).

When looking at a file's properties, if a restrictive zone number is present in the "Zone.Identifier" stream the file will be listed as "blocked". Choosing to unblock the file will re-write the "Zone.Identifier" stream to indicate the file should not longer be restricted (i.e. programs shouldn't be able to identify the origin of the file

How do I clean my AGS editor files of "alternate data streams"?

Usually it's just the single "Zone.Indentifier" alternate stream on the help file that causes a problem.

  • Right click the ags-help.chm file in Windows Explorer and press the unblock button.

If the unblock button doesn't work this is usually because the AGS folder has been located somewhere where the user attempting to unblock does not have write permission (if this is the case it's likely that the user extracting the AGS Editor would have encountered a UAC prompt when extracting to the AGS Editor files and approved the process to run with elevated permissions). The easiest solution is to run the Windows program "streams.exe" with elevated permissions. It can be download from here.

  • Download the zip file and extract it to any temporary directory, e.g. the Desktop.
  • Open a Windows Command prompt using "run-as administrator"
  • In the command prompt, change to to directory where the files were extracted:
cd "<EXTRACTION FOLDER>"

(you need to replace "<EXTRACTION FOLDER>" with the path to where streams.exe was extracted. For example "C:\Users\MyAccount\Desktop\Streams")

(use double quotes when the path contains spaces)

  • Run the following command to recursively remove any alternate data streams:
streams.exe -s -d "<AGS EDITOR FOLDER>"

(you need to replace "<AGS EDITOR FOLDER>" with the path to where the AGS Editor folder was extracted. For example "C:\Users\MyAccount\My Documents\AGS Builds\ags_3.4.12")

(use double quotes when the path contains spaces)


An alternate solution is to move the AGS Editor files to a location that doesn't use an NTFS file system, and then move the files back to the computer again. Most USB memory sticks will be formatted with the FAT32 File System instead of NTFS. FAT32 does not support alternate data streams so they cannot exist on the memory stick.

Read also

This article tells you more about alternate data streams.