Difference between revisions of "Prevent AGS from triggering antiviruses"

From Adventure Game Studio | Wiki
Jump to navigationJump to search
(Changes to clarify purpose of fix: primarily for game devs, not players, to fix F1 Help)
Line 5: Line 5:
 
<big>'''Introduction'''</big>
 
<big>'''Introduction'''</big>
  
AGS works very well but it's not a big, corporate software that uses all the latest security mechanisms (such as certificates, permissions and stuff) to make it immediately recognized by antiviruses as harmless. In particular, there's a thing called "alternate data streams" that sometimes makes your antivirus panic and tell you that the game you just downloaded is a virus, when it's not. We help you getting rid of that issue. This trick was originally found, once again, by the guys from Wadjet Eye.  
+
With the move to a more open source style of development for the AGS engine, game developers may use AGS builds that don't correspond to an official release. These are usually downloaded directly rather than installed with an installer, and this can cause some problems with Windows security settings or antivirus software. Specifically, attempts to access Help from the AGS editor may be blocked.
 +
 
 +
This is caused by something called "alternate data streams". This article explains how to resolve the problem.
 +
 
  
  
 
 
== What are "alternate data streams" ? ==
 
== What are "alternate data streams" ? ==
  
Line 19: Line 21:
 
So far so good. The trouble is that some smart arses started to use this to hide data, possibly fraudulent stuff. Alternate data streams started being used by viruses, for example. Don't get it wrong, it's very legit, but seeing alternate data streams in your files makes antiviruses suspicious of them, no matter what. And since AGS has started becoming cross-platform, there ''will be'' some alternate data streams in your files.
 
So far so good. The trouble is that some smart arses started to use this to hide data, possibly fraudulent stuff. Alternate data streams started being used by viruses, for example. Don't get it wrong, it's very legit, but seeing alternate data streams in your files makes antiviruses suspicious of them, no matter what. And since AGS has started becoming cross-platform, there ''will be'' some alternate data streams in your files.
  
== How do I clean my game files from "alternate data streams" ? ==
+
== How do I clean my AGS editor files of "alternate data streams" ? ==
  
 
There's a tool for Windows called "'''streams.exe'''", that you can download here : https://technet.microsoft.com/en-us/sysinternals/bb897440
 
There's a tool for Windows called "'''streams.exe'''", that you can download here : https://technet.microsoft.com/en-us/sysinternals/bb897440
Line 29: Line 31:
 
# run the following command to remove the alternate data streams:
 
# run the following command to remove the alternate data streams:
 
  streams.exe -s -d "<EXTRACTED FOLDER>"
 
  streams.exe -s -d "<EXTRACTED FOLDER>"
(you need to replace "<EXTRACTED FOLDER> with the path to the folder of the game. For example "c:\Users\MyAccount\My Documents\AGS Games\MyGame" (please note the double quotes)
+
(you need to replace "<EXTRACTED FOLDER> with the path to the AGS folder. For example "c:\Users\MyAccount\My Documents\AGS Builds\ags_3.4.12" (please note the double quotes)
  
 
== Read also ==
 
== Read also ==

Revision as of 06:30, 30 September 2015

Please note that the discussion about this topic is constantly updated on the AGS forums : How to remove alternate data streams from AGS files


Introduction

With the move to a more open source style of development for the AGS engine, game developers may use AGS builds that don't correspond to an official release. These are usually downloaded directly rather than installed with an installer, and this can cause some problems with Windows security settings or antivirus software. Specifically, attempts to access Help from the AGS editor may be blocked.

This is caused by something called "alternate data streams". This article explains how to resolve the problem.


What are "alternate data streams" ?

You don't need to understand what alternate data streams are to get rid of the issue. We just explain briefly, so that you have a better idea of what you're doing.

When a file is stored on your computer by your Operating System (typically, Windows), it's written in a particular, standard way, that Windows will be able to read later. That's called the "File System". That's how Windows sorts out and writes your files, under the hood. In Windows, the File System is called NTFS, and it's different on each big system: For example, in Linux and Macs, they use instead the "NFS" file system. And on USB sticks, they've been using the old "FAT32" file system for a very long time, to avoid compatibility issues.

Long things short, sometimes, Windows needs to mix data from a foreign file system (e.g. NFS) into its very own NTFS data. For example, when some files also need to be read on another system. That's when "alternate data streams" come in. They are a way for Windows to remind itself: "You don't understand this chunk of data that's written there? Well don't worry, that's normal, that's because it's from another system. Just keep it there and don't mess with it. Also, don't display it in the Explorer".

So far so good. The trouble is that some smart arses started to use this to hide data, possibly fraudulent stuff. Alternate data streams started being used by viruses, for example. Don't get it wrong, it's very legit, but seeing alternate data streams in your files makes antiviruses suspicious of them, no matter what. And since AGS has started becoming cross-platform, there will be some alternate data streams in your files.

How do I clean my AGS editor files of "alternate data streams" ?

There's a tool for Windows called "streams.exe", that you can download here : https://technet.microsoft.com/en-us/sysinternals/bb897440

  1. Download the tool. Extract it to any temporary folder you wish. For example c:\myfolder
  2. Open a Windows Command prompt (old-style access: Start-->All Programs-->Utilities-->Command Prompt) (you can also press the keystroke Windows+R, then type "cmd.exe" in the window that appears)
  3. I didn't test to see if it's required to run it as administrator. (If you encounter issues, then start the command prompt by right-clicking on its icon and selecting "run as administrator")
  4. in the command prompt, go to the folder where you've put streams.exe :
cd c:\myfolder
  1. run the following command to remove the alternate data streams:
streams.exe -s -d "<EXTRACTED FOLDER>"

(you need to replace "<EXTRACTED FOLDER> with the path to the AGS folder. For example "c:\Users\MyAccount\My Documents\AGS Builds\ags_3.4.12" (please note the double quotes)

Read also

This article tells you more about alternate data streams : http://windowssecrets.com/top-story/hide-sensitive-files-with-alternate-data-streams/


Please note that the discussion about this topic is constantly updated on the AGS forums : How to remove alternate data streams from AGS files