AGS game marked as Trojan

[Joacim Andersson]

I've uploaded a zip file containing the output of the Compiled\Windows folder to itch.io, when I tried to download it Windows 11 marked the file as a Trojan, how can I get around that? I have no Trojan warnings on my machine except for this.

I also tried downloading an older game, which worked before, but now gives me the same Trojan error warning from Windows.

[Crimson Wizard]

If you'd search for "virus" on the technical forums, you would find numerous threads that mention this problem.

https://www.adventuregamestudio.co.uk/forums/beginners-technical-questions/anitivirus-blocks-build-exe/msg636522651/#msg636522651
https://www.adventuregamestudio.co.uk/forums/beginners-technical-questions/compiled-game-being-quarantined-as-virus/msg636604522/#msg636604522
https://www.adventuregamestudio.co.uk/forums/advanced-technical-forum/virus-alert/msg636648929/#msg636648929
https://www.adventuregamestudio.co.uk/forums/beginners-technical-questions/keep-getting-this-error-and-exe-doesn-t-appear-when-compiling-game-solved/msg636579299/#msg636579299
https://www.adventuregamestudio.co.uk/forums/beginners-technical-questions/compiling-errors-due-to-virus-scanner/msg636660355/#msg636660355

Even as old as year 2009:
https://www.adventuregamestudio.co.uk/forums/advanced-technical-forum/my-creations-and-ags-exe-s-have-been-deemed-as-viruses/msg499391/#msg499391


Antiviruses do not like AGS for some reason. We had a vague idea about which program code could trigger them, but we cannot remove this code, at least not from AGS 3.*. Then again, it's not a established fact.

Disabling "Attach game data to exe" option helps sometimes, but not always.
(Actually, I recommend having it off always, because it makes loading game much faster in the presence of antivirus)

Another thing you can do is to send "false positive" report to the antivirus creators.

[eri0o]

Sending the reports to the anti virus makers is the best thing one can do, I used to check and do this for every version of AGS when I used to submit it to chocolatey package manager - I stopped when I stopped using chocolatey and switched to my own tool for installing AGS.

Another thing is for Windows Defender itself, I believe the website itself plays a role, some websites have higher reputation than others and files downloaded from them have less chance of being flagged. Additionally this works different from other places - if you make a commercial game and distribute it through Steam, it's much harder for this to happen.

Unfortunately Windows process for sending false positive reports is much less transparent nowadays than it was before. Still, I think it is worth it. You may need to note down your Windows Defender update version from it in the settings menu and tell this when submitting the report and a version of it in the cloud will try to run it to reproduce this false positive - in my experience it never triggers it in the cloud.

[Khris]

Just for reference: I just had Windows Defender scan my entire AGS folder which contains tons of compiled games ranging from v3.2.1 to v4 and the scan came back completely clean.

[Honza]

I just got a low-ish rating for this on Itch 2 days ago. Might be a coincidence, but it hadn't been reported before during the year and a half the game has been out... might be some Windows Defender update or something new with Itch.

[Joacim Andersson]

If anyone wants to try to download my game to see the report given by Windows Defender, you can find it here:

https://brixoft.itch.io/pendant
Password: pnc4dvmel2

Try downloading the "No Install" version, I haven't officially released this game yet, so you need the above password to access it.

I have now written a report to Microsoft for a false negative, maybe they reply someday.

[Joacim Andersson]

it hadn't been reported before during the year and a half the game has been out... might be some Windows Defender update

I got my false Trojan warning after a Defender update I got yesterday.

[eri0o]

Hopefully you mean a false positive report.

About the game, I think I played an old game from you already with the same character? Is this a continuation? Edit: holy shit, I played all your old games. Ha!! A long time ago, I didn't remember the username. I am excited, I am not at home, I will play when I am back.

[Joacim Andersson]

Hopefully you mean a false positive report.

About the game, I think I played an old game from you already with the same character? Is this a continuation?

Yes, I created 3 games with this character 20 years ago, and last year I decided to remake them, but I only remade part 1 and part 3 and skipped part 2 because it was a bit short. However, I've changed my mind and now remade Part 2 as well but changed it a lot. This version is much longer than the original and with more puzzles. The main difference is on the Island of Portals which was only two rooms in the original version, now it's larger and the actual portals are spread around on the island and not just together in the same room.

But the main story remains the same.

[VampireWombat]

The other day I saw someone say that every submission on Itch for the AdvX jam flagged as a virus on Windows 11. So I think it may be part Itch and part Windows Defender for Windows 11.

[Joacim Andersson]

So I think it may be part Itch and part Windows Defender for Windows 11.

I don't think it's Itch.io because I scanned the zip file locally, one I hadn't uploaded to Itch and got the same Defender warning.

[Joacim Andersson]

Just for reference: I just had Windows Defender scan my entire AGS folder which contains tons of compiled games ranging from v3.2.1 to v4 and the scan came back completely clean.

And yet, when I tried to download your Floaty Rog' game Windows Defender reported that as a Trojan at my end. Maybe, you don't have the latest Defender database installed.