For the first time ever, Avira is picking up your executable as a virus More than that, I could not delete the folder after I installed as it required administrator permission... which I am. I had to let Avira quarantine the executable before I could delete the files. What happened? How come 1.3.3 is the first version where the executable is being detected as malware?
Nothing has changed in the build process for the Humble/Itchio DRM-free build, or for any other build for that matter. Don't know why your anti-virus has decided to pick up on the executable now. Which DRM-free version did you last play without having the warning from your anti-virus? Was it 1.3.2, or was 1.3.3 the first 1.3.x DRM-free version you played since 1.2.4?
I played 1.3.2 last, and I suppose it's possible that the issue is Avira, they may have updated their definitions and are now picking something up as suspicious that they weren't before (Avira updates daily). I got around it obviously... but it's just a bad look for ISG. If you can do anything to resolve it, that would be helpful to you.
Well, can't hurt to submit the executable to Avira's false positive submission form. Thanks for reporting this.
Great, (I forgot how quick you are with a keyboard), I was just about to unpack it again, saves me some time that I can devote to playing instead
Update While the application took longer than normal to initialize, as well as installation, (possibly due to automatic updates going on at the same time and taking up resources), 1.3.4 did not trigger a virus detection from Avira. Thought you might like to know.
That's good to hear, thanks. Guess that anti-virus didn't like something about that particular update, or executable. It's also good to know these kind of false positives may trigger randomly at any new update.
Heuristic scans aren't actual based on virus snippets or definitions, they are looking at things like Windows API calls, accessed directories, etc., to try to determine if anything looks "suspicious"--depending on how it's coded, just patching an exe file can be flagged as "suspicious". I'm not accusing Avira (not familiar with it or the company that makes it), but some anti-virus programs at least used to intentionally over-flag files based on heuristics--naïve users would try a new anti-virus programs, it would flag more things than their previous one, so they would assume it was better and the old one was missing viruses. Avira reviews do mention an inordinate amount of false positives, though. In one case, someone compiled this C program in VS: #include <stdio.h> void main() { char a = 'a'; printf("Hello world %c\n", a); } and Avira flagged it as "HEUR/APC threat". Whitelisting is the way to go--but if they use a hash for the whitelist, might have to do it again on a future build. Or it may have been a bug in Avira they've fixed.
