User Tag List

Page 5 of 5 FirstFirst ... 3 4 5
Results 41 to 49 of 49

Thread: Virus scanners are right back to detecting Fusion-made EXEs as viruses already

  1. #41
    Clickteam Clickteam

    Join Date
    Jun 2006
    Location
    France
    Posts
    13,958
    Mentioned
    275 Post(s)
    Tagged
    3 Thread(s)
    Update: this is taking a bit more time than planned... hopefully new build will be available within 2 days.

  2. #42
    Clicker Fusion 2.5 DeveloperFusion 2.5+ DLCAndroid Export ModuleHTML5 Export ModuleiOS Export ModuleUniversal Windows Platform Export ModuleSWF Export ModuleXNA Export Module
    Outcast's Avatar
    Join Date
    Jan 2011
    Location
    Sweden
    Posts
    3,202
    Mentioned
    9 Post(s)
    Tagged
    0 Thread(s)
    Sounds nice if there is possible to make this occur less often. I do get users from time to time in the Steam forums of my game that say they get my game detected as virus (and don't know how many get it but don't post about it). I find it strange though, I did a test for my game and it got detected by 5 virus programs. But Mcafee did not detect it as a virus. However I had a user on November 8 who had problems with the game being removed by Mcafee after playing for about 30 seconds. How come it is stated as non detected in my test but there is still user who have problem?

    https://www.virustotal.com/gui/file/...cc48/detection

    This was what he wrote: "i just bought the game and i wanted to play it. But my files got removed after playing for like 30sec. McAfee is claiming that theres malware. i tried to uninstall and installing again but it still removed the files. Any one know how to fix it or should i just get a refund."

  3. #43
    Clickteam Clickteam

    Join Date
    Jun 2006
    Location
    France
    Posts
    13,958
    Mentioned
    275 Post(s)
    Tagged
    3 Thread(s)
    >> How come it is stated as non detected in my test but there is still user who have problem?

    Their virus definitions get updated every day, on day 0 your game may be undetected, on day 1 detected, on day 2 undetected again.

    Note that most of those false positives are due to their heuristic engines, that detect viruses before they are known and that seem to get more and more complex as the time passes as they can't seem to be able to fix the problems immediately and definitely as before. Heuristic engines analyze what features a program uses (Windows API, etc), try to get virus signatures in the EXE, etc, and calculate a "possible malware score" based on this information, that will decide if they display an alert or not.

  4. #44
    Clicker Fusion 2.5 DeveloperFusion 2.5+ DLCAndroid Export ModuleHTML5 Export ModuleiOS Export ModuleUniversal Windows Platform Export ModuleSWF Export ModuleXNA Export Module
    Outcast's Avatar
    Join Date
    Jan 2011
    Location
    Sweden
    Posts
    3,202
    Mentioned
    9 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Yves View Post
    >> How come it is stated as non detected in my test but there is still user who have problem?

    Their virus definitions get updated every day, on day 0 your game may be undetected, on day 1 detected, on day 2 undetected again.

    Note that most of those false positives are due to their heuristic engines, that detect viruses before they are known and that seem to get more and more complex as the time passes as they can't seem to be able to fix the problems immediately and definitely as before. Heuristic engines analyze what features a program uses (Windows API, etc), try to get virus signatures in the EXE, etc, and calculate a "possible malware score" based on this information, that will decide if they display an alert or not.
    Ok thanks! One thing I also wonder is do it matter what extensions I have in the mfa and if that can trigger false positivess, even if they are not used in the actual .exe? For example I have a bunch of ios and android extensions in my mfa, but they are obviously not used in the .exe. Sometimes I also have extensions for debugging, but I remove all those events before building. Are they "filtered" out during the build of the .exe anyway or would it be better to remove all these unused extensions before i build my .exe?

  5. #45
    Clickteam Clickteam

    Join Date
    Jun 2006
    Location
    France
    Posts
    13,958
    Mentioned
    275 Post(s)
    Tagged
    3 Thread(s)
    If you want these extensions to be removed at build time when you build an EXE, you can delete their MFX files from the data/runtime/unicode folder. Fusion will display an alert message and won't include them. Though I don't think this is necessary as these extensions don't do anything suspicious and iirc there was never any alert about them.

  6. #46
    Clicker Fusion 2.5 DeveloperAndroid Export ModuleHTML5 Export ModuleUniversal Windows Platform Export Module
    Fusion 2.5 (Steam)Universal Windows Platform Export Module (Steam)

    Join Date
    Oct 2009
    Posts
    334
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Bonjour,

    Quand sera t-elle disponible la nouvelle mise à jour qui corrigera les problèmes de fausse alerte (antivirus) ?

    Merci

  7. #47
    Clickteam Clickteam

    Join Date
    Jun 2006
    Location
    France
    Posts
    13,958
    Mentioned
    275 Post(s)
    Tagged
    3 Thread(s)
    Les modifs sont terminées, les tests sont en cours, elle devrait sortir d'ici un ou deux jours.

    Question sémantique, la nouvelle mise à jour ne va rien "corriger" du tout, puisque le bug est chez les anti-virus, pas chez nous. Le code a été modifié en profondeur pour que les anti-virus ne détectent plus de concordances avec les fausses signatures de virus qu'ils détectaient et que leurs algorithme d'IA ne pensent pas qu'il s'agit d'une simple modification d'un virus existant et certaines fonctions de Windows que le runtime appelait et qui peuvent être utilisées par des virus (pour intercepter des messages système par exemple) ne sont plus appelées, on a essayé de faire différemment. J'espère que ça limitera le nombre de faux positifs, mais à mon avis plus le temps passe plus ce problème va devenir de plus en plus difficile à éviter. Rien qu'un exemple: prenez Visual Studio 2017, créez un nouveau projet à partir de leur modèle Windows Desktop Application (une simple application qui ne fait qu'afficher une simple fenêtre avec un menu), construisez l'EXE en mode Release et chargez-le sur Virustotal, => il est détecté par 4 ou 5 anti-virus comme contenant un malware...

  8. #48
    Forum Moderator Fusion 2.5 DeveloperAndroid Export ModuleHTML5 Export ModuleiOS Export ModuleSWF Export Module
    Patrice's Avatar
    Join Date
    Sep 2010
    Posts
    601
    Mentioned
    4 Post(s)
    Tagged
    0 Thread(s)
    Est-ce que l'utilisation d'Install Creator permet de contourner simplement ces problèmes d'antivirus ?

  9. #49
    Clickteam Clickteam

    Join Date
    Jun 2006
    Location
    France
    Posts
    13,958
    Mentioned
    275 Post(s)
    Tagged
    3 Thread(s)
    Non, le moyen le plus sûr d'éviter ces problèmes, c'est de signer les EXEs qu'on crée avec un certificat (qui n'est pas gratuit). Et encore ça ne fonctionne pas toujours, contrairement à ce que prétendent les anti-virus, mais la plupart du temps ça fonctionne.

Page 5 of 5 FirstFirst ... 3 4 5

Similar Threads

  1. Windows 8 / All Antivirus hates all mmf-made exes? Any solution?
    By swerdmurd in forum Multimedia Fusion 2 - Technical Support
    Replies: 17
    Last Post: 24th April 2013, 06:51 PM
  2. Avira antivirus detecting cncs32.dll as a virus
    By machrider in forum Multimedia Fusion 2 - Technical Support
    Replies: 5
    Last Post: 22nd July 2009, 08:24 AM
  3. Virus scanners go insane
    By anonypademelon in forum Install Creator and Patch Maker
    Replies: 2
    Last Post: 15th September 2008, 04:39 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •