i downloaded today, and while browsing the character creation menu, the game crashed and my computer said it found a virus in the game.
Behavior:Win32/DefenseEvasion.A!ml
what's going on?
Viewing post in Caverns of Xaskazien II comments
I don't know what to tell you on that aside from that many unknownish roguelikes I download pop up a Windows demand-to-scan type message when I go to play them. I write that off as them being unknown to Windows, so extra caution. I've never heard of DefenseEvasion, though, so I don't know what to tell you.
I'm having the same problem: it seems that Windows Defender auto-deletes the .exe after a short while, making the game impossible to be played.
It doesn't happen with the previous versions of the game so the update must have added something that triggers antiviruses by mistake?
A solution is to exclude the game folder from Windows Defender but I'm wondering why this specific update would require that and not the others...
Fascinating. And crappy. So far you three are the only ones reporting, but three's a big enough number to raise my eyebrows, and I'm guessing there will be others... I'm still at a loss as to why this would happen, though. I obviously play the game constantly on my end and it doesn't happen, so I can't reproduce the results. And the only things new since the last update are a new executable (generated directly from my Microsoft Visual Studio 2008), and a bunch of new .pngs (generated directly by my Adobe Photoshop CS4). I wonder if something changed in a Windows update to make this happen... Would one of you mind if I sent you directly the previous version of the game to see if it has the same issue for you? I'd love to try in two fashions: 1. Send the full previous game and see if it triggers, and 2. just hve you copy and paste the old executable into the current game's folder. Wondering if that might provide some insight into what specifically is triggering the issue.
Here's ChatGPT's thoughts on the topic. It also gave me a bunch of suggestions for steps I can take, so I'll be trying those out this weekend and reporting back what I can learn:
Possible Causes
- Heuristic Detection:
- Some antivirus programs use heuristics to flag behaviors that might resemble malware, such as:
- Frequent updates or changes to the executable.
- Accessing low-level system resources.
- Packing or compressing the executable to reduce size.
- Some antivirus programs use heuristics to flag behaviors that might resemble malware, such as:
- New Build Misidentification:
- If the recent build contains code that is new or altered in a way unfamiliar to antivirus databases, it might mistakenly flag it as a threat.
- Generic Threat Name:
- The designation "DefenseEvasion.A!ml" suggests Windows Defender or another antivirus has classified the program as a generic potential threat, often without specifics. It may just be that certain code patterns or file behaviors resemble malware.
- Executable Compression or Obfuscation:
- If you're using tools like UPX to compress your executable, antivirus software can incorrectly flag it as malicious because such tools are often used by malware creators to hide their code.
I think it's a false positive. Over the years, grabbing random roguelikes from around the internet, I often get them. Apparently lesser known files can trigger some virus detectors just by virtue of being lesser known. Let me know if anything else pops up, and I'll see if anyone else chimes in with the issue. But I just ran about 60 different tests to see if I could determine anything amiss, and it's checking out as fine no matter what angle I take. Thanks again for bringing this to my attention!
So, I uploaded the executable to this site: https://www.virustotal.com/gui/home/upload
It came back clean after running through tons of virus detectors. I don't really know what's up with that detection other than to say the file would be niche and unheard of and it's likely an overzealous detector. Feel free to upload the file yourself if you want to see the results. Thanks for letting me know about this, btw!