Skip to main content

Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines

VirusTotal is not reliable, they are using other anti-virus software companys to test the program. we all know these company can not tract or find actual virus because they only have made a list checking requirement not a full on test kit. That goes double on OPSWAT they only use MetaDefender and nothing else.

(2 edits)

This thread is due to experience in this site, leading to my thread where I will post any offending profiles and evidence.
https://itch.io/t/700501/malware-accounts-to-be-removed

1) These packages were obvious malware even before inspection, due to several reasons.
Age of games, size of distro, text saying these big name demos are exclusive to itch, and the nature of the shiny tempting bait.
Lets just say, everything about it made my spidey-sense hit me round the head with giant alarms, whistles, gongs and klaxons. 

2) Using VT corroborates the suspicion due to the exceptionally heavy weight of evidence against the packages.
VT definitions can be at most 1 month out of date. This is where it actually fails.
Often malware writers will release their new code the day after VT update so they have a longer window of operation.
When you see a file get between 1 to 3, maybe 5 hits, depending on the AV brands you can often discount it as a false-positive.
When you see over 40 AV (including the most trusted 5) all agree something is malware, you'd have to be a fool to decide they are wrong, unless you either wrote the offending code, or are yourself a top rate security and crypto coder.

3) OPSWAT Metadefender is a client which uses either the online AV engines or a locally installed core on the network.
It uses multiple AV engines though not as many as VirusTotal, however it does use all the regular top 5 contenders for detection, inc. Avira, Bitdefender, Kasperky, and more.

4) Both use a remote sandbox for running executable samples and will see what they actually try to do. This often triggers more warnings that the sample may be malicious.
It is also  useful way for devs to work out why their software is being detected as a false-positive.

I can probably undelete the samples and let you have them if you are so sure they are fine.

This is what happens: https://itch.io/t/701487/game-file-marked-as-virus-when-downloading

you cant trust those "anti-softwares" because they are just a list of popular programs and anything that isnt just gets mark as a dangerous thing to computer. What is consider dangerous depend on the company.