Skip to main content

On Sale: GamesAssetsToolsTabletopComics
Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines
(+1)

Not sure if this helps anyone, but I was still getting virus checked with 1.01 - Chrome didn't want to download it, and then it didn't want to open and unzip.

However, in my case some software was flagging the zip as malware and deleting it immediately (it was concerned about a HEUR/APC threat, which might mean more to others than me). Once I paused the software, I was able to unzip the file, and strangely, it doesn't detect any problems with the files once they're out of the archive - just the zip itself. Game runs fine after this, and Windows defender has zero issues with it.

(+2)

HEUR means the threat assessment is heuristic-based: some code in the game looks like something that has been used in viruses, or is very rarely used in legitimate programs, so it gets flagged, even if it’s harmless. Heuristic-based threat assessment generates a lot of false positives, so this isn’t super surprising.

APC means Asynchronous Procedure Calling - it’s a method of having one thread call a function that executes on another thread. This is a very common tool to use in multi-threaded programs, especially game engines. Malware that obtains kernel access (the highest level of code execution privilege) can use APC to force legitimate software to run malware code, which can help hide the malware from an antivirus by making the other software look like the source of the malware code.

ooh, thank you for taking the time to explain this! Makes sense why the software was picking it up as false positive, though odd it seems fine with it outside the zip file