Skip to main content

Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines

Also Getting a virus warning with windows version

A topic by ezgoodnight created Jan 30, 2024 Views: 6,898 Replies: 33
Viewing posts 1 to 21
(+1)

Feel like I can trust Maddy; I'm going to try the Linux version. Defender quarantined the file as I tried installing it. Seems convinced it's REALLY dangerous.

 

Developer(+3)

In theory the latest version should have this fixed as we updated what version of .NET we're using.

(+3)(-9)

Thanks I'll try installing your HORRIBLE MALWARE again

I mean thank you, I'll try it.

ugh Itch is being weird. I am checking the hash of the zip it is sending me and it is identical. I can see the update but it takes me to the same download page with the same file. I'm going to assume it will send the right file when I come back to it after a bit.

(+3)

I've just tried downloading  v1.1.1 and my antivirus software is still flagging the .exe file as a virus

"Celeste64-v1.1.1-Windows-x64.zip tried to load a malicious resource detected as Gen:Variant.Ser.Tedy.6023 and was blocked" is the message it has given me

(+1)

Same here, using Bitdefender. It also flagged 1.0.1 as infected today, weeks after I originally downloaded and played it.

(+1)

Hey, I'm still getting the trojan detection, which is strange because I don't normally get false positives. 

Celeste 64 Fragments of the Mountain v1.1.1\Celeste64.exe is infected with Gen:Variant.Ser.Tedy.6023

Developer(+1)

Did you download this just now? We updated it with a fix a few minutes ago, windows defender is being a bit paranoid there

It's only been a few minutes. I'll refresh and see what's up. Thanks for y'all being quick to answer

I also downloaded within the last minute, both chrome and windows defender are flagging this as a trojan

Developer

Maybe the fix didn't work... I think this might be related to the dotnet version or something like that

Right now I can't even get a new version from Itch to test it. Will happily try once it can get it to give it to me :/

Hashes all match... Itch is simply not updating the download for me. I've tried downloading 7 times, including in a private window and different browser. Opera also calls it a virus. Only thing I can do right now is just try again in a few hours.

It occurs to me that maybe every version I have IS the updated version and I got this virus warning with the updated one which I tried first. But idk.

Developer(+2)

Sorry about that. I'm looking into what could be causing it but at a loss right now.

You're welcome to try building it yourself but I understand that can be daunting if you haven't done it before.

I have done it in that I have tried and failed many times lmao

(1 edit)

still getting the trojan, will try again tomorow just in cse itch is not sending something like it should.

Edit: now 1.0.1 is showing for me and works fine

adding to the data that my exe got quarantined as well (obvs a false flag but yeah game crashed while I was playing it cos it got quarantined)
I downloaded the game about 15 mins ago

Version 1.01 has showed up for me now, and that loads and runs without the virus issue. Thanks for rolling that out.


(1 edit) (+2)

Just to add to this, 1.01 is still giving me virus notifications. I will try a reboot here in a bit and see if maybe it was just a hold over from 1.0.0.  I trust it's a false hit.

I'm still getting this too

No viruses here, perhaps its something else you have installed, like some mister cores?

(+1)

Not sure if this helps anyone, but I was still getting virus checked with 1.01 - Chrome didn't want to download it, and then it didn't want to open and unzip.

However, in my case some software was flagging the zip as malware and deleting it immediately (it was concerned about a HEUR/APC threat, which might mean more to others than me). Once I paused the software, I was able to unzip the file, and strangely, it doesn't detect any problems with the files once they're out of the archive - just the zip itself. Game runs fine after this, and Windows defender has zero issues with it.

(+2)

HEUR means the threat assessment is heuristic-based: some code in the game looks like something that has been used in viruses, or is very rarely used in legitimate programs, so it gets flagged, even if it’s harmless. Heuristic-based threat assessment generates a lot of false positives, so this isn’t super surprising.

APC means Asynchronous Procedure Calling - it’s a method of having one thread call a function that executes on another thread. This is a very common tool to use in multi-threaded programs, especially game engines. Malware that obtains kernel access (the highest level of code execution privilege) can use APC to force legitimate software to run malware code, which can help hide the malware from an antivirus by making the other software look like the source of the malware code.

ooh, thank you for taking the time to explain this! Makes sense why the software was picking it up as false positive, though odd it seems fine with it outside the zip file 

Trellix also reports it as a virus and autoremoves it on my company pc

(+3)

Windows Defender is still flagging version 1.01 as a Trojan horse and labeling it as a severe threat.

I'm getting the virus issue with 1.01

Also getting the game automatically flagged/deleted by NordVPN and by Windows Defender

Same. For now I suppose I'll just wait until the next version or until I feel like wrestling with my security before I attempt to intentionally infect my PC with a mountain program again.

(1 edit)

Having a similar issue, I can't download the game, after my antivirus removed the exe from a scan on my pc. So tried to download here now with 1.1.1 and just keeps quarantining the file, and auto deleting the game. Any help would be appreciated

(+1)

Still having the same issue. I hope there's a clear solution soon...

(1 edit)

I had to download the 1.01 version.

1.11 is blocked and can't even download it (using Chrome).

Use "free download manager" by copy the download link instead download from a browser :)