Reason with false positive on RENPY

CrazyRabbit

CrazyRabbit

Engaged Member
Oct 30, 2019
2,090
9,473
Hello there,

I tried to ask that question on the game thread but got no answers ; hopefully maybe here :)

So I downloaded Halfway House and a SmartScreen alert pop out when I try to run the exe. I remembered I had the same alert with Ataegina.

I'm sure it's a false positive, but I'm curious as to why I have the alert on those game and not others. I thought maybe it's because the exe of those game have a customised mini icon ; but I think I played other games with those mini icons and didn't had an alert.

So I'm just wondering....

Thanks a lot in advance, guys :)
 
Walg

Walg

Visual art is my magnet. Currently inactive
GFX Designer
Donor
Oct 5, 2018
1,394
3,844
CrazyRabbit said:
Hello there,

I tried to ask that question on the game thread but got no answers ; hopefully maybe here :)

So I downloaded Halfway House and a SmartScreen alert pop out when I try to run the exe. I remembered I had the same alert with Ataegina.

I'm sure it's a false positive, but I'm curious as to why I have the alert on those game and not others. I thought maybe it's because the exe of those game have a customised mini icon ; but I think I played other games with those mini icons and didn't had an alert.

So I'm just wondering....

Thanks a lot in advance, guys :)
Click to expand...
Which AV are you using? Generally it's because the lab will blacklist a whole bunch of indie exe's if they don't know what it is but can be lab specific and other reasons that they generally don't disclose.

I can definitely assure you that if you downloaded both Halfway House and Ataegina using F95 links that they're false positives. A good way to figure out whether it's a false positive or not is to use
You must be registered to see the links
to check the exe out (It scans the file through a whole bunch of AV's).
 
  • Like
Reactions: CrazyRabbit
CrazyRabbit

CrazyRabbit

Engaged Member
Oct 30, 2019
2,090
9,473
Walg said:
Which AV are you using? Generally it's because the lab will blacklist a whole bunch of indie exe's if they don't know what it is but can be lab specific and other reasons that they generally don't disclose.

I can definitely assure you that if you downloaded both Halfway House and Ataegina using F95 links that they're false positives. A good way to figure out whether it's a false positive or not is to use
You must be registered to see the links
to check the exe out (It scans the file through a whole bunch of AV's).
Click to expand...
First of all, thanks for the answer :)

Actually my AV (BitDefender) and Malwares Bytes are ok with the exe when analyzing. It's only the SmartScreen filter that pops up when trying to run the exe.

Also, only one result for a Trojan in VirusTotal :
VirusTotal_Result.png
 
Walg

Walg

Visual art is my magnet. Currently inactive
GFX Designer
Donor
Oct 5, 2018
1,394
3,844
CrazyRabbit said:
First of all, thanks for the answer :)

Actually my AV (BitDefender) and Malwares Bytes are ok with the exe when analyzing. It's only the SmartScreen filter that pops up when trying to run the exe.

Also, only one result for a Trojan in VirusTotal :
View attachment 586193
Click to expand...
It's generally hit and miss with smartscreen. I get them for some new exe's that I've opened but it's not that much of a issue. Reason why I asked about the AV is because some of them have conflicts with Windows Defender and that would prompt smartscreen. I'm sure some of the dev's might have an answer to why the smartscreen's popping up but it's not an issue to me.

Yeah based on the test above you can see that it's a false positive result. If it's a legitimate result then more than half of the AV's there would say there's a trojan or something malicious with the file. That's a lab specific issue with that one result.
 
  • Like
Reactions: CrazyRabbit
CrazyRabbit

CrazyRabbit

Engaged Member
Oct 30, 2019
2,090
9,473
Walg said:
It's generally hit and miss with smartscreen. I get them for some new exe's that I've opened but it's not that much of a issue. Reason why I asked about the AV is because some of them have conflicts with Windows Defender and that would prompt smartscreen. I'm sure some of the dev's might have an answer to why the smartscreen's popping up but it's not an issue to me.

Yeah based on the test above you can see that it's a false positive result. If it's a legitimate result then more than half of the AV's there would say there's a trojan or something malicious with the file. That's a lab specific issue with that one result.
Click to expand...
Yep, I never put that much faith in SmartScreen ; but I'm also intrigued as to why the false positive. It's just curiosity though.
I had some conflict like that with the exe of Melody, but I resolved it by using an exe of an older version.


But many thanks for your answers and for VirusTotal ; it really helps identifying false positives. :D
 
  • Like
Reactions: Walg
You must log in or register to reply here.
Top Bottom