Hi there I know it's a slightly provoking title, but since 5.3.6 (and with the current version 5.4.0) I get problems with the Windows standalone-builds. The Windows Defender flags the Exe as "Trojan:Win32/Maltule.C!cl" and suggest to delete the file... I tested the exe with "Metadefender.com" and no problem was found. Sometimes it worked - until MS updated the signature files. This is very bad - does anybody experience the same behaviour? Does Unity and Microsoft talk to each other? Cheers Stefan
Hi, yes, we talk to Microsoft often. But we haven't heard about this problem. Does Windows Defender flags exe after you export it from Unity, or does it flag it in Unity installation folder?
Hi Thomas I made a demo from one of our assets and use it on our other PC's, where it's (sometimes) flagged: http://www.crosstales.com/en/assets/radio/Radio_demo.zip But only the "Radio.exe" is flagged, no other files on the whole PC. I think it's nearly impossible that we really have malware on our systems. I'm 99.99% sure it's a false-positive from WD and it's not accurate - sometimes it detect it as "malware", sometimes everything is absolutely fine... Probably you could talk to MS an try to clarify this. Thank you! So long, Stefan
I scanned your package with Windows Defender on my PC, and it said everything was green. Can you go to <UnityInstallationPath>Editor\Data\PlaybackEngines\WindowsStandaloneSupport\Variations and see if those files are marked as "malware". Also, I am slightly confused, you say it's sometimes flagged as malware? Executable is always the same per Unity version, so it's a bit strange.
Hello again No, those files aren't flagged... I'm aware of the same exe per Unity-version and yes this is a strange problem! I'm currently working only on Radio, so I can't confirm it for other builds. I'm suspecting one of the last Windows-update (security strengthenig) to cause these problems. I have no idea how WD comes across such problems. But I found others having the same issue: http://disq.us/p/1ag7kij My main concern is that customers are scared away by our demo because it looks like malware to them
I tried it on 4 different PC's and now there is no detection... I know it sounds silly, but I had this before (since ca. 2 weeks) and I suspect it to happen again. As I said, I blame WD for this behaviour, but it's still a problem. I don't know how Unity informs Microsoft about their "Standalone"-exe, but it would be nice if they could send e.g. a hashcode of the exe's to be excluded (or approved) inside WD.
I've had this problem with some users too (I haven't been able to reproduce myself). So far just my game's launcher though, not the game itself (both made in unity, both from same project -- just different scenes). Any workarounds found? I'm using 5.2.2f. Not all users are affected. Has happened on Windows 7 and Windows 10.
Unfortunately I didn't found a workaround (and I think there is none). This is imho out-of-our-hands and must be (permanently) solved by Unity and MS (and any other major "Malware"-protector like Symantec etc.). In my opinion, Unity has to make sure that their Standalone-exes (from all versions) are on a white-list on all major scanners. Probably it would also help if every exe would be properly signed...