Using Avast! Home with the latest definitions 111203-0 flags generated executables from the programs GameMaker 8.1 & GameMaker:HTML5 (http://www.yoyogames.com) as suspicious and recommends opening them in sandbox.
I use both programs and this is an annoying issue as it displays the dialog everytime I want to playtest & simply execute my finished games plus it is also a major issue for people who use these programs to develop and sell their games online.
In case the program has been used for malicious use, shouldn’t you be scanning the entire executable instead of just the header and flagging every generated executable as bad?
Well as long as it does not come from here: -www.crackquest.com/crack/g/game-maker-8.1/
MD5 hash 53e057782a58749e9f06f8ecdd2d2920
which hsite as a bad reputation according to avast web rep and WOT warns for malware, e.g.
Virus: Gen:Trojan.Heur.VP.aiedaK4mREt (Engine A)
while here it is given green: http://urlquery.net/report.php?id=10373
we stronly advise not to visit such sites, see: http://www.webutation.net/go/review/crackquest.com
By the way what MD5 hashes you can give us for the executables that avast alerted?
Both programs are legit and not cracked of course, just to clarify, GameMaker has the feature that it can create its own game executables out of your game project. I have the problem with these, not the program itself.
I suspect that GameMaker is using some kind of encryption on the produced executables in order to protect against decompilation and Avast! maybe finds that suspicious?
I suggest you send them to virus AT avast dot com with your comment of false PUP detection, and they will clarify the real situation. If it is a generic detection for a specific protection packer malcreants also use then they could give it the all green. Under all circumstances if you trust it and no other anti malware program flags a riskware or PUP status why not exclude it from the sandbox?
I think game maker makes a new executable every time so how do you tell avast to ignore everyone of them that is
created? They are placed in the localsettings/TEMP directory.