AVG False Positive?

Hi

Something is weird with the Playback Engines for Windows on the 2017 edition of Unity.

Today, anti virus program AVG spotted a trojan in the 32-bit ‘WindowsPlayer.exe’ file found in the win32 development folder and then removed it from my computer. I used VirusTotal to check it and only Baidu found a trojan trace in it. So I updated Unity from 2017.2 to the latest version of 2017.4.1f1 from the Unity website. I then ran VirusTotal on the same again, and 3 engines - Yandex, Jiangmin and TrendMicro-HouseCall found a trace of the trojan on that same file.

I believe it’s a false positive, although I am suspecting that the windows players for Unity 2017 could utilise some odd behaviours on the online connection fronts. I want the developers of this program to be aware of this potential exploit and investigate it.

I am welcome for some support as I am getting pretty suspicious about the playback engines for Unity.

I’ve seen a similar thread about this recently. I’m afraid I don’t have much info for you though.

Our Unity Windows builds have been flagged and blocked by Avast for years (since Unity 5.2’ish). We have to submit them to Avast manually for whitelisting every single time we release. They have never told us what the problem actually is. Just more hoops to jump through…

Ha ha. Sorry. I have used the search to find similar threads and I couldn’t see it.

Recently google drive has started flagging all my unity builds as virus too.

Its annoying as all hell cause team cant dl it… but we did discover creating a copy in gdrive gets around this.

Please use existing threads on the topic.