Originally posted by retrogunner:

Looks like I'm going to have to ask for a refund and hopefully buy it again after watching the update news. And I was really looking forward to the tougher puzzles and if the community was going to make some challenge rooms (like you can with Portal 2).

I wish Steam was more pro-active in the malware scanning. I've had to do this from time to time.

Good news is the DLLs are clean and you cannot inject via models & textures.

Now, these could be false positives, but unfortunately some are the same across 3 different executables.

https://www.virustotal.com/en/file/b5c4e9915f1c435e78ff83b5142d512e6d7c8b72052ba18218b5016aade7fcec/analysis/1480233801/ shows 6 detections on the launcher.exe

Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20161126
Bkav W32.HfsAutoB.567D 20161126
CrowdStrike Falcon (ML) malicious_confidence_82% (D) 20161024
Cyren W32/FakeAlert.FY.gen!Eldorado 20161127
F-Prot W32/FakeAlert.FY.gen!Eldorado 20161127
Rising Malware.XPACK-LNR/Heur!1.5594 (classic) 20161127

Then the packer.exe has a few too ... https://www.virustotal.com/en/file/1bf64790a0c7b998946ceada72a702e9367862b7d64dfb9b6799a400d78949f6/analysis/1480234188/

Antivirus Result Update
Cyren W32/S-483e3f92!Eldorado 20161127
F-Prot W32/S-483e3f92!Eldorado 20161127
Invincea trojan.win32.swrort.a 20161018

Ditto for unpacker.exe ...
https://www.virustotal.com/en/file/31fabdd28333d842d0fc5f4f8b8502ea7d7349aaa14a3f1ed81e782b8e71cb23/analysis/1480234204/


Antivirus Result Update
Cyren W32/S-483e3f92!Eldorado 20161127
F-Prot W32/S-483e3f92!Eldorado 20161127
Invincea trojan.win32.swrort.a 20161018

This really sucks. I hope they are just false positives. A second confirmation / peer review would be helpful.

I will advise you to just turn off you anivirus, these are all false flags, I'm running TrendMicro and it didnt't even flag me any threats not to even mentioned stop the game before launch.
This game is safe to play, besides why would the game developer want to do something like this and ruin their businesses and risk future investments and endevours.
Don't mean to be rude, but did you get your game from a legit source, Steam is safe.
Just my 2 cents. It;d be a pity to forgo playing this good game.

I'm just putting up my testimony here, I do not work for any game developer, but so far I have no issues with all the above listed by you.

Reconsider, unless your version of the game have been compromised. ;)

These are absolutely false positives.

I'm not going to pretend it's impossible to have malware on Steam, but it's unlikely and Haydee is absolutely not malware. My scanner didn't pick up anything.

Thank you for the second opinions.

If someone could upload a their copy of launcher.exe to https://virustotal.com and post the link here, I would appreciate it as it would indicate something's up with my machine & gotten past my AV - which would really be bad for me. (FYI, I run a clean ship on this rig - only downloads from legitimate services, avoids questionable sites, using OpenDNS with blocking of sites, use AV, spot check against virustotal.com, etc.) Nothing is 100% safe though.

I've never come across a game developer who actively tries to infect, but I have had the occassional installed application tainted with infection due to their build machine unknowingly having been infected.

Regarding supporting them, I do not want to ruin their business - I want to support them and work the puzzles. And this developer is actively improving his game which impresses me - even 2 drops within one week. I have zero guilt over supporting developers, even if I don't play their games. I think this one has even more potential as looks like it might become a Workshop gem - like Portal 2 and others.

I know it may be a bit of knee jerk re-action really having look forward to playing the game and I do feel bad having to make such a post, but I saw no immediate way to engage with the developer.

I also indicated I plan on re-purchasing it as soon as I gain more insight on my discoveries and very likely at full price (not waiting for a sale) being so affordable.

But
* I didn't see any place to submit an email to the developer regarding my findings
* I wanted to get a community peer review / second opinion

Originally posted by retrogunner:

Thank you for the second opinions.

If someone could upload a their copy of launcher.exe to https://virustotal.com and post the link here, I would appreciate it as it would indicate something's up with my machine & gotten past my AV - which would really be bad for me. (FYI, I run a clean ship on this rig - only downloads from legitimate services, avoids questionable sites, using OpenDNS with blocking of sites, use AV, spot check against virustotal.com, etc.) Nothing is 100% safe though.

I've never come across a game developer who actively tries to infect, but I have had the occassional installed application tainted with infection due to their build machine unknowingly having been infected.

Regarding supporting them, I do not want to ruin their business - I want to support them and work the puzzles. And this developer is actively improving his game which impresses me - even 2 drops within one week. I have zero guilt over supporting developers, even if I don't play their games. I think this one has even more potential as looks like it might become a Workshop gem - like Portal 2 and others.

I know it may be a bit of knee jerk re-action really having look forward to playing the game and I do feel bad having to make such a post, but I saw no immediate way to engage with the developer.

I also indicated I plan on re-purchasing it as soon as I gain more insight on my discoveries and very likely at full price (not waiting for a sale) being so affordable.

But
* I didn't see any place to submit an email to the developer regarding my findings
* I wanted to get a community peer review / second opinion

Gtfo AVs pick up false positives from games all the time... Now you want people to share their .exe's with you??? Funny thing it doesn't even look like you own the game there's no mouse icon next to your name I don't know what you're trying to pull I run AV's and anti-malware programs all the time I've never picked up a false postive from haydee I have from other games and that is just what they were "false positives"
Haydee doesn't even show up on your recently played... I have games on MY "recently played" that I refunded
Dev should lock this thread.

you are correct, it's not on my played, because I purchased it. Then I scan and validate my installed purchases against my AV & manually key binaries against VirusTotal due to having been infected by games previously. Once I know it's clean, then I play it for the first time.

I would never ask for anyone's EXE. I was asking for a validation that someone else didn't have the same results by uploading to VirusTotal -- Google's AV aggregator -- will process it for analysis. It's not retrievable from there.

If the same with me, likely a false positive and might be worth the developers time to investigate.

If clean, then the problem is with my rig and I'll do an extensive re-install of OS & File cleaning.

Originally posted by retrogunner:

I would never ask for anyone's EXE. I was asking for a validation that someone else didn't have the same results by uploading to VirusTotal -- Google's AV aggregator -- will process it for analysis. It's not retrievable from there.

If the same with me, likely a false positive and might be worth the developers time to investigate.

If clean, then the problem is with my rig and I'll do an extensive re-install of OS & File cleaning.

Your validation is there isn't a single thread on here about malware or virus' from Haydee... if there were this forum would be lit up with posts on it- I'm not having this discussion with you DEV SHOULD LOCK THIS THREAD!!!!

OP GTFO

GO PIRATE ELSEWERE!!

I think you may have your tinfoil hat strapped on too tightly OP.

Everyone has a different gaming/life experience ...

Originally posted by Sintacs:

I think you may have your tinfoil hat strapped on too tightly OP.

Sintacs - you may be right. Kinda of why I was asking for assist/second opinion. Having lost irreplaceable digital family photos (before I could back them up) to a developer's negligence, I've become a lot more cautious -- Not that anyone but my family cares.

I appreciate the others poster confirming they've not had problems and pointing out some engines were false positives.

Originally posted by togan77:

OP GTFO

GO PIRATE ELSEWERE!!

Togan77 -- Really?? your short all CAPs response has no evidence. You might try reading my lengthy posts in the genuine and concerned voice I've written them in. I care. Skimming them loses context.

1. FYI, virustotal.com is owned by Google for analysis purposes. It's not a pirate site.

2. a. That fact that I own nearly a 1000 (987) games on Steam (let alone all the other sites I use) while you own 351 (though you may have more on other gaming sites too.)
2. b. Plus considering I've mentioned in nearly each reply I look forward to buying it once again so I can finally play it ...
...doesn't make me a pirate. It shows I vote with my wallet. It means I'm a conscientious gamer who genuinely supports games & gamers.

Updated subject to draw less ire

Originally posted by retrogunner:

you are correct, it's not on my played, because I purchased it. Then I scan and validate my installed purchases against my AV & manually key binaries against VirusTotal due to having been infected by games previously. Once I know it's clean, then I play it for the first time.

I would never ask for anyone's EXE. I was asking for a validation that someone else didn't have the same results by uploading to VirusTotal -- Google's AV aggregator -- will process it for analysis. It's not retrievable from there.

If the same with me, likely a false positive and might be worth the developers time to investigate.

If clean, then the problem is with my rig and I'll do an extensive re-install of OS & File cleaning.

Over at the workshop, there are thousands of subscribers, I think that's enough validation for you, Besides I believe you are the only one posting this virus/malware alert here in the forum,

Again, Haydee Interactive is offerring this game at a discount of close to 33% off now and thats around 10 bucks where I am, which I initially paid the full price, so putting out that 10 bucks ain't a big deal to help this nice game developer wouldn't you agree.

Let's move on, buy it and you will be a happy gamer on this game.

This might be a huge mistake ^.^ but here's my two cents again. Just to say I have had no issues with the official version of Haydee.

I checked out this totalvirus website & they have already scanned the launcher with 6/56 issues.
here are the issues.

Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20161126
Bkav W32.HfsAutoB.567D 20161126
CrowdStrike Falcon (ML) malicious_confidence_82% (D) 20161024
Cyren W32/FakeAlert.FY.gen!Eldorado 20161127
F-Prot W32/FakeAlert.FY.gen!Eldorado 20161127
Rising Malware.XPACK-LNR/Heur!1.5594 (classic) 20161127

Just like retrogunner said, I have also scanned my Haydee Folder with Super Anti Spyware, Anti Malware Bytes, & Windows Defender with no issues found.

I did notice another person say they had something flagged & it being a false positive, but that could have been about google drive ^.^

So, I do not know what this Totalvirus website has found (well I do, its posted above but I mean I do not know what its doing if anything, false positive? I would assume so).

retrogunner ^.^ I know what it's like to have PC issues & look for answers. Haydee is cool, no issues here. Im not sure what your rig is but I woud recommend the 'scorched earth' approach in wiping your PC & starting again, depending on your situation, it may be the best option.

If your on windows 10, your hardware configuration & product key are stored with microsoft, so you can make a bootable win 10 usb, wipe hard drive & reinstall windows no problem. After you have backed up important data that is.

Good Luck ^.^

Originally posted by Majin Vongola:

This might be a huge mistake ^.^ but here's my two cents again. Just to say I have had no issues with the official version of Haydee.

I checked out this totalvirus website & they have already scanned the launcher with 6/56 issues.
here are the issues.

Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20161126
Bkav W32.HfsAutoB.567D 20161126
CrowdStrike Falcon (ML) malicious_confidence_82% (D) 20161024
Cyren W32/FakeAlert.FY.gen!Eldorado 20161127
F-Prot W32/FakeAlert.FY.gen!Eldorado 20161127
Rising Malware.XPACK-LNR/Heur!1.5594 (classic) 20161127

Just like retrogunner said, I have also scanned my Haydee Folder with Super Anti Spyware, Anti Malware Bytes, & Windows Defender with no issues found.

I did notice another person say they had something flagged & it being a false positive, but that could have been about google drive ^.^

So, I do not know what this Totalvirus website has found (well I do, its posted above but I mean I do not know what its doing if anything, false positive? I would assume so).

retrogunner ^.^ I know what it's like to have PC issues & look for answers. Haydee is cool, no issues here. Im not sure what your rig is but I woud recommend the 'scorched earth' approach in wiping your PC & starting again, depending on your situation, it may be the best option.

If your on windows 10, your hardware configuration & product key are stored with microsoft, so you can make a bootable win 10 usb, wipe hard drive & reinstall windows no problem. After you have backed up important data that is.

Good Luck ^.^

Thank you for the solid post and confirmations. I really appreciate it. I've re-purchased it as I said I would. I've been really stoked to play it this week.

It sounds like it's time for fresh Windows install. I really wish Windows had an Overlay/qcow2 filesystem feature I could use so I could safely rollback my disk changes like I can with Linux and each game/app would be like a Docker or Snappy overlay. Oh well.

Cheers, Retro.

As an FYI, for those wondering how I did the check in addition to my AV ...

Before a new apps execution, I use one of the following on key files prior to its first execution, depending on the target's context:

Win - https://www.virustotal.com/en/documentation/desktop-applications/virustotal-uploader
Mac - https://www.virustotal.com/en/documentation/desktop-applications/mac-osx-uploader
Linux - https://www.virustotal.com/en/documentation/desktop-applications/linux-oss-uploader
Firefox - https://www.virustotal.com/en/documentation/browser-extensions/

I can then in my File Explorer or manager, simply right click and check the file. Easy Peasy.


On Windows, I also use Microsoft's SysInternals Process Explorer as my Task Manager - running it as a normal app is the default state. It automatically checks running apps signatures against VirusTotal if open. I have Process Explorer open nearly all the time wanting to know what's going on with my rig. (you have to set the Preferences to automatically Checksum all process' binary which will appear in the main ProcExp screen in the VirusTotal column)

https://blog.malwarebytes.com/cybercrime/2014/01/process-explorer-now-including-virustotal-support/

https://technet.microsoft.com/en-us/sysinternals/processexplorer

Cheers, Retro.

1st day i bought this, downloaded it and finally launched it ''didnt pop out any virus related to the .exe or any other file''.

so ... honestly if you want to be blatant and whine about how your anti-virus is giving you false positives, then refund the game honestly because ppl like you that don't mind at all to actually read what users that have hrs in such game have to say to you related to that.

Just ... read carefully next time, when someone said ''false positive'' its that and nothing else, stop going in an infinite loop of finding an answer that already have been responded more than twice.