Arx Fatalis

Arx Fatalis

Lali 18 jun 2022 om 5:32
2
3
Arx Libertatis is NOT A VIRUS - this is how AV companies make money
Hey everyone! I'm really glad to see a lot of people being interested in Arx Fatalis! Unfortunately the game is old and have been totally abandoned by Arkane Studios, so don't expect any fixes from them. Arkane Studios was kind enough to release the source code and a good couple of people have been working on an unofficial patch to the game ever since, which is the infamous Arx Libertatis. The source code is available here: https://github.com/arx/ArxLibertatis and the official website is here: https://arx-libertatis.org/

A couple of things that Arx Libertatis does is: fix graphical issues, crashes, add support for modern hardware, add support for mac and linux, add a lot of debug tools and a console, improve rune recognition, stabilize controls and above all adds a lot of new features for modders to create new levels for Arx Fatalis.

There are a ton of issues with vanilla Arx Fatalis and when the unofficial patch Arx Libertatis is recommended as a solution the usual experience with it is that it is being immediately marked as unsafe for download by the browser or marked as a virus by various antivirus programs.

Arx Insanity mod is also coming with a custom Arx Libertatis inside it, so if you have problems with Arx Libertatis you will most likely experience the same issue with Arx Insanity too.

First of all, the browser will mark the installer of Arx Libertatis a potentially unsafe file when downloaded, because it's an exe file and ALL exe files are "potentially" dangerous. If you go to the browser's download page (show all downloads), then there is an option to tell the browser to let the file through.

Windows Defender and other antivirus software are even worse, because they immediately remove the exe file once Arx Libertatis is installed or even right after downloading the installer. Again, they are being overprotective, deleting the files for being "potentially" dangerous. How do antivirus companies make sure that an exe file, like arx-libertatis.exe is safe? You have to send them the exe file and they will check it for you and they will add it to their software's whitelist of safe files. That procedure is long, can take multiple months, because they get a lot of files to validate and it also potentially costs money.

Let's say you send the file to Microsoft for reviewing and then Defender will mark it as safe. Antivirus companies will not inform each other, so Avast, Bitdefender and others will still delete your file, if you have those installed. So you have to send it to every company out there, which is just nonsense.

What happens when Arx Libertatis releases a new version? You have to start all over and send the new exe file to every company again. This is how these companies make money!

So what I recommend is to disable the antivirus software TEMPORARILY on your computer while installing Arx Libertatis, add arx.exe to the exceptions and after that you can re-enable your antivirus and it will be all good.

Also, there is a portable version of Arx Libertatis, which comes in a zip file and does not require installation, you can place it to any folder that you wish. Just copy all the files from the original game, so that Arx Libertatis can access the game's assets and you're all good.

Bug report with some more technical infos from the lead developer himself: https://bugs.arx-libertatis.org/arx/issues/1477

So please, everyone, before writing off Arx Fatalis as a pile of junk try installing Arx Libertatis as a patch, because this is an old game from 2002 and it didn't get as much care and love as it deserves!
< >
1-15 van 46 reacties weergegeven
Another discussion with the same issue: https://www.reddit.com/r/ArxFatalis/comments/n4fk5d/arx_libertatis_virus_false_positive/
Daniel explains, that the Antivirus software check the game and finds the launcher, which's job is to detect if you have a 32 or 64 bit computer and launch the corresponding arx.exe.

Quote: The file with almost all of the "detections" is the arx.exe in the root directory, which is a 196 KiB stub executable that detects the host architecture and then runs either bin/x86/arx.exe or bin/x64/arx.exe. The largest part of this file is the embedded icon - there are only 536 bytes of executable code in this file, which should be small enough for anyone interested to disassemble.

Here is the source code, which is probably "causing the issue":
https://github.com/arx/ArxPackages/blob/master/scripts/launcher.c
Laatst bewerkt door Lali; 18 jun 2022 om 5:40
Thank you for a fine, detailed (and late to be posted here unfortunately...) answer for an ongoing issue the new players/community has great pain over. But something that seems easily resolved.

If it is as you say, the game install looking for client architecture, then like a lot of software available, there is a 32-bit and 64-bit versions for download. Perhaps AL cannot easily be parted out, or some other code reason, but hopefully not just file hosting reasons.

Also have to ask, do you have an estimate for the percent of 32-bit clients using AL is?
Laatst bewerkt door Bandy; 18 jun 2022 om 7:13
Arx Libertatis' portable download has exactly the solution of having a separate 32 bit and 64 bit version of arx.exe in the bin folder. It is only the arx.exe in the root folder that might cause this issue.

Sadly I don't have stats on how many people are playing Arx on a 32 bit machine, but I assume it's less, than 10%
Can we get this pinned, or, aren't there any moderators here???

Yes I was concerned as well getting the AV alert from browser then Win Def, but searched online to my satisfaction and enjoyed the game virus/trojan free. But most panic and do not bother to use forum search, or can't effectively.
Laatst bewerkt door Bandy; 1 aug 2022 om 5:34
Grateful for people spreading the message well and clear. Looking into getting serious about this game after a long time of ignoring it past the demos. But I've been a big fan of Arkane since Dark Messiah. Getting AVs on mods is always concerning, but also common just because its not some mass or corporate download. So its good to get reassuring voices to the top of the forums
I just spent a few hours last weekend to setup everything on windows 11 to have Arx Libertatis compiled directly from source code. If someone is really conserned about having viruses in Arx Libertatis then I'll gladly help him/her in setting up the C++ compiling tools for windows using official, trusted Microsoft programs. Another idea for someone who doesn't want to install the game on their computer because of "security issues" is to have it running in a virtual machine, like VirtualBox. These are all tedious, but definitely doable options if all else fails.
People that run AV sure as ♥♥♥♥ aren't gonna be bothered compiling from source, or even reading the source. May be a few outliers but good luck with that!
How comes that AV software thinks AL 1.2.1 contains a Trojan, but AL 1.2 doesn't? I think this must be explained, before shouting "false virus" and blaming AV software.
Origineel geplaatst door lonetrav:
How comes that AV software thinks AL 1.2.1 contains a Trojan, but AL 1.2 doesn't? I think this must be explained, before shouting "false virus" and blaming AV software.
If not satisfied, then you can and should look at the patch notes between the two.

The devs really should have just released two versions 32- and 64-bit and let client decide which to install, rather than one version and the installer sniff detect the system, which <guessing> is likely the culprit. Other software does not b/c it has gone thru the win certification process which assume is a time and money thing.
Laatst bewerkt door Bandy; 21 okt 2022 om 3:55
Origineel geplaatst door lonetrav:
How comes that AV software thinks AL 1.2.1 contains a Trojan, but AL 1.2 doesn't? I think this must be explained, before shouting "false virus" and blaming AV software.

I'm chatting with the devs on IRC which you can follow along through the logs, I'll be quoting from there: https://arx-libertatis.org/irclogs/2022/%23arx.2022-10-23.log

1.2 was whitelisted, so whatever caused 1.2.1 to not pass through have been introduced earlier. Checking through the reports and what is being marked as SUS or unsafe you can find nonsense, like marking the readme as ransomware because it contains the following text: Copy the data (.pak files and misc and graph directories) from a fully patched Arx Fatalis 1.21..or 1.22 install into this directory to use them with arx and arx-portable
( source: https://www.joesandbox.com/analysis/685670/0/html )
Laatst bewerkt door Lali; 23 okt 2022 om 10:01
Thanks, and not whitelisting 1.2.1 might explain the difference to 1.2. Nevertheless, Norton reports a Trojan (which has nothing to do with a piece of text), and it's a personal decision to accept the risk or not.
The reason why I posted here is that I like (AF and) AL, and I would like this Trojan issue to be resolved once and for all - after all, most other game mods don't have such a problem at all. I suppose the mod developers know why browsers and AV software complain about AL 1.2.1, and unless the reason is critical for AL to be working, it should be possible to modify AL accordingly. Correct me if I'm wrong.
Don't get me wrong, this is indeed an irritating issue that needs to be resolved eventually, because we can't promote AL as an alternative for Arx Fatalis when it is marked as unsafe by numerous sources. The main issue is that with these reports the devs don't get feedback on how to make the app safe or what exactly triggers these warnings.
So it is totally fine to expect a software to be marked as safe, but with so many false positives it's very hard to know what to change.

@Ionetrav: does Norton have any issues if you download the portable version which contains a zip file with exe files instead of downloading the installer? (link: https://arx-libertatis.org/files/arx-libertatis-1.2.1-windows.zip)
I hadn't downloaded this file, because Firefox said it contained a virus or malware. Now I did download it and let Norton scan it. Norton didn't complain, but I find the report a bit odd (I'm not really experienced with Norton reports). It says Scanned Elements:2, no risks, but: Ignored Files: 2. To me this sounds like Norton didn't do anything at all - although Norton is capable of scanning zip files.
I won't try to unzip the file on the PC I'm using right now - perhaps on a different one tomorrow,
I've grabbed the zip version of arx libertatis 1.2.1 and removed arx.exe and arx-portable.exe from it and re-bundled it back into a zip file: https://drive.google.com/file/d/1P7cjK10XQKP9ZqGAbGc7R-lyAOhYVbcO/view?usp=sharing

Try downloading this and run this through Norton to see if this gets any threats detected. Arx can be executed with this by running bin/x86/arx.exe or bin/x64/arx.exe
Norton and Firefox didn't complain. I copied the Arx Fatalis files into the Arx Libertatis folder and ran the bin\x64\arx.exe - looks great!
Thanks for your help - and I hope I could help you to identify the issue(s), too.
Laatst bewerkt door lonetrav; 23 okt 2022 om 13:37
< >
1-15 van 46 reacties weergegeven
Per pagina: 1530 50