Today they put Postal 2 as a free game and I took the opportunity to install it from the offline backup game installer on the official GOG.com website. It installed correctly, I tested the game and it worked fine, but when I finished playing and exited the game my antivirus (Avast) indicates that Postal2.exe is an IDP.Generic type virus.

I just wanted to test the game, so without knowing if it was a false positive or not I decided to uninstall Postal 2, I did some research on some forums, it seems that Steam platform also had problems with the antivirus in Postal 2, I even uploaded Postal2.exe to virustotal.com, out of more than 60 antiviruses, two warned that it was a virus.

I don't know if this has happened to anyone else. Can anyone confirm if this is a false positive (and create an exception in my antivirus) or should I be concerned?

Upload the file here - https://www.virustotal.com/gui/home/upload

I send you the screenshot It's true, it makes sense. I suppose that being an old game there is some part of the code that due to heuristics triggers the alarm of some antiviruses and it is a false positive. Thanks for the help.

I would praise the day when AVs would be honest about their findings.

Not screaming "VIRUSALERT" but

"I found something that got some code and/or behavior inside, that is somehow related to the code of bad software or the behavior of potential threats I know

Options for you:

1. Quarantaine it and send it to the vendor for further research

2. Send it to the vendor flaged as false postive if you are sure about your source"


Just to find the way to false positive inform the AV vendors about false positive can be a hard thing for many vendors.
And most of the time you have to send an email. Not even the option to upload stuff.

At last some vendors answer your mail and tell you, that it is indeed a false positive and it will be fixed with the next update.
Human interaction - not that normal anymore these days...

I didn't know you could send to AV vendors about questionable positives. At first I had the game executable in quarantine, but now with all this information I know how to do more precise research and inform the vendors if I have any doubts. Thanks.

A lot of times when i compile an AHK script into an exe, virus scanners will say it has a virus too.

Why didn't all these virus scanners pick up software like redshell and other spyware and others in games?
Why was it that only a handful of those on virustotal picked up the pinnacle profiler trojan and only the pro version of malware bytes until much later?

Yo diría que la razón es que todo se reduce al dinero y a los intereses de algunas empresas y organizaciones. Es verdad que cada día salen nuevas ciber-amenazas y seamos realistas, no existe la protección perfecta.
Algunas herramientas dependen de los reportes de algunas comunidades (especialmente el software libre) y hay está su eficacia, algunas compañías no se molestan en hacer actualizaciones reales si no pagas o puede que se guarden para ellos mismos o algunas empresas importantes. Bueno, esa es mi impresión.

I find you salty. Everibody tries to force or to overlook, preach or affirm something (or someone, or their pride and prejudices, directly) on someone else (who seldom do not know personally) recently. It's a bad trend in this world. But this time I think the interface trades precision (of a complete report in the immediate alert) with simplicity, thus friendliness to the "lay"/beginner user (who does not know what to think of a technical report which, I suppose, is still available further)
Speaking with someone is underrated (some big enterprises think it mainly as a cost, as it requires workforce, but it's implied pr of the best kind possible, instead. Its absence generates resentment even with minor issues, the customer feels ignored or even useless, which (s)he can't be, since it's the reason of the business, both as a purpose and as a profit). 2 is the best option (it does not exclude 1, probably they are the same, somewhat: quarantine, then get it analysed/sent. Cisco (ClamAV) does it. Avast doesn't quite fit me, but it does it too.
There
https://www.avast.com/false-positive-file-form.php