These scans use heuristics and are notorious at being wrong. There is definitely no trojan in our files. The file is signed by us, so if the signature is intact, it means the file has not been modified since we built it. There is no malware on our build machines.

It looks like many of the "detections" are because we include an RTF file:

图像因不支持 HTTPS 被隐藏。 | 仍然显示

Every RTF file is marked as "unsafe" ever since Microsoft or whoever decided they couldn't fix the RTF viewers. We'll change it to PDF in the future.

All these antivirus organizations are flagging it as Rich Trojan Format .

I apologize for the last sentence. But I was just annoyed at how issues were handled here

Hi all, I just purchased a license and downloaded the Essentials version of Spine. I am also getting a virus warning and my browser actually deletes the file before I can even install it so I don't have a way to install. My org doesn't mess around with virus detection, whether it's false positive or not - the files disappear.

How soon will you have an updated build posted? Do you have any more concrete assurance besides "trust me, our build machines aren't compromised"?

Note that I actually didn't have any warnings when I installed the trial version on 1/5/24.

@Dali Where exactly did we not take this topic seriously? I don't see what could have upset you. You have chosen to use antivirus software which has malfunctioned and incorrectly flagged Spine as malicious when it is not. There is very little else we can do but explain that this isn't our problem. There is nothing we can fix or do to make antivirus software stop such nonsense.

@profexorgeek We don't do new builds of the Spine launcher very often (the launcher is what downloads and runs the update files for a particular editor version). The only reason we have to do a new build is to change the license from RTF to PDF. We will try to get to this soon, after we finish the next beta release (4.2.10-beta).

We guarantee it in our Spine Editor License Agreement:
http://esotericsoftware.com/spine-editor-license#s7
There is no stronger assurances that we could possibly give. At some point you need to trust the software vendor for each piece of software you use.

Ultimately if you must use an antivirus and your antivirus interferes with Spine, then you will need to add Spine to the safelist to stop the interference. If you work at a business, you likely need to contact your IT department.

We'd love to be more helpful than this, but there is just nothing else that we can do.

I definitely get the challenge of false positives and appreciate the license agreement commitment. Hopefully I didn't come across as ranty, I'm just blocked. I don't have to convince me, I have to convince someone in my org (IT) that it's safe tto download and install this. I'd need fairly concrete assurance for that so it probably won't happen on this device. I may be able to install on another device.

Sorry, one more thought that occurred to me.

1. The launcher auto-updates itself/Spine if I understand correctly
2. The most recent build is the one that has the RTF-vs-PDF problem
3. Could I download an older build for the install and then let it update itself?

No hard feelings here! I can imagine it's super annoying to be blocked by an antivirus out of your control. We also feel helpless about it.

The Spine launcher never auto updates itself. It downloads an update file depending on the version of the editor you want to run. Very rarely the launcher needs to be updated to be able to run a newer editor version, in which case it will let you know you need to download the latest and reinstall, but it won't update itself.

We've always used a license.rtf file, in every Spine launcher build for ₁₀ years, so I don't think an old build would help. I think only recently it was declared by Microsoft or someone that all RTF files are unsafe, leading to this problem. We have very little insight into antivirus malfunctions though, so this is only a guess. This has also happened multiple times in the past for really no apparent reason. Antivirus is a literal guessing game: it looks at software and guesses if it's a virus. When it's wrong, this happens.

We'll see about expediting a build that has the license as a PDF.

I wanted to be able to use Spine comfortably on my weaker computer. Today I used a more powerful computer that I only use for 3D renderings and animation and no warning. This is really strange because both computers run on Windows 11, one fails Defender, the other doesn't. Both computers have all Windows updates up to date. On the weaker mini Computer the The spine2d exe is deleted immediately without me being able to click on anything.

I would like to apologize again for my sentence yesterday, it's not my style either. Spine2d is still a great program, intuitive and a lot of fun to work with. In any case, I'm sure that I had installed spine2d on the mini and everything without any problems before I wanted to have all the software on just one computer

No worries @Dali!

It is strange that Defender isn't consistent across different computers. I can't imagine why that would be. You'd think it's kind of the whole idea to identify a "threat" no matter what computer it was on. This kind of thing just furthers my opinion that antivirus is impossible to make good.

Windows has another mechanism called SmartScreen that warns users about running potentially malicious software. It sends data back to Microsoft when users run software without problems, so when enough people are using and trusting a specific software program, SmartScreen stops prompting about it being potentially malicious. This kind of system works well and is separate from Defender/antivirus.

We hope to release a new build of the Spine launcher today. I'll post here when it's up.

If @Dali problem is like mine, I don't think it is actually Windows Defender. I think it's my work organization's policies enforced at the browser level. If you have one machine that is controlled by your work IT, they may have policies enforced on the browser that are much more restrictive than normal anti-virus. This is my theory on why it might work fine for most people on most machines but some folks can't even keep the executable around long enough to launch it.

I have the same problem where the installer executable is deleted immediately when the download completes so I can't install it.

Sorry for the repeated posts, I'm posting here one more time in case anyone else comes along and reads this.

I was wrong, it IS Windows Defender and I was able to verify that it is because of the RTF file. As Dali originally posted, it is mis-identified as containing Trojan:Win32/Vigorf.A and in my previous Trial setup it didn't block the install but quarantined the license.rtf file.

All 90 of the scanners at Virus Total now report it as clean though, Windows Defender is just slower to update. What a frustrating problem for ya'll, I hope changing to PDF makes this go away!

Huh, last night 7 scanners on virustotal flagged the RTF. Maybe they relaxed their RTF flagging. Hopefully that helps Defender, eventually.

We'll have a new launcher up with a PDF license in the morning. Sorry for the delay!

No problem. Hopefully your update will make the problem go away so you don't have to worry about it.

I got unblocked and was able to install. We're working on integrating Spine support into our game engine, FlatRedBall. We currently use MonoGame for rendering so we're wrapping the MonoGame Runtime to support our engine features such as collision management, event bubbling, and more.

Our engine and users are primarily focused on pixel art style games so I'm building a set of simple animations for us to test our key scenarios.

Thanks for the help and attention.

The 4.2.03 launcher is up! No more dangerous RTF file!

Your project sounds fun! Note there are a number of viewport settings in Spine you can use for pixel art, depending on the style you are going for: Pixel grid, Smoothing 0, Highlight smoothing. In 4.2 (currently in beta) there is a Pixels compensation button on the main toolbar, it adjusts region attachments to always match screen pixels 1:1 in setup mode. 4.2 also has a Highlight Pixels hotkey that colors pixels that don't match 1:1.

Good evening,
i'm glad I was able to install it without any further problems.
thank you

Great! Thanks for following up and letting us know. I'm super glad that fixed it.