Finding Rootkits in most downloaded games?

[mr.Dante]

I've done virus scans on most all files as I download them here and I don't usually find anything. I just did a full scan of my computer though and found a good number of RenPy & RPGM games, maybe almost a dozen of them, had Rootkit viruses within them. Anyone else having this problem or are these being falsely flagged by my anti-virus program (Norton)? Because I was doing targeted searches of these folders and not finding anything.

I wouldn't be surprised with maybe finding this within one game but it seems odd that I'm finding them in so many games unless it is common here and I wasn't aware. I don't remember every game, I'm rerunning the full scan again now, but I do remember "Alice's Conclusion" & "Amy's Ecstasy" being two that had it.

 

[AlternateDreams]

Please read this thread asap: https://f95zone.to/threads/recent-malware-infected-games.207437/

 

[Insomnimaniac Games]

Please read this thread asap: https://f95zone.to/threads/recent-malware-infected-games.207437/

I don't think it's that, as he's getting it with RPGM games as well. It's either false flags, or it's his own PC. Given that he's using Norton, the former is extremely likely. As well as annoying popups telling him to buy X package.

 

[mr.Dante]

I don't think it's that, as he's getting it with RPGM games as well. It's either false flags, or it's his own PC. Given that he's using Norton, the former is extremely likely. As well as annoying popups telling him to buy X package.

Appreciate your reply. And you are correct, I’ve seen the thread that was linked but this was RPGM games as well as RenPy games and wasn’t any of the games listed in that thread.

I had no pop ups, but not sure what you mean by being the PC. Regardless, they may have been false flags because they weren’t found again on a second scan.

 

[Insomnimaniac Games]

I had no pop ups, but not sure what you mean by being the PC. Regardless, they may have been false flags because they weren’t found again on a second scan.

Just jokes about Norton. It was/is notorious for pop-ups and other shenanigans.

 

[anne O'nymous]

I don't think it's that, as he's getting it with RPGM games as well. It's either false flags, or it's his own PC.

I don't think its false flags, it seem to cover a bit too wild range for that. The probability for the same alarm to be falsely triggered by both RPGM and Ren'Py is really low. But I also agree that it don't looks like the attacks against the forum.

 

[whowhawhy]

renpy devevloper and rpgmaker community say it's common for norton to flag these engines. "norton power eraser", if you've used its rootkit scanner specifically, especially so (from reddit comments and wikipedia, it's meant as a cleanup tool once you know the machine's been infected and want to bypass anti-removal protections the malware you got may be equipped with, and not for preventative scanning). feel free to compare with what different vendors have to say about your files by uploading them to virustotal, though.

for renpy games mentioned in the linked thread, an antivirus wouldn't detect the threat until the game runs and the added scripts download/extract the actual malware (might be different with the most recent one, since the malware got included in the files instead of hosted online, but that's too recent to matter here)

 

[anne O'nymous]

for renpy games mentioned in the linked thread, [...]

Thought about another possibility than the voluntarily infected games spreed here. There's also the voluntarily infected games spreed by the to.it copycat... And OP wouldn't be the first one to confuse the two, nor to use the two without understanding that they are radically different sites.