CREATE YOUR AI CUM SLUT ON CANDY.AI TRY FOR FREE
x

TheBlueKnight

Discussion Dynamo
Respected User
Jr. Uploader
Oct 1, 2018
25,499
19,549
any update of this game ?
The has been compete for sometime. The English version did get a update yesterday though and is now up to 1.13a, no news post about it yet though so don't know what fixes it had.
 

DZ666

Newbie
Mar 3, 2020
81
99
This was honestly pretty disappointing. With the fact that an uncensor patch exists, I figured there'd be a way around the prostitution portion and still get the sexy bits for the player (while still running the place as pretty much a sort of night club like the censored version), but it doesn't really seem to be the case (and still actually make it through the game).
 

TheBlueKnight

Discussion Dynamo
Respected User
Jr. Uploader
Oct 1, 2018
25,499
19,549
The game did used to have brothel in the title, but that was change to the slightly misleading club in the English release.
 
  • Thinking Face
Reactions: Konstantinus

sirseatbelt

Newbie
Jul 9, 2019
22
30
Yeah, just ignore it though and give perms. It's a false flag.
I've put about 6 hours in to it and suddenly Windows decides to delete the application file. Tried unzipping and copying the new version in to the old folder and it refused. I copied the old saves in to the new folder, and then Windows deleted the application. Suggestions?

Edit: wow, Windows is militant about this. It just deletes the application, within a minute of me extracting it. I'm going to go ahead and assume its cancer.

Edit 2: Cancer confirmed.
 
Last edited:

jazz154

Active Member
Jul 21, 2017
583
850
I've put about 6 hours in to it and suddenly Windows decides to delete the application file. Tried unzipping and copying the new version in to the old folder and it refused. I copied the old saves in to the new folder, and then Windows deleted the application. Suggestions?

Edit: wow, Windows is militant about this. It just deletes the application, within a minute of me extracting it. I'm going to go ahead and assume its cancer.

Edit 2: Cancer confirmed.
Ever heard of false positives? Anti-virus is just a pogram, it can identify false threats and if you can't add exception, then... well maybe you shouldn't be playing it.

EDIT:
 
Last edited:

sirseatbelt

Newbie
Jul 9, 2019
22
30
Ever heard of false positives? Anti-virus is just a pogram, it can identify false threats and if you can't add exception, then... well maybe you shouldn't be playing it.

EDIT:
For sure. If it had flagged it for generic suspicion of malicious activity I'd probably wave it on. But it identified a specific piece of malware. Virus scanners work through comparing signatures. There are a bunch of ways to do that. The common one is through a simple hash signature and since you're a security expert you don't need me to explain the math behind collisions.

There are other ways. Matching lines of code or specific patters of behavior. But since this is a pirated hentai video game, I'm going to lean on the side of caution and find something else that doesn't match up to a known piece of malicious code. But hey. You do you booboo.
 

FruitSmoothie

Well-Known Member
Jan 22, 2019
1,737
2,171
For sure. If it had flagged it for generic suspicion of malicious activity I'd probably wave it on. But it identified a specific piece of malware. Virus scanners work through comparing signatures. There are a bunch of ways to do that. The common one is through a simple hash signature and since you're a security expert you don't need me to explain the math behind collisions.

There are other ways. Matching lines of code or specific patters of behavior. But since this is a pirated hentai video game, I'm going to lean on the side of caution and find something else that doesn't match up to a known piece of malicious code. But hey. You do you booboo.
It's a known issue discussed by official steam team Not saying there's no way it couldn't have been laced with a virus even after that, but just so ya know. You'd been getting a warning even if it wasn't pirated lol.
 
Last edited:
  • Like
Reactions: jazz154

BupoTiling03-Retired

Well-Known Member
Modder
Jul 21, 2018
1,351
1,906
I've put about 6 hours in to it and suddenly Windows decides to delete the application file. Tried unzipping and copying the new version in to the old folder and it refused. I copied the old saves in to the new folder, and then Windows deleted the application. Suggestions?

Edit: wow, Windows is militant about this. It just deletes the application, within a minute of me extracting it. I'm going to go ahead and assume its cancer.

Edit 2: Cancer confirmed.
For sure. If it had flagged it for generic suspicion of malicious activity I'd probably wave it on. But it identified a specific piece of malware. Virus scanners work through comparing signatures. There are a bunch of ways to do that. The common one is through a simple hash signature and since you're a security expert you don't need me to explain the math behind collisions.

There are other ways. Matching lines of code or specific patters of behavior. But since this is a pirated hentai video game, I'm going to lean on the side of caution and find something else that doesn't match up to a known piece of malicious code. But hey. You do you booboo.
I'm not going to suggest you stop using Defender and switch to Enterprise w/KMS with baseline privacy GPOs enabled to disable Big Brother (along with a lot of other software including a patched copy of WFC to set FW keys to read-only to prevent anything from modifying them), you wouldn't be able to rely on your own skills to reverse-engineer anything it looks (the more I hang around this forum, it seems these skills elude many, no offense meant). Instead, I'll try to explain a little about AVs:
Defender's over-protective nature these days is to damage control everything given how horrible a history it has. Usually Defender sits in the background, low-priority scanning everything based on your usage of them. Take a HD out and put a virus in an obscure, never-used folder and it will take a full scan to ever see it. Lazy scanning. Ex: Download a file, immediately scanned (but if compressed, needs decompression, may not be able to detect). On file write/library load (software term) you can run the extracted executable until the AV engine in the background scans it. If it flags something, it temporarily goes into a higher-priority scanning mode and uses cached io to keep a quicker eye on those recently accessed uri paths or memory patterns (such as using specific undocumented Windows APIs)... That's just a toe-dip, there is a lot more going on behind the scenes.

AVs use other means than signatures to decide on whether to flag something. Ten years ago, every AV would bitch about UPX-ed executables despite UPX being entirely harmless (a compressor). It took ages for everyone to just unpack the executable and scan the payload instead and stop bitching. Signatures were created to then allow UPX...except if it was modified, (custom jmp at end to another code cave) you could get around crappy AVs and it'd still be viral. Because of simple tricks like that, signatures are not always specific enough anyway and are given to categorize what is not always determined but rather assumed. In the case of Bifrost, it probably matches enough characteristics to be flagged as something else. Signatures though have come to include behavior analysis routines rather than 'PE section names, api/routine/string/region-detection, etc...'

AVs don't use many hash signatures anymore, hashes are almost entirely useless except to save time on known small, 4KB> executables. Change a byte, hash changes, useless. Even if you were to use specific regions of memory. Hell, pack it, entire thing changes. Some AVs automatically rate an executable higher during analysis if it is unsigned, for example. Simply removing a signature can cause some AVs to magically now think it is "SomeRandomVirusABC" or "SomeRandomTrojanXYZ". Some AVs do use string analysis to search for things such as "ntldr" or "bootsect" and will flag an executable certain kinds of strings are found. ...No lines of code in compiled software, unless it is emulating/a byte-code machine similar to PHP, etc.

Every AV out there almost, sucks. Either they're crap and miss everything or they false-positive the fuck out of everything. Before I stopped using AVs long ago (useless, I do it myself now, don't need an AV), I used MalwareBytes. Sucks they went paid-only, was an easy and cheap solution to friends/family without being bothered to fix things. Not going to keep up patching it to provide to friends/family, just too much in life to bother with it.

As for Bifrost, it is indeed a false-positive. You can either play it in a VM (very little can ever escape a VM) or you can pass on. I believe the reason it is identifying it as something else is because it uses a scripted engine and the scripts are incorrectly encoded, (a trick used long ago to elude scanners, by Asian regions but not used anymore because it is useless (clearly marked even on false positives)). "This Trojan connects to the following possibly malicious URL:..." Also not true. If you use the old steam_api, an emulator by Goldberg, it does try to open a socket to local network by default because that emulator tries to implement LAN-games. I patched that steam_api a few versions ago to stop that behavior (unnecessary in a game like this) so that Windows Firewall would stfu about socket calls being opened. If OP didn't include that, you can disable those requests by creating steam_settings\offline.txt and steam_settings\disable_networking.txt and Windows Firewall will stfu from then on. (Or you can byte-patch two bools but I believe that beyond your ability at the moment.) You can also use ProcExp to keep a continual list of all processes the game ever starts (none...). That Trend Crapo result mentions it calls vbc (Visual Basic Compiler) to compile some .NET code but it never launches it. Trend Crapo is reporting by signature name what is done, not on results of actual analysis of software. It never creates any processes. Another suggestion would be that every AV suggests a different type. Trend Crapo thinks it is Wacatac. Microshit thinks it is AutoItInjector and identifies Wacatac as Wacatac and Adromeda Bot as Andromeda Bot (both of which are not being named in Microshit's detection). McaCreep thinks it is AutoItInjector. Kasperusky thinks it is Andromeda Bot. Yes there is room for error in analysis and differences in signatures and detection methods but this just further suggests it isn't known but merely looks suspicious. Considering that everyone who uses an AV is getting "detections" from legitimate buys on Steam of Bifrost, you could assume only two possibilities: A company has risked a lot (imagine the consequences) to push viral software out there that garners "low damage" (what profitz? ;]) or it is a false-positive.

Quite frankly, Bifrost should have been wrote in perhaps Godot (little to no false-positives). This in-house engine is blegh to begin with. Damn shift_jis/cjk encoding...

If you'd like to learn more about anything like this, I'd suggest learning Assembly, C++, IDEs, Debuggers, Operating Systems. All of that would point you in the right direction to begin.

*Edit* Wrote exhausted, should probably go to bed. Not everything was clearly aimed at whoever I was supposed to direct to. HUNGRY TOO. Damn COVID hoarders.
 

sirseatbelt

Newbie
Jul 9, 2019
22
30
Thats a good reply. Thanks. I'm still going to pass on it. But I appreciate the time you put in to your answer. :)

I did a little buffer overflow exploit project in Assembly a little while ago and took some basic coding classes in school as part of my major so I'm going to pass on that shit. I'm more business side than tech side when it comes to IT. :p
 

BupoTiling03-Retired

Well-Known Member
Modder
Jul 21, 2018
1,351
1,906
Thats a good reply. Thanks. I'm still going to pass on it. But I appreciate the time you put in to your answer. :)

I did a little buffer overflow exploit project in Assembly a little while ago and took some basic coding classes in school as part of my major so I'm going to pass on that shit. I'm more business side than tech side when it comes to IT. :p
All good, to each his own. The whole post only took a few minutes, I think. I was quite tired at the time and I believe I lost some while replying. :p I'm no businessman because I'd be the guy who gave everything away for free, just my way. Anything in particular you didn't like to make you consider passing on reverse-engineering/coding? Just curious of mind types out there in the world.
 

whale lord

New Member
Jul 27, 2017
9
0
Any save editors that work for the steam version or is there a link to download the Japanese version with a English translation.
 

Skyzenski

Member
Apr 6, 2018
168
86
Interesting game, got all cgs so on that part the work is done.

Overall a really simplistic brothel management, you buy a girl, train her and have her service clients. Clients can have a special status such as NTR, rough, STD... basically they have an effect on the girl. Things that I would have liked to have in the game:

-Clients that come back without charming them or using any other effect: Overall having a few regulars would be quite a great thing, even more if you could manage to get rich regulars...

-Expanded effects for bad status: For example the girl becoming a masochist or submissive if they have sex with too many rough clients, related to NTR it would be kind of related to the previous point but expanding upon it would be interesting.

-Clients wanting to redeem girls to marry them.

-Good endings to Milia outside of her route

-Expanded training for girls, making them queens, masochists, cum dumps...

Even so it was a good game play, overall the only issue I find is related to being too simple but well, that's my opinion.
How to make a monster girl got [Cum dumps]? I know how to get [Queens]
 
4.80 star(s) 150 Votes