Tool Unity Ren'Py Renpy + Unity Malware Scanner

[Uncle Eugene]

Updated to v1.2

Nothing really changed, mainly made some adjustments to output texts and added disclaimer for renpy scanning, stating that it is only a diff check for now, so people don't freak out and spam game threads that there is a malware

Ah yes, and I'm down to only 2 triggers on virustotal instead of 3 now! So the app is 33% less malicious
Also put back a "safety proof" part of the OP so people don't get a habit of trusting random .exe files from the web

 

[F1forhalp]

i'm downloading stuff on a Linux box, so can't run the scanner from this.
curious. i think i'm just getting all the legit Ren'Py versions i can get, and put them into according subfolders under the \temp and see how that turns out. i guess with a bit of trying to put the right folder names, should work on any Ren'Py game sooner or later.

 

[Uncle Eugene]

i'm downloading stuff on a Linux box, so can't run the scanner from this.
curious. i think i'm just getting all the legit Ren'Py versions i can get, and put them into according subfolders under the \temp and see how that turns out. i guess with a bit of trying to put the right folder names, should work on any Ren'Py game sooner or later.

Still sounds like some waste of time to me but whatever I guess
You could've just created a clean installation of renpy and copied only "game" folder from downloaded games there, would be the same result

Anyway here's the file structure: AppData\Local\Temp\AntiMalwareCache\Renpy\7.4.4\renpy-7.4.4-sdk where 7.4.4 is, obviously, renpy version and renpy-7.4.4-sdk is the downloaded sdk folder with all the files, can be called whatever, comes with original renpy archives from their site

 

[F1forhalp]

Still sounds like some waste of time to me but whatever I guess
You could've just created a clean installation of renpy and copied only "game" folder from downloaded games there, would be the same result

Anyway here's the file structure: AppData\Local\Temp\AntiMalwareCache\Renpy\7.4.4\renpy-7.4.4-sdk where 7.4.4 is, obviously, renpy version and renpy-7.4.4-sdk is the downloaded sdk folder with all the files, can be called whatever, comes with original renpy archives from their site

got it, thanks!
the time wasted thing, i'm retired, enough time to waste unless it's sunny outside.

 

[DocRipper]

Thank you for your effort a trying make this site safer.Very interesting tool and good idea.
I guess we don't have any success statistics yet.

You say it's for Unity (Mono). Are you planning any solution for il2cpp? I know there aren't many porn il2cpp games, but there are some and they are often popular games, so they can be a perfect target for attackers.

 

[Uncle Eugene]

Thank you for your effort a trying make this site safer.Very interesting tool and good idea.
I guess we don't have any success statistics yet.

You say it's for Unity (Mono). Are you planning any solution for il2cpp? I know there aren't many porn il2cpp games, but there are some and they are often popular games, so they can be a perfect target for attackers.

I don't have any good ideas on how to scan il2cpp game, at that point I would really be making actual antivirus. Also there wasn't a single il2cpp game targeted for now as I know of since infecting them is not an easy task either

I do feel kinda unsafe when running il2cpp games myself, so if I'll develop this tool further I'll probably include a "patcher" feature that was planned since the beginning that hooks windows functions that could be used to run/download malware and prompts the user if he would like to proceed. So this way it won't scan anything but prevent an actual attack if/when it happens

as for unity statistics I'd say around 10% of the mono games trigger the "false positive" and 100% of infected games are flagged as well. So I guess it's working, at least for now. Didn't get my hands on many infected unity games tho, only around 5-6

 

[DasOrakel]

Updated to v1.2

Nothing really changed, mainly made some adjustments to output texts and added disclaimer for renpy scanning, stating that it is only a diff check for now, so people don't freak out and spam game threads that there is a malware

Ah yes, and I'm down to only 2 triggers on virustotal instead of 3 now! So the app is 33% less malicious
Also put back a "safety proof" part of the OP so people don't get a habit of trusting random .exe files from the web

Up to 4 now:

You must be registered to see the links

The tool is now 100% more dangerous ;P

 

[Uncle Eugene]

Up to 4 now:

You must be registered to see the links

The tool is now 100% more dangerous ;P

It says google. Does it mean Chrome now blocks the download? Sad if so, I'm not sure how to avoid those triggers

By the way I did check the pure .exe only, so it may be the .zip archive that triggers new AV. This can be fixed by recompressing

Edit: Tested, looks like download works normally. Also checked unpacked .exe instead of .zip and it also gets flagged 4 times, but by different antiviruses... Oh...