Why would someone take so much effort to make the whole maps and...supposedly copy and insert RPGMaker scripts just to make a virus carrier tho ? Either we're dealing with the most backward "criminal" around, or there's something genuinely wrong with that anti virtualization thing.
You are asking wrong questions.
1st. The copy that was released was released on svscomics and here before it was even released to the stores (only 1 copy was sold at that time and that was the japanese version on dlsite and not the english one). Is the copy that we have the same as on the legit sites?
2nd. Even if the dev wanted to protect the program and the images/data/etc. He could use the highest protection of enigma protector without using/enforcing anti-sandbox and anti-virtualization techniqes. Why did he choose to add anti-sandbox/antivritualization protection?
3rd. the non enumareting files feature is not enforced on all the containers (only the game.exe and pack1.dat). pack2.dat and pack3.dat containers allows enumarating the files. Usually the devs want to protect their work = images and data/scripts and not the game engine and the rtp files.
4th. If what he says is true and Microsoft removed/cleared his game.exe from the virus definitions, why does it trigger as malware on my submission?
If both are true, then it means that they are different exes; his is clean while the one here is not.
Anyway, if you want to see what it happens in your system you can use procmon
You must be registered to see the links
and monitor the activity of that game.exe
ps. the antiviruses programs react at the 1st
evb4F9E.tmp and not at the 2nd "evb49FF.tmp" (1st and 2nd have random names on every run). Here you can find a detailed report of what the game.exe does
You must be registered to see the links
