Unity Strip Club Wars [v2.05] [Total Fluke Studios]

3.70 star(s) 43 Votes
Discussion Reviews (43)
Charonn57

Charonn57

Newbie
Mar 4, 2018
53
35
252
i wish it was a false positive .. and windows defender i can bypass ... on 2 downloads it was actually google Afbeelding van WhatsApp op 2025-07-26 om 21.28.52_dbb106cc.jpg that blocked them ... after bypassing and trying it in a VM (to check if it was a false positive ... it killed my VM ... after trying to execute something in c:\Users\VMtest\AppData\Local\Temp\
 
Last edited:
  • Like
Reactions: maankamara, Nik.Amen1 and Deleted member 1193722
K

Kyoka

Member
May 5, 2019
257
494
228
Charonn57 said:
i wish it was a false positive .. and windows defender i can bypass ... on 2 downloads it was actually google View attachment 5080889 that blocked them ... after bypassing and trying it in a VM (to check if it was a false positive ... it killed my VM ... after trying to execute something in c:\Users\VMtest\AppData\Local\Temp\
Click to expand...
im not a tech genious but isnt the appdata/temp folders where games save?.... so the game was probably trying to make a save or load a save.....
 
lhucio

lhucio

Member
Jan 7, 2021
173
342
186
Charonn57 said:
i wish it was a false positive .. and windows defender i can bypass ... on 2 downloads it was actually google View attachment 5080889 that blocked them ... after bypassing and trying it in a VM (to check if it was a false positive ... it killed my VM ... after trying to execute something in c:\Users\VMtest\AppData\Local\Temp\
Click to expand...
For a moment I got scared, I've done several scans with antivirus and antimalware tools... , I shouldn't trust reports from people who are much less tech-savvy than I am. If to show what's on the screen they take a photo with their phone, they clearly have no idea what they're doing :LOL:
 
  • Like
Reactions: playwithmywiener
D

Deleted member 1193722

Newbie
Jan 28, 2019
52
171
198
lhucio said:
For a moment I got scared, I've done several scans with antivirus and antimalware tools... , I shouldn't trust reports from people who are much less tech-savvy than I am. If to show what's on the screen they take a photo with their phone, they clearly have no idea what they're doing :LOL:
Click to expand...
Regardless of whether it actually is a virus, none of the download links can get past Google's or MEGA's virus filters. The creator needs to address all of this if they want anyone to play their game.
 
  • Like
Reactions: Nik.Amen1
Charonn57

Charonn57

Newbie
Mar 4, 2018
53
35
252
no .... temp folder can be used by programs to unpack their ''install'' files .... temp because they are ''cleared'' after the install .... cant check whats actually has been there as a VM is a virtual machine.. on my case i've set all log files to an USB stick, no internet access and limited write options ... so i can read the logs ... save files are usually (like renpy) in roaming or (like unity) in locallow ... local might be used by programs but usually to store program data (like shader cache's) .. but never in Temp ... zip & rar use the Temp folder to unpack files ... UNPACK .. but when unpacked ... they should never run anything from the temporairy folder in temp (wich infected zips do)
lhucio said:
For a moment I got scared, I've done several scans with antivirus and antimalware tools... , I shouldn't trust reports from people who are much less tech-savvy than I am. If to show what's on the screen they take a photo with their phone, they clearly have no idea what they're doing :LOL:
Click to expand...
and pst then explain me what it was execturing in the temp folder after unpacking ??? as far as techie .... LDA#00 .. STA # UYA ...
 
Charonn57

Charonn57

Newbie
Mar 4, 2018
53
35
252
i was just saying ... it crashed my VM after running in VM for executing something during unpack .... and that it wasn't Defender blocking it as u said ... but Google .. and why i showed picture from google blocking it .... no proof for virus... just proof that it's not just windows defender...
 
lhucio

lhucio

Member
Jan 7, 2021
173
342
186
Charonn57 said:
i was just saying ... it crashed my VM after running in VM for executing something during unpack .... and that it wasn't Defender blocking it as u said ... but Google .. and why i showed picture from google blocking it .... no proof for virus... just proof that it's not just windows defender...
Click to expand...
No proof for virus? So then what do you mean with this? 1753562572191.png
 
D

Demiare

Member
Sep 16, 2016
429
558
309
Charonn57 said:
i was just saying ... it crashed my VM after running in VM for executing something during unpack .... and that it wasn't Defender blocking it as u said ... but Google .. and why i showed picture from google blocking it .... no proof for virus... just proof that it's not just windows defender...
Click to expand...
When Google "blocking" it's look waaaaay more different :) That's your browser and/or antivirus doing, not Google. Guess your machine is already infected (or your provider compromised).

Neither archive or .exe itself that I could download not trigger any antivirus on VirusTotal check. That doesn't mean 100% safety but close to 99.(9)% one.
 
Charonn57

Charonn57

Newbie
Mar 4, 2018
53
35
252
thats the result i get with all downloads ..... the RESULT with downloading ... wich still doesn't say if if its a true or false postive ... does it ??? just states that i get same result from all downloads (including the one he posted on discord).... i normally check in a VM if its true or not .... but a VM has its limits ... so when it crashes ... noting is written to the VM ... but i can check the logs on USB what it's last action was prior to crashing .... still no proof ... but suspicious ... but cant be 100% sure ... nor ehat virustotal says can be 100% sure ... sadly detectors are always 1 step beyond ... even with heuristics ....
 
D

Demiare

Member
Sep 16, 2016
429
558
309
lhucio said:
Anyway I apologize, maybe you are right
Click to expand...
Let's check we're dealing with same package. I downloaded from MEGA link and

my archive MD5: 9e419606346d1f5c1f575eb73abb45af
my .exe MD5: ce11fa86bf9079ca689949115fbce177

Yours?
 
Charonn57

Charonn57

Newbie
Mar 4, 2018
53
35
252
as as far as the trojan link ..

all download sites contain ... Trojan:Script/Sabsik.FL.A!ml

... notice the ml at end ?? thats defenders execelent (cough couch) add on to say it's a Machine learning detection .... so no proof either ... wich means it thinks it is one , but at same time .. it doesn't really know.
 
lhucio

lhucio

Member
Jan 7, 2021
173
342
186
Demiare said:
Let's check we're dealing with same package. I downloaded from MEGA link and

my archive MD5: 9e419606346d1f5c1f575eb73abb45af
my .exe MD5: ce11fa86bf9079ca689949115fbce177

Yours?
Click to expand...
I'm sorry, I don't know. I deleted the file as soon as the trojan was detected by the windows defender. I downloaded it from Mixdrop, the file infected was the .zip as you can see in the img i posted before. At first, it didn't detect it and virustotal said it was ok, but after doing a full scan that took over an hour, then the windows defecnder detected it.
 
Last edited:
Charonn57

Charonn57

Newbie
Mar 4, 2018
53
35
252
sigh ....20% my online scanners mark it as suspicious , 80% says its safe , when unpacked with winace .... no virus/trojan nothing detected in the extracted files ... so i think it's something in the zip header ....
 
  • Like
Reactions: lhucio
D

Demiare

Member
Sep 16, 2016
429
558
309
lhucio said:
I'm sorry, I don't know. I deleted the file as soon as the trojan was detected by the windows defender. I downloaded it from Mixdrop, the file infected was the .zip as you can see in the img i posted before. At first, it didn't detect it and virustotal said it was ok, but after doing a full scan that took over an hour, then the windows defecnder detected it.
Click to expand...
Wait a minute. Zip file itself couldn't be infected (if only it isn't a self-extracting archive, so .exe file instead of .zip), only files inside it.
 
Charonn57

Charonn57

Newbie
Mar 4, 2018
53
35
252
after repacking it ... new zip file is 718650 .. old file was 72142127 bytes ... feel free to check
You must be registered to see the links
(not everyone plz ... just someonewho can check and if OK , replace the OP) and yeah i know my site isn't seen as secure .....
 
You must log in or register to reply here.
Top Bottom
3.70 star(s) 43 Votes