Update: Looks like it's probably a false flag, doing some more research now.
Original comment:
Hey, downloaded the free Windows version and got a warning about a trojen known as PUA:Win32/PornTool in the files. Quarantined and deleted the whole game to be safe.
I'm assuming the dev didn't add it based on the socials and animation work I've seen. Probably it came from some open source or a dependency thing they are using. Get that checked out pronto and removed in an emergency patch ASAP
Once I hear from the dev that it's been fixed I'll edit or remove this comment. Sorry to be the barer of bad news on your first comment here.
Hey, I appreciate the report. To create this project I've purely used Koikatsu, Ren'Py, and VsCode so I can assure you no trojans or other such viruses have been added by me.
After a bit of research, Win32/PornTool seems to be a grouping that Malwarebytes defines as:
'Porntool. is Malwarebytes’ detection name for a category of trojans that are designed to display adult content on the users’ computer, or to be used to search for adult content (in case of a Toolbar).'
I'd say that it's a false detection in this case, as this is an adult game, so of course, it would be trying to display adult content.
From my understanding it will add porn adverts to the PC. It starts itself on system boot.
"The tool creates an autorun entry for itself to run on system startup. When it is run, it creates porn pop ups, which cannot be closed with simple techniques. In addition, the taskmanager and registry editor are disabled. The file needs .NET to run."
It's not the end of the world, but I 100% don't want it on my machine. I've played and unwrapped dozens of Ren'Py games that didn't run into this issue. Maybe a Window's update is flagging them now? Python is a pretty easy langue to sneak in malicious stuff out on the open source side of things. Which Ren'py could be hit with as easily as anyone else.
What version of Ren'py are you using? I am seeing post around Windows make a false alarm on RenPy games which was build on 8.2.3 version. There are also some older hits on 7.x.x versions on reddit.
The need for it to run on system boot is strange, but unless Ren'Py (or VsCode) themselves are purposely sneaking in malware I highly doubt it's anything to worry about.
In terms of adding porn pop-ups/adverts, I've downloaded the project from here countless times for testing and haven't had any problems with that. Anecdotal as that evidence may be.
That being said, I respect not wanting to put your PC at risk.
If I come across any way to prevent Ren'Py from adding such files, without breaking the project, I'll be sure to do so.
The project currently uses v8.3.4, maybe try finding some other projects that use the same version to see if the same ping is given?
← Return to game
Comments
Log in with itch.io to leave a comment.
Update: Looks like it's probably a false flag, doing some more research now.
Original comment:
Hey, downloaded the free Windows version and got a warning about a trojen known as PUA:Win32/PornTool in the files. Quarantined and deleted the whole game to be safe.
I'm assuming the dev didn't add it based on the socials and animation work I've seen. Probably it came from some open source or a dependency thing they are using. Get that checked out pronto and removed in an emergency patch ASAP
Once I hear from the dev that it's been fixed I'll edit or remove this comment. Sorry to be the barer of bad news on your first comment here.
Hey, I appreciate the report. To create this project I've purely used Koikatsu, Ren'Py, and VsCode so I can assure you no trojans or other such viruses have been added by me.
After a bit of research, Win32/PornTool seems to be a grouping that Malwarebytes defines as:
'Porntool. is Malwarebytes’ detection name for a category of trojans that are designed to display adult content on the users’ computer, or to be used to search for adult content (in case of a Toolbar).'
I'd say that it's a false detection in this case, as this is an adult game, so of course, it would be trying to display adult content.
From my understanding it will add porn adverts to the PC. It starts itself on system boot.
"The tool creates an autorun entry for itself to run on system startup. When it is run, it creates porn pop ups, which cannot be closed with simple techniques. In addition, the taskmanager and registry editor are disabled. The file needs .NET to run."
It's not the end of the world, but I 100% don't want it on my machine. I've played and unwrapped dozens of Ren'Py games that didn't run into this issue. Maybe a Window's update is flagging them now? Python is a pretty easy langue to sneak in malicious stuff out on the open source side of things. Which Ren'py could be hit with as easily as anyone else.
What version of Ren'py are you using? I am seeing post around Windows make a false alarm on RenPy games which was build on 8.2.3 version. There are also some older hits on 7.x.x versions on reddit.
The need for it to run on system boot is strange, but unless Ren'Py (or VsCode) themselves are purposely sneaking in malware I highly doubt it's anything to worry about.
In terms of adding porn pop-ups/adverts, I've downloaded the project from here countless times for testing and haven't had any problems with that. Anecdotal as that evidence may be.
That being said, I respect not wanting to put your PC at risk.
If I come across any way to prevent Ren'Py from adding such files, without breaking the project, I'll be sure to do so.
The project currently uses v8.3.4, maybe try finding some other projects that use the same version to see if the same ping is given?
I'll look around and see if I get the same popup from some other games. I'll update my comment for now and circle back.
Looking around online it's probably a false flag