Thanks to @Schwim@lemmy.zip for the solution. The solution can be found in this reddit post. (click here to use a front end to view the reddit post)
Solution
To verify that a game is from the official GOG store and has not been tampered with, you can follow these steps:
- Right-click on the game and click properties
- Click on Digital signature
- Check if it says GOG Sp. z o.o. (note that the amounts of dots in the name might be different from older and newer releases) If you want the fast and less safe option your done else go to step 4.
- Click on Details and then Advanced
- Click on the numbers marked with red
- Copy the value
- Open the GitHub link https://github.com/hippie68/gogcheck/blob/master/gogcheck and search for the copied value (Ctrl + F) If you get a match, the software is signed by GOG and has not been tampered with.
You must log in or register to comment.
I found this on a Reddit thread, hopefully this gets you on the right track:
“I think checking for the GOG sp. z o.o signature is good enough but checking with AV can also be good. If the exe file has been tampered with, then the digital signature would be invalidated. If the bin files have been tampered with, then running the untampered exe will give the error: https://imgur.com/a/9e5lIZ7. They should be legit as long as it has the legit GOG digital signature. GOG has different signatures for older and newer games btw. You can use https://github.com/hippie68/gogcheck to check the games.”
Thanks. It worked.
