Imagine embedding a crypo miner into the program.... about aio HOT 21 CLOSED

Memory read/write libraries are considered as hacking tools. Those libraries also have ability to attach to processes which also are considered as bad ;)

from aio.

right, so, prove its a crypto miner.

from aio.

Really... u should read => https://github.com/sandboxie-plus/Sandboxie/blob/d3744397204687c586df0854e60855bd017d75ac/Sandboxie/ReadMe.md

Its cryptographic service from Sandboxie u are using.

from aio.

since obfuscation isn't the culprit.

you would be correct.
You can upload many memory editing tools to virus total and end up with 1/3rd flagged. Take cheat engine exe trainers for example.
This is a virus total result of an old tool I wrote for the discord which was all written in cheat engine lua and as you can see there are 29/69 flags

from aio.

It depends on what DLLs u use... Strand uses stripped DDL (Backend.dll) which is better that AIO as to protecting the code and avoiding false positives.

from aio.

Honestly I'm not a stand dev nor do I know anything about how they develop their tools so I cant tell you why or why not they show as safe. I would imagine they have much more experience than us seen as they pretty much run a gta cheating business meanwhile we are just a hobby project

from aio.

It depends on what DLLs u use... Strand uses stripped DDL (Backend.dll) which is better that AIO as to protecting the code and avoiding false positives.

I honestly didn't think about DLLs maybe the tool @ItsLogic was referring to uses a similar DLL as your guy's tool. Once again I didn't try to start the thread to cause issues. And @Yeethan69 it wouldn't be due to obfuscation we both know that... But thank you @IrcDirk and @ItsLogic because it does give me some insight on why it might show as that.

from aio.

Thanks for your understanding, however, obfuscation can cause false positves. im not saying thats the sole reason, but im saying it could contribute to it.

from aio.

There is no cryptominer inside.

from aio.

https://i.imgur.com/QRWNYtJ.png

from aio.

right, so, prove its a crypto miner.

There ya go bud... ^

from aio.

Really... u should read => https://github.com/sandboxie-plus/Sandboxie/blob/d3744397204687c586df0854e60855bd017d75ac/Sandboxie/ReadMe.md

Its cryptographic service from Sandboxie u are using.

Alright you did prove me wrong there, I do accept that but 20+ flags on VT? That isn’t due to obfuscation…

from aio.

after being proved wrong about the crypto mining accusation, which isn't a light one to make btw, you are backpeddling to a virustotal result, that means little to nothing without further investigation. Thanks IrcDirk

from aio.

@HYXHost
If you are afraid, simply dont use it.
That will be the solutions to all your problems in life.

from aio.

im going to close this now as you clearly don't know what you are talking about when it comes to these virus claims. If you find any evidence, any single shred of evidence that this programme is malicious, feel free to re-open it.

from aio.

As I stated I was wrong and I think it's decent that I said that publicly without trying to justify myself. But no a VirusTotal scan is not at all something to scoff at and say "no big deal" when 1/3 of the tool is flagged. If you can enlighten me on that I would love to know, since obfuscation isn't the culprit.

@GRB nothing about being afraid, just looking out for a modding community.

from aio.

I definitely get that, I am coming from the premise and knowledge of RTE/RTM tools back on 360 and PS3 so apologies if I don't understand PC modding as much. However, I don't think that would have 20+ flags as I downloaded another tool yesterday that is an external tool for FH5 and no issues at all, no flags, nothing on VT or anything. I am just looking for a valid explanation for that many issues with an exe.

from aio.

since obfuscation isn't the culprit.

you would be correct. You can upload many memory editing tools to virus total and end up with 1/3rd flagged. Take cheat engine exe trainers for example. This is a virus total result of an old tool I wrote for the discord which was all written in cheat engine lua and as you can see there are 29/69 flags

The only reason I am so curious is that the tool "Stand for FH5.exe" has no false positives or flags at all and the AIO has 20+ flags (whether they be false or not)
VirusTotal for the Stand for FH5
https://www.virustotal.com/gui/file/e87b1fcb789b6957b5c99a1393738e928d3918f1e46db20f761d57ad015aa385/detection/f-e87b1fcb789b6957b5c99a1393738e928d3918f1e46db20f761d57ad015aa385-1638026101

from aio.

stands gui is also not obfuscated. All the mods are in the dll as to protect the methods and such, as IrcDirk said. Along with that, their tool is a lot smaller than the obfuscated aio so less points to get swept up as false positive.

from aio.

Thanks for your understanding, however, obfuscation can cause false positves. im not saying thats the sole reason, but im saying it could contribute to it.

Oh absolutely, I know it can definitely add to it as false positives depending on the obfuscation methods and tools involved.

from aio.

Obfuscation is only false positives cause virus scanners, refuse to implement taggant certificate.
Read
https://standards.ieee.org/content/dam/ieee-standards/standards/web/documents/other/taggant.pdf

from aio.