3. Menyoo Virus Total Scan
Log in to reply
 

Menyoo Virus Total Scan


  • So, I was told by some gentlemen that I should not question the validity of Menyoo, so I decided to use VirusTotal to scan the RAR and the ASI files. Both scans show Menyoo as a virus, I have SEP (antivirus definition dated Apr 5th), SEP never before raised any red flags till today.

    Just because Menyoo is a well known mod within our community does not guarantee anything. Other AV soft may not detect it as a virus yet, because the definitions may not yet be updated. I understand that everyone here is a pro and knows everything about viruses, but still a few AVs detect it as a virus.

    Been using Menyoo since 2015, odd for it to be identified as a virus 3 years later, after the paid version got shutdown.

    ASI scan:
    https://www.virustotal.com/#/file/bb891d3153096df3233cc32ec461f7f6a09e299ad0fd4b2c6a6b5232b4fd52a5/detection

    RAR scan:
    https://www.virustotal.com/#/file/d07b0e4f5b174dba18a0b37dcb3a56d18dfc294f4f2e2bb028b0ccf2f17fc1c1/detection

    3

  • @useruser111 Anti-viruses can be wrong. I personally have had one of my mods be flagged as a bitcoin miner by Kaspersky, but it obviously is not (and you can always decompile it to be sure). My mod was also flagged a long time after it was first uploaded.

    3

  • @useruser111 I upvoted only because you received an unnecessary downvote. I'd often read it as false-positive but VirusTotal is strangely reading it with 3 different viruses... the fuck?

    3

  • @Jitnaught I unfortunately do not have knowledge of scripts, so it would be nice to get some more in depth analysis by someone with proper experience. I know about false positives, and that AV can be wrong, but I cannot take your word for it, after all we are talking about security of information. Don't get me wrong, not trying to be disrespectful.

    1

  • @useruser111 Judging by other users' experiences I have reasonable doubt that the mod is malware. Not a single user I know of has reported any suspicious behaviour regarding Menyoo. Menyoo is so popular, wouldn't you think at least one user found that his computer was taken over, or his usernames and passwords stolen?

    I know that doesn't mean it isn't malware, but it's pretty good evidence.
    We can also report it to the anti-viruses so that they can take a closer look.

    3
  • M
    MODERATOR

    @useruser111 said in Menyoo Virus Total Scan:

    Just because Menyoo is a well known mod within our community does not guarantee anything. Other AV soft may not detect it as a virus yet, because the definitions may not yet be updated. I understand that everyone here is a pro and knows everything about viruses, but still a few AVs detect it as a virus.

    Yeah, that's very likely: a longstanding member of this community, with a reputation of being one of the best modders out there, whose main mod has been downloaded and used zillions of time, by almost everyone here, would suddenly resort to putting a virus in his mod and destroy his reputation overnight. /sarcasm

    Windows Defender says it's clean, btw.

    "Are you having fun? You remember fun? It's that thing you pretend to have while documenting every moment, meal and faux memory. I've got a challenge for you: turn your phone off for a day and see how uncomfortable you get." -- Cara Delevingne

    0
  • MODERATOR

    @useruser111 It looks like false positives as someone told here already before.

    Also, why are you guys using so many Anti-Virus programs? I've never used any (and I download a lot of things every day) and all my PCs worked perfectly without infections or anything like that.
    Curiously, the people I had to repair the PC from viruses were having 1 or more Anti-Virus on their systems.

    What I mean with all of this: If you take care of what you download/install and which online websites you visit, you don't have to worry about nothing.

    Join us in the 5Mods Discord -> No GTA:Online. Singleplayer ONLY.
    imgur

    2

  • Hey guys. Just rescanned, and more AVs show this mod as a virus. Even if someone does have their info compromised by this mod, none of us will know it, specially the fact that it was due to this mod. We cannot see what this mod does in the background either. Norton Power Eraser picked it up as well, just now, and Symantec blocks the download all together.

    Should the mod creator comment on the situation at this point. There are too many red flags popping, all of a sudden. I get if one AV didn't trust this file, but when there 8 all at once.

    Hope there is some sort of resolution for this, cause I like this mod.

    0
  • MODERATOR

    @useruser111
    You can always throw Wireshark on. ALL .dll and .asi more are purely based on trust. Menyoo just uses an anti-debugger thing so that's probably what trips some AVs.

    1
  • R
    MODERATOR

    @useruser111 my AV hasn’t flagged it?

    Good Yard

    1

  • @Reacon Not all of them do.

    0
  • R
    MODERATOR

    @Jitnaught true

    Good Yard

    1

  • @ikt @Jitnaught @Reacon @useruser111

    This story is just becoming more and more familiar the more I read it. I recall Cheat Engine, one of the most well known cheating programs around the web was being called out for a similar issue, where it was being claimed as malware, or some type of trojan by many AV programs.

    Funny thing is, the devs themselves even stated that "Cheat Engine is not a virus, however Cheat Engine is programmed in similar ways to that of a trojan, where data and important parts of your computer can be accessed and altered without administrative privileges thus causing Cheat Engine to trip most AVs and be marked dangerous." (though technically when you start Cheat Engine you should know you'll be prompted with a request if "this program can make changes to this computer" (Windows 7/8/10))

    I'm inclined to think that Menyoo is probably using similar techniques to Cheat Engine hence why it's being flagged as a trojan. Has anybody else considered scanning trainers other than Menyoo?

    2
  • MODERATOR

    @krashadam
    All mods are put through VirusTotal, including tools and other trainers.

    Most trainers just use the natives and at most do some pattern scanning and pointer manipulation. As Unknown said on Discord, it's the .exe/.dll protection that causes this detection. Maybe some virus scanners don't like that they can't work with Menyoo due to its protection.

    3

  • @ikt Symantec got back to me, and concluded that this is indeed not a virus.

    In relation to submission 83590.

    Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:

    File name: menyoo.asi
MD5: 6569D745305A26E5DC961390BA9EE44F
SHA256: BB891D3153096DF3233CC32EC461F7F6A09E299AD0FD4B2C6A6B5232B4FD52A5
Note: Whitelisting is available by downloading a RAPID RELEASE indicated in the Further Information section below or via the next Live Update
    4
  • M
    MODERATOR

    @useruser111 said in Menyoo Virus Total Scan:

    @ikt Symantec got back to me, and concluded that this is indeed not a virus.

    In relation to submission 83590.

    Upon further analysis and investigation we have verified your submission and, as such, the detection(s) for the following file(s) will be removed from our products:

    File name: menyoo.asi
MD5: 6569D745305A26E5DC961390BA9EE44F
SHA256: BB891D3153096DF3233CC32EC461F7F6A09E299AD0FD4B2C6A6B5232B4FD52A5
Note: Whitelisting is available by downloading a RAPID RELEASE indicated in the Further Information section below or via the next Live Update

    "I informed you thusly!" (in Sheldon Cooper speak); aka, I told ya! :)

    "Are you having fun? You remember fun? It's that thing you pretend to have while documenting every moment, meal and faux memory. I've got a challenge for you: turn your phone off for a day and see how uncomfortable you get." -- Cara Delevingne

    1

  • So you caught on.
    Three years, I waited. Patiently loitered around until the time was right.
    In hindsight, it was all a scam to begin with.
    And I did, in fact, get away with it.
    But I regret it now, all of it.
    All the passwords weren't worth it. All this money can't even satisfy me now.
    The Book is right. Blessings and curses, they exist.
    I wish I could do things differently, but I'm stuck as this laughable old man now.
    I'm only admitting this so it can give me ease in some way, otherwise I'd spend my time drinking like the heartless demon I am.
    I hope you can forgive me loljk.

    5

  • @MAFINS LOL

    2
  • R
    MODERATOR

    @MAFINS lmao

    Good Yard

    2

  • @MAFINS I know this might be coming at you with poor and unfortunate timing, but Mafins I am YOUR father!

    3

  • @eshenk said in Menyoo Virus Total Scan:

    @MAFINS I know this might be coming at you with poor and unfortunate timing, but Mafins I am YOUR father!

    :laughing: :laughing: :laughing:

    1
Log in to reply
 

Looks like your connection to GTA5-Mods.com Forums was lost, please wait while we try to reconnect.