Levelbuddy - new multibox software for WoW

Can someone else please verify?

hmm from https://virusdesk.kaspersky.com/#scanresults

Scan result
threats detected
Threat name
Trojan-Spy.Win32.Xegumumune.bov
File size
4.49 MB
File type
PE64/EXE
Scan date
Aug 17 2019 17:01:44
Databases release date
Aug 17 2019 23:30:47 UTC
MD5
71cd8e9238c72f7b38480c5e4ae8e081
SHA1
f8d15a47ced60881ea415a91626dc1cf6a038e3b
SHA256
199ed0c0860cb35a92170907bbe3b2ae06e628a9e07ec06b1e 32e7591f5ce42a

If you have downloaded, check if you are infected, this virus is tagged as SEVERE by Microsoft

There's a complete description on the Microsoft website

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanSpy:Win32/Worsmep.A

Quote:

---

Originally Posted by muldorante

If you have downloaded, check if you are infected, this virus is tagged as SEVERE by Microsoft

There's a complete description on the Microsoft website

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanSpy:Win32/Worsmep.A

---

Worsmep.A != Xegumumune

it could still be a false positive but... would be nice for the author to chime in

Quote:

---

Originally Posted by tank1

virus detected with the software and an error comes up saying theres a memory error when shutting down my computer. Windows auto deletes.

---

Which virus and with software? I see only Cylance "unsafe" for unknown reason (probably because of UPX).

Can please clarify what is "error comes up saying theres a memory error"? May be text or screenshot?

I am not familiar with Qt framework which I use and may be I incorrectly handle program exit.

Ups sorry, I checked exe from another my project :(
There is correct exe:

No threats detected in lev​e​l​_​b​u​d​d​y​.​exe

The scan was performed using anti-virus databases.Submit for analysis
Scan result
no threats detected
File size
4.49 MB
File type
PE64/EXE
Scan date
Aug 18 2019 11:51:24
Databases release date
Aug 18 2019 08:36:12 UTC
MD5
71cd8e9238c72f7b38480c5e4ae8e081
SHA1
f8d15a47ced60881ea415a91626dc1cf6a038e3b
SHA256
199ed0c0860cb35a92170907bbe3b2ae06e628a9e07ec06b1e 32e7591f5ce42a



Guys, can you please UNPACK your exe and check it again?

Unpack command is "upx -d level_buddy.exe".

I used virustotal.com for checking before download. It was 2 or 3 warnings from little antiviruses because of UPX packing. I can but do not want to stop packing because QT programs are fuckingly large https://www.dual-boxing.com/images/smilies/frown.png

Quote:

---

Originally Posted by sharpMouse

I used virustotal.com for checking before download. It was 2 or 3 warnings from little antiviruses because of UPX packing. I can but do not want to stop packing because QT programs are fuckingly large :(

---

This is a VT scan from last night:

https://www.virustotal.com/gui/file/...e42a/detection

It looks like a lot of heuristics, especially since none of the big names don't see anything suspicious, so it can stay up for now. However, if anyone else in the community would rather a different action be taken, then report the original post and share your thoughts on the matter.

I would recommend getting a Code Signing Certificate. This allows you to sign your executable, which should help prevent tampering, should reduce false positives (Signed binaries are treated a little bit differently by heuristic/general scans, for most antivirus/etc software), and should boost user confidence in the software.

I question the benefit of actually packing with UPX though. If we were talking about metered bandwidth for downloads, a zip file or a standard installer has the same reduction benefits. And I don't know about anyone else but it's not going to make one iota of a difference to me whether a random executable is 5mb or 10mb. I can't fit anything extra on my hard drive because the executable was packed down to 5, etc. Besides: it's your whole program, 5mb vs 10mb is negligible in 2019. :) In my book, the main reason to use a packer is to try to hide things from analysis, which subsequently is why those antivirus products treat it poorly.

So my second recommendation is to just drop UPX packing.

Quote:

---

Originally Posted by sharpMouse

The program is free till september - I am still thinking about monetization. The main idea is subscription like 1$ per week so you can level the character to cap just for a few dollars. Any ideas there are also welcome.

---

hi $1 x 52 = $4.3 a week $52.00 a year for your software

vs isboxer priceing

90 days = $15 vs $12 (Yours )
360 days= $50 vs $52 ( yours )

this is without the offers.


i would really think about your price structure. unless your just cashing in from classic.

and the name does sound like a 101010101 so maybe a new name like some others have said


ps welcome

Quote:

---

Originally Posted by Lax

I would recommend getting a Code Signing Certificate.

---

Good idea, didn't think about it before.

Quote:

---

So my second recommendation is to just drop UPX packing.

---

Did it, thank you as well.

Quote:

---

i would really think about your price structure. unless your just cashing in from classic.

---

I think mostly about Classic but this is too late :( I plan to make it free with Patreon/PayPal donations because I have only about 300 exe downloads and didn't expect this number to increase soon. I guess such number of downloads it doesn't worth to implement payment system and just put button "say thank$" instead.

Quote:

---

and the name does sound like a 101010101 so maybe a new name like some others have said

---

The name was chosen intended to attract more attention.

Quote:

---

Originally Posted by sharpMouse

The name was chosen intended to attract more attention.

---

So you purposely named it after a well know bot, for the added attention.

Hope it doesn't backfire on you.