Do not use PoE Smoother

[10h98sjdokaj]

Moderator note: This seems to be misinformation. In the provided 'evidence' you can see that the file has unsaved changes and that there is a green line on the left in the block of malicious code. This strongly suggests that this code was added locally by whoever created this screenshot.

[tvinki]

what im looking ?
getvalue cryptography ?

[Sychotix]

What do you find suspicious in this? Have you done some analysis on the file it downloads?

Vmv was a fairly trusted member of this forum so I'd be pretty surprised if it was anything sketch.

[AntonLogvinov]

what im looking ?
getvalue cryptography ?

key4.db is a file where firefox store passwords

[madd123]

lazy to unpack confuser, but quickly checked strings of poesmoother with debugger, found all from screenshot (except last 3 (poe config, mozilla path and key4.db)
which means one of: u r lying / got smoother not from vmv (so someone else added this after unpacking (did you even unpack it urself?)) / only this 3 strings extra obsfuscated for some reason (which is not the case on ur screenshot)
need more proofs, record video with unpacking process, so everyone could repeat and check themself on poesmoother version they had from vmv or need someone with reputation, who could unpack it and approve it is true (which is most likely not)

[vmv]

Fake crap.
There are no "poe config...mozilla path...key4.db" in the original code.

Try harder & thanks for the attention.
So many idiots trying so hard to hack a "downloader", it's just crazy,

[Sychotix]

Something I noticed supporting this being fake... if you look in the top right of his hovered class, you can see a * next to the file name. This indicates a change was made, but not yet saved.
EDIT: Also, someone pointed out the green line to the left of the malicious code so that is likely added to that chunk.

As I said before, I have no reason not to trust Vmv and his response confirms that this is not the result of the server being compromised to distribute a bad file. I will leave this open for a little while so that OP has time to rebuttle, but please keep the drama in check until then.

[vmv]

Something I noticed supporting this being fake... if you look in the top right of his hovered class, you can see a * next to the file name. This indicates a change was made, but not yet saved.

As I said before, I have no reason not to trust Vmv and his response confirms that this is not the result of the server being compromised to distribute a bad file. I will leave this open for a little while so that OP has time to rebuttle, but please keep the drama in check until then.

I think the OP it's a pissed member of discord, bcz PoeSmoother is no longer free, aaand he got banned.
I might be wrong.
But there will be more these days, for sure!

[Sychotix]

I'm just going to close this thread. The screenshot has way too many signs of being fake and is just spreading misinformation. I am also going to add a note to the first post saying as such. if OP has actual proof, feel free to PM me and I can reopen this thread for discussion. I also will not be punishing OP as I have no proof that he is intentionally spreading misinformation as he may have just been unaware.