Jump to content
  1. Welcome!

    1. Welcome to GTAForums!

  2. News

    1. GTANet.com

  3. Multiplayer

    1. GTA Online

      1. The Criminal Enterprises
      2. Updates
      3. Find Lobbies & Players
      4. Guides & Strategies
      5. Vehicles
      6. Content Creator
      7. Help & Support

    2. Red Dead Online

      1. Blood Money
      2. Frontier Pursuits
      3. Find Lobbies & Outlaws
      4. Help & Support

    3. Crews

  4. Grand Theft Auto

    1. Grand Theft Auto Series

      1. Bugs*
      2. St. Andrews Cathedral

    2. GTA VI

    3. GTA V

      1. Guides & Strategies
      2. Help & Support

    4. GTA IV

      1. The Lost and Damned
      2. The Ballad of Gay Tony
      3. Guides & Strategies
      4. Help & Support

    5. GTA San Andreas

      1. Classic GTA SA
      2. Guides & Strategies
      3. Help & Support

    6. GTA Vice City

      1. Classic GTA VC
      2. Guides & Strategies
      3. Help & Support

    7. GTA III

      1. Classic GTA III
      2. Guides & Strategies
      3. Help & Support

    8. Portable Games

      1. GTA Chinatown Wars
      2. GTA Vice City Stories
      3. GTA Liberty City Stories

    9. Top-Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
  5. Red Dead

    1. Red Dead Redemption 2

      1. PC
      2. Help & Support

    2. Red Dead Redemption

  6. Modding

    1. GTA Mods

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials

    2. Red Dead Mods

      1. Documentation

    3. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop

    4. Featured Mods

      1. Design Your Own Mission
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
  7. Rockstar

    1. Rockstar Games

    2. Rockstar Collectors

  8. Community

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Movies & TV
      5. Music
      6. Sports
      7. Vehicles

    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
  9. GTANet

    1. Announcements

    2. Support

    3. Suggestions

Official Modification Forum Rules
*DO NOT* SHARE MEDIA OR LINKS TO LEAKED COPYRIGHTED MATERIAL. Discussion is allowed.

[Xbox360-PS3-PC] GTA V Save Editor (By: XB36Hazard)

XB36Hazard

By XB36Hazard,
in Tools

 Share

Recommended Posts

hyperar

hyperar

Posted
Posted (edited)

 

 

Obfuscation and encryption are different things, and you really didn't explained why do you make you software to sleep a thread for 18 days when it detects that it's being analysed (it has nothing to do with source code), nor why do you need to stole information from local web browser, among other things that are much much worrying that what you explained. Why do you need to get which connections are available on the machine, why did you send control codes directly to devices? why don't you just used standard .NET objects to do basic things such as HTTP requests?.

 

I'm a senior C# developer, but i'm not familiarized with many, many of the things your software does, and i don't really find a motive on why do you need to do all this stuff before even running.

 

What you're saying doesn't have much sense, if you don't want your source code stolen, then obfuscate it, that's more than enough for 95% of the cases, and i don't think any company is interested on your code.

The application doesn’t sleep for 18 days nor does it take information for local web-browsers. As for checking what network connections are available; it checks to see if there is a network connection and the it checks to see if there is internet connect so that it can check for updates. The editor also doesn’t send control codes to devices unless if it’s checking for a USB for the Xbox 360. And who said anything about companies wanting my code? I obfuscate and encrypt my editor and resources and I always will. Most if not all the things you are talking about are based on an analysis program that uses signatures to detect what is malware. You guys can say it does this and that but can’t give real sold evidence that it’s actually doing anything.

 

 

Yes it does, that was very clear on the malwr.com report, it is not a false positive, it is not an AV telling you that it is SomeTrojant.Variant864123, it is telling you what actions were performed (or tried to) on a system. Do you check network connections by finding files on the file system? that is an interesting aproach, that doesn't even tell you if one of those is active, nor tells you that you're online. If it send control codes to the XBox by USB, why does it send control code to network adapters?. The thing is about your source code, you have one hell of a save game editor, but obfuscating will be enough for stoppoing almost any developer to access your code, but you went the extra mile and encrypted everything, that sounds like too much.

 

Another thing, why do you need to pack your editor with a virtualization packager if it uses .NET Framework, that's pretty standard, any Windows machine has it.

 

Again, this isn't an AV that checks singatures, it captures the actions your software is performing on the system, it's not a false positive, it's the software behaviour.

Edited by hyperar
Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted

I still think your editor itself is a great program so I have no doubts you can proof that that code is legit. However, with all due respect, it's an advanced hex editor with graphical user interface. It doesn't even do save data decryption/encryption itself, it uses flatz' tool like Bruteforce. Does it really need this level of 'protection'? I'd really like to trust you because as I posted before, I do see the genuine effort you put into the actual program. But to me those signatures amount to too many suspicious actions. How does hiding from analysis tools protect source code in any way?

 

Also, what do you hope to gain from making this editor? Do you really just want to serve the public for fun? I'm aware this is an incredibly naive question, but I don't really know how to get this across otherwise. Pretty much everything that seems too good to be true on the web is a scam.

 

The editor does do save data decryption and encryption. All GTA V saves are encrypted. Flayz tool is only for decrypting and encrypting PS3 saves. Then my code decrypts the GTA V save. To me yes it does need this level of protection. If you have seen what other programs I made and what other modding community members have done with it you would also put this much protection on such a project. This is why you don't see another save editor like it. I don't have anything to gain from the editor. It's a hobby for me and it's something fun to do.

 

 

 

Obfuscation and encryption are different things, and you really didn't explained why do you make you software to sleep a thread for 18 days when it detects that it's being analysed (it has nothing to do with source code), nor why do you need to stole information from local web browser, among other things that are much much worrying that what you explained. Why do you need to get which connections are available on the machine, why did you send control codes directly to devices? why don't you just used standard .NET objects to do basic things such as HTTP requests?.

 

I'm a senior C# developer, but i'm not familiarized with many, many of the things your software does, and i don't really find a motive on why do you need to do all this stuff before even running.

 

What you're saying doesn't have much sense, if you don't want your source code stolen, then obfuscate it, that's more than enough for 95% of the cases, and i don't think any company is interested on your code.

The application doesn’t sleep for 18 days nor does it take information for local web-browsers. As for checking what network connections are available; it checks to see if there is a network connection and the it checks to see if there is internet connect so that it can check for updates. The editor also doesn’t send control codes to devices unless if it’s checking for a USB for the Xbox 360. And who said anything about companies wanting my code? I obfuscate and encrypt my editor and resources and I always will. Most if not all the things you are talking about are based on an analysis program that uses signatures to detect what is malware. You guys can say it does this and that but can’t give real sold evidence that it’s actually doing anything.

 

 

Yes it does, that was very clear on the malwr.com report, it is not a false positive, it is not an AV telling you that it is SomeTrojant.Variant864123, it is telling you what actions were performed (or tried to) on a system. Do you check network connections by finding files on the file system? that is an interesting aproach, that doesn't even tell you if one of those is active, nor tells you that you're online. If it send control codes to the XBox by USB, why does it send control code to network adapters?. The thing is about your source code, you have one hell of a save game editor, but obfuscating will be enough for stoppoing almost any developer to access your code, but you went the extra mile and encrypted everything, that sounds like too much.

 

Another thing, why do you need to pack your editor with a virtualization packager if it uses .NET Framework, that's pretty standard, any Windows machine has it.

 

Again, this isn't an AV that checks singatures, it captures the actions your software is performing on the system, it's not a false positive, it's the software behaviour.

 

You need to stop using reports and start using hard evidence! I'm not going to go back a forth with you. You can say one thing and I can say another. But nothing will change your mind. You can say encrypting everything it too much but to me it's not. From what I have been through with other members stealing things what I currently have is still not enough!

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

 

I still think your editor itself is a great program so I have no doubts you can proof that that code is legit. However, with all due respect, it's an advanced hex editor with graphical user interface. It doesn't even do save data decryption/encryption itself, it uses flatz' tool like Bruteforce. Does it really need this level of 'protection'? I'd really like to trust you because as I posted before, I do see the genuine effort you put into the actual program. But to me those signatures amount to too many suspicious actions. How does hiding from analysis tools protect source code in any way?

 

Also, what do you hope to gain from making this editor? Do you really just want to serve the public for fun? I'm aware this is an incredibly naive question, but I don't really know how to get this across otherwise. Pretty much everything that seems too good to be true on the web is a scam.

 

The editor does do save data decryption and encryption. All GTA V saves are encrypted. Flayz tool is only for decrypting and encrypting PS3 saves. Then my code decrypts the GTA V save. To me yes it does need this level of protection. If you have seen what other programs I made and what other modding community members have done with it you would also put this much protection on such a project. This is why you don't see another save editor like it. I don't have anything to gain from the editor. It's a hobby for me and it's something fun to do.

 

 

 

Obfuscation and encryption are different things, and you really didn't explained why do you make you software to sleep a thread for 18 days when it detects that it's being analysed (it has nothing to do with source code), nor why do you need to stole information from local web browser, among other things that are much much worrying that what you explained. Why do you need to get which connections are available on the machine, why did you send control codes directly to devices? why don't you just used standard .NET objects to do basic things such as HTTP requests?.

 

I'm a senior C# developer, but i'm not familiarized with many, many of the things your software does, and i don't really find a motive on why do you need to do all this stuff before even running.

 

What you're saying doesn't have much sense, if you don't want your source code stolen, then obfuscate it, that's more than enough for 95% of the cases, and i don't think any company is interested on your code.

The application doesn’t sleep for 18 days nor does it take information for local web-browsers. As for checking what network connections are available; it checks to see if there is a network connection and the it checks to see if there is internet connect so that it can check for updates. The editor also doesn’t send control codes to devices unless if it’s checking for a USB for the Xbox 360. And who said anything about companies wanting my code? I obfuscate and encrypt my editor and resources and I always will. Most if not all the things you are talking about are based on an analysis program that uses signatures to detect what is malware. You guys can say it does this and that but can’t give real sold evidence that it’s actually doing anything.

 

 

Yes it does, that was very clear on the malwr.com report, it is not a false positive, it is not an AV telling you that it is SomeTrojant.Variant864123, it is telling you what actions were performed (or tried to) on a system. Do you check network connections by finding files on the file system? that is an interesting aproach, that doesn't even tell you if one of those is active, nor tells you that you're online. If it send control codes to the XBox by USB, why does it send control code to network adapters?. The thing is about your source code, you have one hell of a save game editor, but obfuscating will be enough for stoppoing almost any developer to access your code, but you went the extra mile and encrypted everything, that sounds like too much.

 

Another thing, why do you need to pack your editor with a virtualization packager if it uses .NET Framework, that's pretty standard, any Windows machine has it.

 

Again, this isn't an AV that checks singatures, it captures the actions your software is performing on the system, it's not a false positive, it's the software behaviour.

 

You need to stop using reports and start using hard evidence! I'm not going to go back a forth with you. You can say one thing and I can say another. But nothing will change your mind. You can say encrypting everything it too much but to me it's not. From what I have been through with other members stealing things what I currently have is still not enough!

 

 

So the log of actions performed by your software before even running is not "hard evidence", editing system registry keys and tampering system files, is not hard evidence.

 

In my point of view, you got some serious explaining to do, and i can't really see you having an explanation for most of this stuff, i don't care about your source code, it's obvious that your editor's code is clean, it's all the other things that are on the package and run that worries me (too bad it's all packed and encrypted so nobody can't "see the code", we don't get to see what else it running either), Why do you drop several GTA V.exe files hidden like rootkit and delete them as soon as loaded so they can't be analysed?, Why several?, Do you deliver several editors each time?, Why all with the same name?, it doesn't affect your precious source code.

 

EDIT: I see a "don't run it if you don't trust it" post coming soon.

Edited by hyperar
Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted

 

You need to stop using reports and start using hard evidence! I'm not going to go back a forth with you. You can say one thing and I can say another. But nothing will change your mind. You can say encrypting everything it too much but to me it's not. From what I have been through with other members stealing things what I currently have is still not enough!

 

 

So the log of actions performed by your software before even running is not "hard evidence", editing system registry keys and tampering system files, is not hard evidence.

 

In my point of view, you got some serious explaining to do, and i can't really see you having an explanation for most of this stuff, i don't care about your source code, it's obvious that your editor's code is clean, it's all the other things that are on the package and run that worries me (too bad it's all packed and encrypted so nobody can't "see the code", we don't get to see what else it running either), Why do you drop several GTA V.exe files hidden like rootkit and delete them as soon as loaded so they can't be analysed?, Why several?, Do you deliver several editors each time?, Why all with the same name?, it doesn't affect your precious source code.

 

EDIT: I see a "don't run it if you don't trust it" post coming soon.

 

 

Should i asume we are not getting answers from you?

Link to comment
Share on other sites
DelPaako

DelPaako

Posted
Posted

I like how this went from "tell me if there's any issues" to "malware, scam, stealing info, registery, blah, blah, blah." I've been using this editor pretty much since release, and I have had absolutely ZERO issues with it "besides the car spawner. I haven't gotten any viruses, no strange activity whatsoever. Maybe yours is different, I don't know, I'm not you.

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

I like how this went from "tell me if there's any issues" to "malware, scam, stealing info, registery, blah, blah, blah." I've been using this editor pretty much since release, and I have had absolutely ZERO issues with it "besides the car spawner. I haven't gotten any viruses, no strange activity whatsoever. Maybe yours is different, I don't know, I'm not you.

 

That's what you think. Again, Do you want to keep using it? go ahead, it's proven that it does stuff to your system, but i'm not your father to tell you what to do, nor i want to, but please, DO NOT lie to other people, there is a timeline with all the actions that it performs, that's not a false positive, those are actions being recorded, you even have the exact moment when that is happening.

 

I'm not telling you who you should believe, people should make up their own minds, there's this person that give you an editor packed and encrypted so you can't see what's in there, he says that he does that for protecting the "source code" (i already stated my opinion on the topic) and then you have a (actually several, from different versions of the software) detailed report of actions being performed and with a timestamp. You choose who to believe.

 

P.S.: It's quite fun to see how you make up your mind when you represent myself as "malware, scam, stealing info, registery, blah, blah, blah.", i guess that you need more than just evidence to be convinced, i mean, it's not like you got a popup saying that you're infected, right?, so all must be good.

Edited by hyperar
Link to comment
Share on other sites
reditec

reditec

Posted
Posted

Well, I'm reading this topic since some days and I guess an impartial moderator should review this tool, because it seems to contain malware and I guess no-one wants this site to share links to malware. :)

Maybe hyperar talks bullsh*t, maybe XB36Hazard does. But I don't care on those conversations, I want to see proofs :)

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

Well, I'm reading this topic since some days and I guess an impartial moderator should review this tool, because it seems to contain malware and I guess no-one wants this site to share links to malware. :)

Maybe hyperar talks bullsh*t, maybe XB36Hazard does. But I don't care on those conversations, I want to see proofs :)

 

And with proofs you mean?, because i'm under the impression that people are disregarding the reports as if they were saying that the editor is infected with SomeTrojan.Variant45746783, which at this point, we all know means nothing, i got my own software flagged by my own AV. But in this case, the editor is being executed on a controlled environment were it's actions are being logged, this last version wasn't submitted by me, but by another user, you can submit it yourself to verify that the right file is being analysed. It is not, by any means, what XB36Hazard is saying, it is not an AV "signature" detection, they are facts, there is not chance that's a mistake.

 

When the report says that the editor install itself in Windows startup is because the machine where it was ran detected that:

 

1) It edited the following registry keys:

HKEY_USERS\\S-1-5-21-1547161642-507921405-839522115-1004\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon.
HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\.net clr networking\\Performance.
2) It modified the following files:
C:\\WINDOWS\\win.ini
C:\\WINDOWS\\assembly\\GAC_MSIL\\System\\2.0.0.0__b77a5c561934e089\\System.INI
Not because SomeTrojan.Variant45746783 is known to install itself in Windows startup. Do you understand the difference?
I'm not saying that it steals your bank's website credentials, or makes your system part of a botnet to perform DDOS attacks, all i'm saying is what i know, that it installs itself on the system, modifies system files, hooks itself to Windows startup, send control codes to different devices tries to hide itself from known malware analysis tools, what it does after that?, i don't know, but it is a clear indicator that it wants to do things other that edit your save games.
XB36Hazard says "The editor also doesn’t send control codes to devices unless if it’s checking for a USB for the Xbox 360", well, page 13 of the report says another thing, but lets say that "AMD PCNET Family PCI Ethernet Adapter - Packet Scheduler Miniport" (again, page 13 of the report) has something to do with XBox360 or USB devices in general, which i doubt for obvious reasons, why does it look for the XBox before the app started?, the app crashes (possibly on purpose to stop analysis) before opening.
I'm asking specific questions, i'm not asking "what does your editor does?", nor i'm asking for the source code, he's is denying actions that were logged, he's denying FACTS, and then pretends to be offended and stopped answering, he was online today, didn't answered anything.
Edited by hyperar
  • reditec and gooby
  • Like 2
Link to comment
Share on other sites
vortexHD

vortexHD

Posted
Posted (edited)

Im very paranoiac.

Smthing

Go out of this forum paranoiac guy =|

His editor working and I want say thanks for it.

Edited by vortexHD
Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted

 

Im very paranoiac.

Smthing

Go out of this forum paranoiac guy =|

His editor working and I want say thanks for it.

 

 

Thanks for your constructive comment, now go away, ok?. Damn trolls

Link to comment
Share on other sites
gooby

gooby

Posted
Posted (edited)

To me yes it does need this level of protection. If you have seen what other programs I made and what other modding community members have done with it you would also put this much protection on such a project. This is why you don't see another save editor like it. I don't have anything to gain from the editor. It's a hobby for me and it's something fun to do.

Sounds like a contradiction to me. What horrible things have modders done with your other programs then? Sold as their own? Sure, that's annoying but if you keep distributing them for free then it wouldn't need to bother you since you don't do it to make gains. I'd love to hear examples of what has been done to make you so safeguarding of your code, if it's just a hobby product you share for free.

 

It's a free hex editor with neat user friendly UI and lots of features. What exactly is keeping you from making this open source altogether? Your ego? Or the fact you want to keep full control over everything this .exe does? People can use it absolutely free but may not look inside?

Edited by gooby
  • reditec, thehambone and hyperar
  • Like 3
Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

There's something that's been on my mind and that is, i know that you cherish your source code, i do aswell, but, did you really paid the USD9000 that Spoon Virtual Apllication Studio is worth? I mean, that's the packer you used, coincidentally, that very same packer is commonly used on malware such as Zbot trojan, but i digress, did you really paid that much to protect your source code? That's a lot for a software that you hand out for free

Edited by hyperar
  • gooby and reditec
  • Like 2
Link to comment
Share on other sites
reditec

reditec

Posted
Posted

Another point: Condole modding is completely illegal. Why does this site share illegal links? :)

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

Looking a little to see if i could find some more info, the website domain is registered through Launchpad Inc, and the person that registered it was "Me Me", so it's anonymous.

 

EDIT:

5QaEGIo.png

Edited by hyperar
Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted (edited)

 

Sorry I didn’t answer you other day; I didn’t want to waste the time like I am today to talk to you. I could give you every single answer in the book but that won’t do anything because you already made up your mind. It’s gets annoying to go back and forth try to tell you that your so called “FACTS” from a “REPORT” don’t mean anything! Have you tried running the editor in a virtual machine or sandbox that shows you what the editor is really doing? (I bet not!) To me you don’t get it, you think it’s doing all these things based off a analysis “REPORT” and not going deeper into it. It seems that you only have used that so called “REPORT” to verify that editor does the things you say it does. You can say I’m denying “FACTS” when they really aren’t, there just a report from one source. Also no I didn’t pay 9K for Spoon Virtual Application Studio; I don’t even use that anymore. You also say you don’t care about the source code, when all and all the source code is everything; it will give you answers to anything and everything the app is doing. So it does matter more than you say. And if you’re a developer which I don’t really think you are, then you should also know about obfuscating apps and what different protections you can have. On the “GTA V.exe” I have many different things that protect the editor. Such as: Tamper Detection, Anti-Debug and Anti-Tracing which stops anyone or anything from trying to debug, analyze, de-obfuscate any part of the app. Just by obfuscating an app could lead to analysis saying it’s doing one thing when it’s really not.

 

You seem to think you’re educated in all this but I think you need to open your book and look deeper. In the end, you don’t care what I have to say. You are going to keep pushing that the app is malware and only using one source to show you’re so called proof. You can keep posting more information about you reports, because I could care less and it's going to be the same thing over and over again. I make apps as a hobby but talking to you makes none of this worth it. You’re kind of like one of those 8 year old kids on GTA that think they know everything but in reality only know half or nothing at all. I’m done talking to you because you post the same things over and over and think your 100% right. If anyone else really thinks he’s right I feel sorry for you, because you’re listening to someone that has a one star rating and has only been here for 9 months. The best thing for anyone that thinks the “GTA V.exe” from X3T-Infinity is malware is to run it in a virtual machine or sandbox to really view what’s happing.

 

If anyone else besides “hyperar” has any real questions feel free to ask.

 

Sounds like a contradiction to me. What horrible things have modders done with your other programs then? Sold as their own? Sure, that's annoying but if you keep distributing them for free then it wouldn't need to bother you since you don't do it to make gains. I'd love to hear examples of what has been done to make you so safeguarding of your code, if it's just a hobby product you share for free.

It's a free hex editor with neat user friendly UI and lots of features. What exactly is keeping you from making this open source altogether? Your ego? Or the fact you want to keep full control over everything this .exe does? People can use it absolutely free but may not look inside?

What horrible things you say? Well yes I have had others take them and try to sell them as their own. I even had them take pictures of my apps and put them in theirs. There so many things I would be here for days typing the up. I been programing since I was 12 and I never had anyone pay for any of my apps, everything is free that I develop. I try to make the best of the best for Free so that like “Horizon” and “Modio” to name a few don’t make money off of mods that should be free. I do it so the people don’t waste their money. Also this editor isn’t just a hex editor, there is more to it. Most if not all game files are mapped differently and you need to understand what’s all happing within the file. To just map a file takes day’s even months depending on how hard it is. Not to mention how hard it is to find encryption keys and the right algorithm to patch the file. This is the reason why I don’t release big projects publicly. It’s not that I don’t want you to see what the editor is doing but I don’t want people to take it and call it their own. I have put many months into this editor (been coding it since day one when it was released on Xbox 360) which I also put many months in the past with “Xbox 360 Tools” and “Anarchy.” Xbox 360 Tools and Anarchy are the full reason why I put so much protection on big projects.

Edited by XB36Hazard
Link to comment
Share on other sites
P2FX

P2FX

Posted
Posted

My AV program just deletes it outright. It would be nice to provide an app that people can actually use. I will never turn off my AV program for anything I downloaded from the Internet.

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

 

1) Sorry I didn’t answer you other day; I didn’t want to waste the time like I am today to talk to you.

2) I could give you every single answer in the book but that won’t do anything because you already made up your mind.

3) It’s gets annoying to go back and forth try to tell you that your so called “FACTS” from a “REPORT” don’t mean anything!

4) Have you tried running the editor in a virtual machine or sandbox that shows you what the editor is really doing? (I bet not!)

5) To me you don’t get it, you think it’s doing all these things based off a analysis “REPORT” and not going deeper into it.

6) It seems that you only have used that so called “REPORT” to verify that editor does the things you say it does. You can say I’m denying “FACTS” when they really aren’t, there just a report from one source.

7) Also no I didn’t pay 9K for Spoon Virtual Application Studio; I don’t even use that anymore.

8) You also say you don’t care about the source code, when all and all the source code is everything; it will give you answers to anything and everything the app is doing. So it does matter more than you say.

9) And if you’re a developer which I don’t really think you are, then you should also know about obfuscating apps and what different protections you can have.

10) On the “GTA V.exe” I have many different things that protect the editor. Such as: Tamper Detection, Anti-Debug and Anti-Tracing which stops anyone or anything from trying to debug, analyze, de-obfuscate any part of the app. Just by obfuscating an app could lead to analysis saying it’s doing one thing when it’s really not.

11) You seem to think you’re educated in all this but I think you need to open your book and look deeper. In the end, you don’t care what I have to say.

12) You are going to keep pushing that the app is malware and only using one source to show you’re so called proof.

13) You can keep posting more information about you reports, because I could care less and it's going to be the same thing over and over again.

14) I make apps as a hobby but talking to you makes none of this worth it. You’re kind of like one of those 8 year old kids on GTA that think they know everything but in reality only know half or nothing at all.

15) I’m done talking to you because you post the same things over and over and think your 100% right. If anyone else really thinks he’s right I feel sorry for you, because you’re listening to someone that has a one star rating and has only been here for 9 months. The best thing for anyone that thinks the “GTA V.exe” from X3T-Infinity is malware is to run it in a virtual machine or sandbox to really view what’s happing.

16) If anyone else besides “hyperar” has any real questions feel free to ask.

 

1) You did it if you think that all the bullsh*t you posted really convinces anyone that you are not delivering malware.

2) Or maybe because you can't, you say you could, but you won't, mmm, i wonder why?.

3) The fact that you use "REPORT" to refer to a detailed description of the actions performed by your software on a controlled environment doesn't really matter, it is still what it is, and it is still your word against facts.

4) Did it, but that doesn't really mean anything, i don't have tools on my system, i don't crack software (i have principals, you know, as a developer, don't do to others what you don't what other to do to you). Not to mention that your editor tries to hide from tools which i just can't have, so what chance does my little VM has against your editor?, not much.

5) As i said it before, you using "REPORT" to make it less than what it is, is not working, it is still more that just some internet dude's word. And you could end this by just explaining, but you won't do that, god forbids that the almighty developer explain why his save game editor is installing at Windows startup.

6) Same as before, it still is more proofs that what you're providing, i will even listen to your explanation if you'd just provide one, but you don't, you are just attacking the report, over and over again.

7) So you used a USD9000 enterprise level packer, when you could just used a enterprise level obfuscator, which would put so much effort into looking at your source code that it'd be out of reach for almost everybody, but you just went with the option that allows you to hide stuff, not just code, again, i wonder why?.

8) I'm pretty sure the editor source code is clean, because i suspect that it is not your editor doing all this, but something else hidden in the package. It is a mistery on why you drop several "GTA V.exe" files, is like you wanted to trick people into thinking that they are all the same app, and if that were the case, what use could it have to dropping it several times?.

9) I don't really think that anyone here cares if you believe me or not, i know i don't, and considering that there so much things to explain, why don't we get back to topic. But i do know the difference between obfuscating an assembly (make harder to obtain the assembly's source code) and packing (hiding stuff in an encrypted package).

10) There's so much bullsh*t on that sentece that i almost smell it over the internet.

11) That may have something to do with the fact that you just only tried to discredit the report and not to explain it, which would actually end this whole thing.

12) It is still more than what you have shown us, you have just said a lot of things that don't really explain anything.

13) If you keep on beating around the bush instead of explaining, it certainly will.

14) But look at that, first the report is bullsh*t, now i'm bullsh*t too, well, i guess we should all believe what you say because you're you and i'm just me.

15) If i'd think that i'm 100% right and i have no chance of being mistaken, then i would not be here, giving you the benefit of the doubt and asking you to explain yourself, but you just tried to end this conversation over and over with no real explanation.

To everyone that thinks that "GTA V.exe" from the editor is malware and is thinking about running it on a VM, let me tell you that there are techniques to escape from them and infect the real machine, and unlike HB36Hazard, you don't need to take my word, you can look it up yourselves.

16) Ha, you just keep getting better.

Edited by hyperar
Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

Hey, XB36Hazard, is this other report from another source also bullsh*t?.

 

https://www.hybrid-analysis.com/sample/590eb29c583f0742568af4742fac553c981e6737ffafc2f2ca32feff8bd84ce1?environmentId=4

 

For those interested, this is the shortened report, the full one is available for download just use the "HTML Report" button.

 

P.S.: Got your name now, Dylan.

 

EDIT: With the "VirusTotal" button you can access the VirusTotal report, where now 5 AV detect it as malware, but that's not the interesting part, the comment section has some entries by some respected VirusTotal users, including PayloadSecurity, the people that provide the testing environment.

 

EDIT: Now 8 AV detect is as malware, they are all bullsh*t according to XB36Hazard, just a coincidence.

Edited by hyperar
Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted (edited)

Hey, XB36Hazard, is this other report from another source also bullsh*t?.

 

https://www.hybrid-analysis.com/sample/590eb29c583f0742568af4742fac553c981e6737ffafc2f2ca32feff8bd84ce1?environmentId=4

 

For those interested, this is the shortened report, the full one is available for download just use the "HTML Report" button.

 

P.S.: Got your name now, Dylan.

 

EDIT: With the "VirusTotal" button you can access the VirusTotal report, where now 5 AV detect it as malware, but that's not the interesting part, the comment section has some entries by some respected VirusTotal users, including PayloadSecurity, the people that provide the testing environment.

 

EDIT: Now 8 AV detect is as malware, they are all bullsh*t according to XB36Hazard, just a coincidence.

OMG!! you got a name! Point blank my editor is not malware, it just sometimes shows up on some virus scanners. I don't have it coded to do anything your saying its doing. The full reason why it shows up on virus scanners is because its a false positive, do to the obfuscator. You are blowing everything out of proportion.

 

On other news... New update out now!

Version: 2.0.2.24 | 6-28-15 | Full Changelog

Fixed...
-Issue with PS3 saves not loading
-Minor issue with stats loading twice
-Minor issue with Xbox 360/PS3 save conversion
Added...
Tooltip to God Mode
Tooltip to Game Completion percentage
Removed...
-Vehicle Spawner has been removed from Xbox 360/PS3 versions.
Will be added back once I get it to work on all saves.
Edited by XB36Hazard
Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

 

Hey, XB36Hazard, is this other report from another source also bullsh*t?.

 

https://www.hybrid-analysis.com/sample/590eb29c583f0742568af4742fac553c981e6737ffafc2f2ca32feff8bd84ce1?environmentId=4

 

For those interested, this is the shortened report, the full one is available for download just use the "HTML Report" button.

 

P.S.: Got your name now, Dylan.

 

EDIT: With the "VirusTotal" button you can access the VirusTotal report, where now 5 AV detect it as malware, but that's not the interesting part, the comment section has some entries by some respected VirusTotal users, including PayloadSecurity, the people that provide the testing environment.

 

EDIT: Now 8 AV detect is as malware, they are all bullsh*t according to XB36Hazard, just a coincidence.

OMG!! you got a name! Point blank my editor is not malware, it just sometimes shows up on some virus scanners. I don't have it coded to do anything your saying its doing. The full reason why it shows up on virus scanners is because its a false positive, do to the obfuscator. You are blowing everything out of proportion.

 

On other news... New update out now!

Version: 2.0.2.24 | 6-28-15 | Full Changelog

Fixed...
-Issue with PS3 saves not loading
-Minor issue with stats loading twice
-Minor issue with Xbox 360/PS3 save conversion
Added...
Tooltip to God Mode
Tooltip to Game Completion percentage
Removed...
-Vehicle Spawner has been removed from Xbox 360/PS3 versions.
Will be added back once I get it to work on all saves.

 

 

Haha, at this point, we all know that being detected by one or a few AV doesn't mean anything, i said it before, but again, now there isn't ONE, but TWO different sources that say that your editor:

 

1) Modifies the registry to hide its actions.

2) Steal information from local web browsers.

3) Modify system's proxy settings.

4) Install itself in startup.

5) Tries to avoid analysis by sleeping the process several times.

 

People from Payload Security also says that it is malware, Payload Security is a "IT security blog focusing on malware forensics, dynamic and static analysis, as well as automated malware analysis techniques.", according to their blog, so i think they may have a little more authority than me.

 

Too bad that i had to used the "Stealthy Mode" of their environment, otherwise your editor would just crash itself to avoid analysis, i say too bad because the regular analysis is much more detailed, but still, it served its purpose.

 

So let me ask you, is this other analysis also meaningless?, are you going to answer any of the questions asked before?, because is not that you don't answer my posts, you do, but you avoid anserwing the more interesting questions and you just comment on me getting your name (by the way, you registering your domain as Me Me is just as suspicious as all the other stuff your editor does, that's why i made the name remark) or on the AV detections, thing that i said myself is pretty meaningless.

 

Again, i'm giving you the benefit of the doubt and i'm waiting for your explanations about all this stuff, but you keep dodging the bullet, you try to discredit the reports, denying the things they logged, you pretend to be all offended use it as an excuse to not answering me anymore, and such, which just keeps convincing me that you don't really have an explanation for this stuff, so i ask again.

 

Could you explain why your editor does all these stuff that were logged or are you just going to keep denying it?. Let me remind you and everyone else, they are not AV false positives, they are actions that were performed by the editor and logged by the analysis environments.

 

EDIT: By any chance, did you submitted the new version for analysis today at 5 am, way before you announced it?.

 

EDIT 2: Haha, we both know that is not the full changelog.

Edited by hyperar
Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted

 

Haha, at this point, we all know that being detected by one or a few AV doesn't mean anything, i said it before, but again, now there isn't ONE, but TWO different sources that say that your editor:

 

1) Modifies the registry to hide its actions.

2) Steal information from local web browsers.

3) Modify system's proxy settings.

4) Install itself in startup.

5) Tries to avoid analysis by sleeping the process several times.

 

People from Payload Security also says that it is malware, Payload Security is a "IT security blog focusing on malware forensics, dynamic and static analysis, as well as automated malware analysis techniques.", according to their blog, so i think they may have a little more authority than me.

 

Too bad that i had to used the "Stealthy Mode" of their environment, otherwise your editor would just crash itself to avoid analysis, i say too bad because the regular analysis is much more detailed, but still, it served its purpose.

 

So let me ask you, is this other analysis also meaningless?, are you going to answer any of the questions asked before?, because is not that you don't answer my posts, you do, but you avoid anserwing the more interesting questions and you just comment on me getting your name (by the way, you registering your domain as Me Me is just as suspicious as all the other stuff your editor does, that's why i made the name remark) or on the AV detections, thing that i said myself is pretty meaningless.

 

Again, i'm giving you the benefit of the doubt and i'm waiting for your explanations about all this stuff, but you keep dodging the bullet, you try to discredit the reports, denying the things they logged, you pretend to be all offended use it as an excuse to not answering me anymore, and such, which just keeps convincing me that you don't really have an explanation for this stuff, so i ask again.

 

Could you explain why your editor does all these stuff that were logged or are you just going to keep denying it?. Let me remind you and everyone else, they are not AV false positives, they are actions that were performed by the editor and logged by the analysis environments.

 

EDIT: By any chance, did you submitted the new version for analysis today at 5 am, way before you announced it?.

 

EDIT 2: Haha, we both know that is not the full changelog.

 

I never said Analysis are meaningless, I said you cannot base everything off of them, all in all I just don't trust them. The only real reason I can give you is that is the Obfuscator that is making it look like it's doing the things the report shows. And no I didn't submit the new update, should I have? Also that was the full changelog!

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

 

 

Haha, at this point, we all know that being detected by one or a few AV doesn't mean anything, i said it before, but again, now there isn't ONE, but TWO different sources that say that your editor:

 

1) Modifies the registry to hide its actions.

2) Steal information from local web browsers.

3) Modify system's proxy settings.

4) Install itself in startup.

5) Tries to avoid analysis by sleeping the process several times.

 

People from Payload Security also says that it is malware, Payload Security is a "IT security blog focusing on malware forensics, dynamic and static analysis, as well as automated malware analysis techniques.", according to their blog, so i think they may have a little more authority than me.

 

Too bad that i had to used the "Stealthy Mode" of their environment, otherwise your editor would just crash itself to avoid analysis, i say too bad because the regular analysis is much more detailed, but still, it served its purpose.

 

So let me ask you, is this other analysis also meaningless?, are you going to answer any of the questions asked before?, because is not that you don't answer my posts, you do, but you avoid anserwing the more interesting questions and you just comment on me getting your name (by the way, you registering your domain as Me Me is just as suspicious as all the other stuff your editor does, that's why i made the name remark) or on the AV detections, thing that i said myself is pretty meaningless.

 

Again, i'm giving you the benefit of the doubt and i'm waiting for your explanations about all this stuff, but you keep dodging the bullet, you try to discredit the reports, denying the things they logged, you pretend to be all offended use it as an excuse to not answering me anymore, and such, which just keeps convincing me that you don't really have an explanation for this stuff, so i ask again.

 

Could you explain why your editor does all these stuff that were logged or are you just going to keep denying it?. Let me remind you and everyone else, they are not AV false positives, they are actions that were performed by the editor and logged by the analysis environments.

 

EDIT: By any chance, did you submitted the new version for analysis today at 5 am, way before you announced it?.

 

EDIT 2: Haha, we both know that is not the full changelog.

 

I never said Analysis are meaningless, I said you cannot base everything off of them, all in all I just don't trust them. The only real reason I can give you is that is the Obfuscator that is making it look like it's doing the things the report shows. And no I didn't submit the new update, should I have? Also that was the full changelog!

 

 

No, not really, obfuscation DOES NOT AFFECT execution, all it does is make it harder to obtain the source code from the binary. A .NET assembly could be easily reverse engineered, by obfuscating it, you prevent that (of course, there are different levels of protection, not all tools are equally effective), but that is not actually what you said you do, you said that you encrypt everything, you packed it, which is it is a common technique malware makers use to avoid detection, since it changes the executable and AV systems do not find its signature since it's not there, althought IT IS NOT exclusively used for malware, there is no much motivation for software makers to use it, other than reduce the file size, which is not a problem nowadays.

 

What i want to make clear is that packing doesn't affect execution, neither obfuscation, if that would be the case, who'd use it?. You editor alters its behaviour depending on if it can detect that is being monitored, i have two reports for the last version, one using the stealthy mode and one the "regular" mode, the second one is more detailed, unfortunately, the editor crashed on the regular (more obvious) analysis, while it ran without problems on the "stealthy" one (since it's stealthy, it doesn't gather as much data as the regular one), happy coincidence?.

 

I'll be posting the reports here later, i have to post them online, but for example, the "stealthy" analysis has actions that the regular doesn't, for example, it checks the internet settings configuration, and checks the registry to see if it is configured to warn you when you get redirected from HTTPS to HTTP (encrypted traffic to unencrypted), why on earth do you need to do that?, and don't tell me it's a false positive, the software was logged reading the key

USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHttpsToHttpRedirect

there is no chance of that being a mistake or a false positive.

Edited by hyperar
Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted

No, not really, obfuscation DOES NOT AFFECT execution, all it does is make it harder to obtain the source code from the binary. A .NET assembly could be easily reverse engineered, by obfuscating it, you prevent that (of course, there are different levels of protection, not all tools are equally effective), but that is not actually what you said you do, you said that you encrypt everything, you packed it, which is it is a common technique malware makers use to avoid detection, since it changes the executable and AV systems do not find its signature since it's not there, althought IT IS NOT exclusively used for malware, there is no much motivation for software makers to use it, other than reduce the file size, which is not a problem nowadays.

 

What i want to make clear is that packing doesn't affect execution, neither obfuscation, if that would be the case, who'd use it?. You editor alters its behaviour depending on if it can detect that is being monitored, i have two reports for the last version, one using the stealthy mode and one the "regular" mode, the second one is more detailed, unfortunately, the editor crashed on the regular (more obvious) analysis, while it ran without problems on the "stealthy" one (since it's stealthy, it doesn't gather as much data as the regular one), happy coincidence?.

 

I'll be posting the reports here later, i have to post them online, but for example, the "stealthy" analysis has actions that the regular doesn't, for example, it checks the internet settings configuration, and checks the registry to see if it is configured to warn you when you get redirected from HTTPS to HTTP (encrypted traffic to unencrypted), why on earth do you need to do that?, and don't tell me it's a false positive, the software was logged reading the key

USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHttpsToHttpRedirect

there is no chance of that being a mistake or a false positive.

 

It could have something to do with "InternetCheckConnection" or NetworkIsAvailable that I use to check for network connection, but other then that I have no idea. As for it hiding itself from analysis that because of the Anti-Debug + Anti-Tracing Protection I have on the editor.

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted

 

No, not really, obfuscation DOES NOT AFFECT execution, all it does is make it harder to obtain the source code from the binary. A .NET assembly could be easily reverse engineered, by obfuscating it, you prevent that (of course, there are different levels of protection, not all tools are equally effective), but that is not actually what you said you do, you said that you encrypt everything, you packed it, which is it is a common technique malware makers use to avoid detection, since it changes the executable and AV systems do not find its signature since it's not there, althought IT IS NOT exclusively used for malware, there is no much motivation for software makers to use it, other than reduce the file size, which is not a problem nowadays.

 

What i want to make clear is that packing doesn't affect execution, neither obfuscation, if that would be the case, who'd use it?. You editor alters its behaviour depending on if it can detect that is being monitored, i have two reports for the last version, one using the stealthy mode and one the "regular" mode, the second one is more detailed, unfortunately, the editor crashed on the regular (more obvious) analysis, while it ran without problems on the "stealthy" one (since it's stealthy, it doesn't gather as much data as the regular one), happy coincidence?.

 

I'll be posting the reports here later, i have to post them online, but for example, the "stealthy" analysis has actions that the regular doesn't, for example, it checks the internet settings configuration, and checks the registry to see if it is configured to warn you when you get redirected from HTTPS to HTTP (encrypted traffic to unencrypted), why on earth do you need to do that?, and don't tell me it's a false positive, the software was logged reading the key

USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHttpsToHttpRedirect

there is no chance of that being a mistake or a false positive.

 

It could have something to do with "InternetCheckConnection" or NetworkIsAvailable that I use to check for network connection, but other then that I have no idea. As for it hiding itself from analysis that because of the Anti-Debug + Anti-Tracing Protection I have on the editor.

 

 

It doesn't make any sense, why on earth knowing that you change from HTTP to HTTPS without notifying the user would have anything to do with that?.

 

Why do you modify the proxy settings on the registry:

USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable (Set to 0 / False)USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (Delete value)USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride (Delete value)

Checking for active internet connection too?.

 

Why do you create the following registry key:

MACHINE\System\CurrentControlSet\Services\TcpIp\Parameters

Maybe also some internet checking thingy, suspicious because this key gives you autoexec ability.

Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted (edited)

 

It doesn't make any sense, why on earth knowing that you change from HTTP to HTTPS without notifying the user would have anything to do with that?.

 

Why do you modify the proxy settings on the registry:

USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable (Set to 0 / False)USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (Delete value)USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride (Delete value)

Checking for active internet connection too?.

 

Why do you create the following registry key:

MACHINE\System\CurrentControlSet\Services\TcpIp\Parameters

Maybe also some internet checking thingy, suspicious because this key gives you autoexec ability.

 

I don't think using the argument "InternetCheckConnection" in "wininet.dll" or when "wininet.dll" initializes it changes them but I could be wrong. Other then that I have no idea why it's changing those values.

Edited by XB36Hazard
Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

 

 

It doesn't make any sense, why on earth knowing that you change from HTTP to HTTPS without notifying the user would have anything to do with that?.

 

Why do you modify the proxy settings on the registry:

USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable (Set to 0 / False)USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (Delete value)USER\S-1-5-21-4162757579-3804539371-4239455898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride (Delete value)

Checking for active internet connection too?.

 

Why do you create the following registry key:

MACHINE\System\CurrentControlSet\Services\TcpIp\Parameters

Maybe also some internet checking thingy, suspicious because this key gives you autoexec ability.

 

I don't think using the argument "InternetCheckConnection" in "wininet.dll" or when "wininet.dll" initializes it changes them but I could be wrong. Other then that I have no idea why it's changing those values.

 

 

Well, it is a big deal manipulating the registry, specially when you modify security settings and can't provide an explanation.

Edited by hyperar
Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted

 

Well, it is a big deal manipulating the registry, specially when you can't provide an explanation.

Very true, but I have nothing coded in the editor for the registry so I don't even know why it's showing up.

Link to comment
Share on other sites
hyperar

hyperar

Posted
Posted (edited)

 

 

Well, it is a big deal manipulating the registry, specially when you can't provide an explanation.

Very true, but I have nothing coded in the editor for the registry so I don't even know why it's showing up.

 

 

So you went from very skilled developer that builds super anti debugging anti tracing complex techniques and decrypts and maps unknown files to not knowing why your code does certain things?, also, which of those changes on the changelog is responsable for stop sending control codes to devices such us network adapters?

 

EDIT: Why do you patch MSCORWKS.DLL?

Edited by hyperar
Link to comment
Share on other sites
XB36Hazard

XB36Hazard

Posted
  • Author
Posted (edited)

So you went from very skilled developer that builds super anti debugging anti tracing complex techniques and decrypts and maps unknown files to not knowing why your code does certain things?, also, which of those changes on the changelog is responsable for stop sending control codes to devices such us network adapters?

 

EDIT: Why do you patch MSCORWKS.DLL?

 

I didn't say I was "very skilled developer that builds super anti debugging anti tracing complex techniques and decrypts and maps unknown files" I am a skilled developer in many things but "Anti Debug & Anti Tracing" are in the obfuscator. Also yeah I don't know why it's showing up in your reports because I don't have it coded anywhere to do those things. Also I didn't patch the "MSCORWKS.DLL" nor do I do any of the things the reports show. Also the items in the changelog have nothing to do with sending control codes or anything within the reports! I'm telling you it's the obfuscator that makes it look like its doing one thing when it's really not!

Edited by XB36Hazard
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • 1 User Currently Viewing
    0 members, 0 Anonymous, 1 Guest

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.

  I accept