Roblox Account Manager: Virus or false positive?

[JKx24]

Hey all! So, I've been using a third-party software from GitHub called Roblox account manager for 2-3 weeks and just 2 weeks ago there were many rumours and news of its newest updated version 3.7.2 from GitHub being flagged as having trojans. I tried it myself and windows defender scanned it as a virus and deleted it automatically.

So, I researched more into it especially on YouTube and many from the community are two-sided. Saying that the trojans are false positives and some thinking that it's malicious and spreading misinformation. Some heard reports or said their accounts were hacked, but there was no follow-up proof of it. I am kind of stuck between the crossroads of the two opinions. Whether I should stay away from it or redownload it?

Here's what the creator of the third-party software said on the official Roblox account manager GitHub:

Q: Why is this program detected as a virus?

A: Open source programs such as this program are commonly detected as viruses because actual malware may be using the same libaries as this one. For example, account manager may be detected as a RAT because of the Account Control feature, this feature uses websockets to connect to clients which is the same way actual malware may use to connect maliciously to someone elses computer. If you'd like, you can download visual studio yourself (it's free) and compile this program on your own, you may even get the same virus detections as the public release.

GitHub link: GitHub - ic3w0lf22/Roblox-Account-Manager: Application that allows you to add multiple accounts into one application allowing you to easily play on alt accounts without having to change accounts

The creator (IceWolf) also said this on the official discord of Roblox Account Manager: I've added and inserted an uploaded image.

But I am not sure if the creator is trustworthy or not. If what he said was true or not.

So, I decided to redownload the older versions not flagged with the viruses (versions before 3.7.2). I used the 3.6.1 version without the trojan and scanned my computer with windows defender and Malwarebytes a couple of times and it detected nothing after I downloaded it, but I uploaded the ROBLOX account manager file (Ver 3.6.1/the older one) on virus total and it 5-10 security vendors flagged it as suspicious? Virus Total link: VirusTotal - File - cdb0a360cca7a5099c2d2357be1a833e032ffdeb3f467a6fac845f6bb77031c9

Virus Total link (Ver 3.6.1.): VirusTotal - File - 1b94210a7a05ce8379db7b8c11d41f84bc868cbdcd0685733754728678bb5fa2

So, I'm concerned about all of the versions having a virus detected in them or are they just false positives? Whether I should stay away from it or redownload it? Someone who knows this type of stuff or has expertise in this kind of field can you please let me know or respond?

Thanks!

[Porthos]

@JKx24 You have a topic here. https://www.bleepingcomputer.com/forums/t/799668/roblox-account-manager-virus-or-false-positive/

Are you looking to clean your system of possible malware? I asked as your topic at bleeping is in the malware removal section.

This one started in ours.

[JKx24]

Sorry for the very late response. I got caught up with some things.

Yes, that is me.

No, I deleted the software right after I scanned the third-party software through Virus Total. Right now, I am just trying to search for someone who has expertise in this area to correctly validate if this third-party software has a virus or not and if the Virus Total detections/scans were false positives? 

Because a lot of people in the community say the scans are most likely false positives on the software.

[JKx24]

By the way Porthos. I do not see your question at bleeping computers and unfortunately, I have lost my account on bleeping computers since I used a temp email lol ☠️☠️☠️. But if any of you experts in this field this is what the instructor replied on bleeping computers: 

Greetings and  to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:

• First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
• It is important to not run any tools or take any steps other than those I will provide for you.
• Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
• Please copy and paste all logs into your post unless otherwise requested.
• When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
• If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.

===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know.

Thank you for your patience thus far. It is most likely a false positive but let's take a look at things.

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------

• Download Farbar Recover Scan Tool for 64 bit systems and note where the file is saved (Desktop, Downloads, etc.) <<< Important
• If your computer language is other than English right click on the FRST64 icon and rename it to FRST64english
• Right click on the icon and select Run as administrator
• Note: If you receive any warning about the download it is a false positive and you can ignore it. Click on More info to get the Run anyway option
• Click Yes to the disclaimer
• Click Scan and allow the program to run
• Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
• 2 Notepad documents should now be open on your desktop.
• Please copy and paste the contents of each report in separate reply windows

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. 

• FRST.txt
• Addition.txt

So yeah. Should I do this and reply what my results are under this thread?

Thanks!

[JKx24]

So, if anyone of you have expertise in these situations or topic please reply below! Whether I should do what the guy from bleeping computers has told me to do or to tell a different method on how to do it in a different way to check if the software has a virus or a false positive?

 

 

 

[Porthos]

25 minutes ago, JKx24 said:

I am just trying to search for someone who has expertise in this area to correctly validate if this third-party software has a virus or not and if the Virus Total detections/scans were false positives? 

To have the file examined, we need the exact file zipped and attached here, or the virus total link for that file.

[JKx24]

Here: VirusTotal - File - cdb0a360cca7a5099c2d2357be1a833e032ffdeb3f467a6fac845f6bb77031c9

This is the 3.6.1 version that I talked about that was scanned. 

[David H. Lipman]

Since Malwarebytes is not flagging this software, I am closing this thread.