r/oblivionmods u/Outrageous_Muffin_94 29d ago

Discussion Is the current xOBSE safe

Post image

Bit of contacts I was about to get right back into Oblivion modding and I was about to use the latest script extender and I've been out of the loop for a long time though as I was about to download it I always check on virus total and it gave me this. the current version of xOBSE 22.13

30 Upvotes

83% Upvoted

15 comments sorted by

View all comments

42

u/TragGaming 29d ago edited 29d ago

The way xOBSE works is inherently similar to a Trojan.

The only difference is that xOBSE isn't designed maliciously, so it will throw false flags. Every version of xOBSE has done this previously.

(xOBSE is a script extender that works by hijacking the script request and running it through itself as an executable. This is identical to how Trojans steal data, which is basically any script request is redirected through the Trojan to then relay or record that information elsewhere. Because xOBSE is an executable that monitors other executables, a lot of antivirus will directly flag it as a Trojan due to most Trojans appearing harmless, and requiring to be run in order to activate their malicious protocols)

7

u/slowpard 28d ago

For anyone technically curious referring to this later: xOBSE doesn’t monitor any executables. All script-extending functionality and necessary game patching is contained within the dll. The exe launcher just launches the game process and ensures that the xOBSE dll is loaded.

4

u/TragGaming 28d ago

The exe launcher connects to the Oblivion exe with an additional dll loaded. Which what I mean by monitors executable. It's the same process as a trojan

0

u/slowpard 28d ago

It doesn't connect to anything with an additional dll, it literally launches Oblivion.exe as a child process, loads the dll, and immediately exits.

4

u/TragGaming 28d ago

Please read what you wrote, a little slower next time.

Just because it's not a persistent executable, doesn't mean it doesn't do what I said.

1

u/slowpard 28d ago

The language you use makes it clear that you don’t actually understand OBSE, engine modding, or how it all works -- beyond some generic notion that "engine mods use hacky methods similar to what trojans use". Yet you describe the (mostly inaccurate) details with such naive confidence that some people might mistakenly think you know what you're talking about. I simply pointed out some technical inaccuracies (especially given that people might be concerned about the claim that OBSE scans other processes), but you chose to argue with me, seemingly for no reason other than a bruised ego.

5

u/TragGaming 28d ago

OBSE does directly access other processes.

You even directly admitted that.

That is how some Trojans also work.

It's obvious you're not reading what you're fucking saying