mpurses
commented
3 years ago It's connected to using Nircmd for part of the Color Picker (click a color name text in the settings to use it). Which gets/sends data from/to the cursor for color data on your screen for the Eyedropper. So some scanners flag that as it could be used for nefarious purposes if used by the wrong people. But you are safe, I'm not evil.
https://www.bleepingcomputer.com/forums/t/640360/nircmd-should-i-be-concerned/
nircmd.exe Location: https://github.com/mpurses/Sonder/tree/master/Skins/Sonder/Settings/ColorPicker/Extra Used in these two places: https://github.com/mpurses/Sonder/blob/master/Skins/Sonder/Settings/ColorPicker/ColorPicker.ini#L221 https://github.com/mpurses/Sonder/blob/master/Skins/Sonder/Settings/ColorPicker/Eyedropper/Eyedropper.ini#L72
rmskin file here on github is the same as on deviantart.
MacaroniDuck
Hello, I've been using your skin on my desktop for a couple of weeks and enjoy it, Thank you! I decided to place it on my laptop as well. I transferred the same files over and received a warning about a virus. Scanning it at VirusTotal.com, threw the following flags: DrWeb
Tool.NirCmd.2 Jiangmin
RiskTool.HideExec.ak Sophos
NirCmd (PUA) Ad-Aware
Undetected
It mentioned "3 flags" but only showed these 2 in red. I downloaded the file from DeviantArt as I'm not a programmer and it had the actual Rainmaker installer file. (I do not see one here at GitHub). Do I need to be concerned about these flags? Are the files at Deviant the same, just in the installer? Thank you!