LS1 Flash Tool and Windows Defenfer
-
- Posts: 4
- Joined: Tue Nov 08, 2016 1:04 pm
- cars: 1999 LS1 Miata
1966 Corvair
2001 986 Porsche Boxster
2005 Jeep Wrangler
2010 Jeep Rubicon
2012 Cadillac SRX
LS1 Flash Tool and Windows Defenfer
Windows 10 Defender reports this error and deletes the file
Category: Trojan
Description: This program is dangerous and executes commands from an attacker.
Recommended action: Remove this software immediately.
Items:
containerfile:C:\$Recycle.Bin\S-1-5-21-1597143808-3754268942-2216452023-1001\$RW8CB2T.zip
file:C:\$Recycle.Bin\S-1-5-21-1597143808-3754268942-2216452023-1001\$RW8CB2T.zip->ls1flash-free.exe
file:C:\Users\Larry\Downloads\ls1flash-free-1.07\ls1flash-free.exe
Category: Trojan
Description: This program is dangerous and executes commands from an attacker.
Recommended action: Remove this software immediately.
Items:
containerfile:C:\$Recycle.Bin\S-1-5-21-1597143808-3754268942-2216452023-1001\$RW8CB2T.zip
file:C:\$Recycle.Bin\S-1-5-21-1597143808-3754268942-2216452023-1001\$RW8CB2T.zip->ls1flash-free.exe
file:C:\Users\Larry\Downloads\ls1flash-free-1.07\ls1flash-free.exe
Re: LS1 Flash Tool and Windows Defenfer
Occurs due to the programs "obfuscation protection". Alot of antivirus's will flag it as bad even though its not.
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
- antus
- Site Admin
- Posts: 8253
- Joined: Sat Feb 28, 2009 8:34 pm
- cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B - Contact:
Re: LS1 Flash Tool and Windows Defenfer
Oh great. I had not run this since updating to win 10 some months ago. Win 7 defender was ok previously. I can assure you it is a false positive from the packer but thanks for reporting it. Its good for people to have a heads up and expect it, especilly with such a commonly used virus/malware tool. I actually avoided 'high' level protection to stop the false positive but it seems microsoft have changed their criteria.
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
-
- Posts: 440
- Joined: Sun Mar 22, 2009 11:52 am
- cars: VT V6 supercharged in a corolla
- Location: Sydney
- Contact:
Re: LS1 Flash Tool and Windows Defenfer
Hi antus I am having a constant Trogan attack to my computor and also when I visit "pcmhacking.net" The attacker goes by the name of http://www.envyouscustoms.comantus wrote:Oh great. I had not run this since updating to win 10 some months ago. Win 7 defender was ok previously. I can assure you it is a false positive from the packer but thanks for reporting it. Its good for people to have a heads up and expect it, especilly with such a commonly used virus/malware tool. I actually avoided 'high' level protection to stop the false positive but it seems microsoft have changed their criteria.
I am sure the attacker is "NOT" envyouscustoms. Could this be the problem that is talked about on this this thread above?
- antus
- Site Admin
- Posts: 8253
- Joined: Sat Feb 28, 2009 8:34 pm
- cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B - Contact:
Re: LS1 Flash Tool and Windows Defenfer
I think its scanning the target links on the page and classifying tazzi's drivers as trojan. Question for tazzi I guess. I'd be suprised if it was not a false positive but Ill tag him so he can take a look.
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
-
- Posts: 440
- Joined: Sun Mar 22, 2009 11:52 am
- cars: VT V6 supercharged in a corolla
- Location: Sydney
- Contact:
Re: LS1 Flash Tool and Windows Defenfer
Thanks antus
Re: LS1 Flash Tool and Windows Defenfer
I have malwarebytes, and mine doesnt flag?
All of my sites are scanned hourly from the webhost side. Doing an online check using virustotal for envyouscustoms.com shows malwarebytes declares it as safe too.
Some antivirus's may not like the software I have produced under Envyous and OBDX due to software licensing though, but they are al on the downloads page which can only be accessed if logged in.
All of my sites are scanned hourly from the webhost side. Doing an online check using virustotal for envyouscustoms.com shows malwarebytes declares it as safe too.
Some antivirus's may not like the software I have produced under Envyous and OBDX due to software licensing though, but they are al on the downloads page which can only be accessed if logged in.
Your Local Aussie Reverse Engineer
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
Contact for Software/Hardware development and Reverse Engineering
Site:https://www.envyouscustoms.com
Mob:+61406 140 726
-
- Posts: 440
- Joined: Sun Mar 22, 2009 11:52 am
- cars: VT V6 supercharged in a corolla
- Location: Sydney
- Contact:
Re: LS1 Flash Tool and Windows Defenfer
Tazzi do you have surgestions on what I should be doing to overcome this issue. What would you do? Would appreciate your expert advice.
- antus
- Site Admin
- Posts: 8253
- Joined: Sat Feb 28, 2009 8:34 pm
- cars: TX Gemini 2L Twincam
TX Gemini SR20 18psi
Datsun 1200 Ute
Subaru Blitzen '06 EZ30 4th gen, 3.0R Spec B - Contact:
Re: LS1 Flash Tool and Windows Defenfer
From a background conversation we've been having, I know what he would do is raise a ticket with your screenshot to malware bytes to ask them WTF? And he has done do. We've both tested his site and this one against various online site security tools, and they both come up as clean. It looks like in your case its picking up his site from his signature, but since his site is clean that still doesn't explain why you would get that (and he doesn't have that as a user of malware bytes) so we can't see any reason you should or would get different results. You could raise a ticket with them yourself too. It seems to be a problem in that product.
Have you read the FAQ? For lots of information and links to significant threads see here: http://pcmhacking.net/forums/viewtopic.php?f=7&t=1396
-
- Posts: 440
- Joined: Sun Mar 22, 2009 11:52 am
- cars: VT V6 supercharged in a corolla
- Location: Sydney
- Contact:
Re: LS1 Flash Tool and Windows Defenfer
Thanks Antus and Pete I will raise a ticket with Malwarebytes and let you know what I find out.
1/07/2023 I raised a ticket yesterday with Malwarebytes and over night the problem was fixed. They gave no explanation on the cause.
Thanks to all that gave advise.
1/07/2023 I raised a ticket yesterday with Malwarebytes and over night the problem was fixed. They gave no explanation on the cause.
Thanks to all that gave advise.