Question PixelFlasher concern

[groston]

I was unable to download PixelFlasher, V4.8.1.0 from https://github.com/badabing2005/PixelFlasher/releases, to my PC because Avast AV detected an issue. So, I remote logged into a Linux system, used wget to get the file, then transferred it to my computer. Again, Avast complained about a virus and quarantined the file.

I recovered the file from quarantine and uploaded it to www.virustotal.com so it could be checked out. This site reported the following:

• Acronis (Static ML):: Suspicious
• Avast:: Win64:Trojan-gen
• AVG:: Win64:Trojan-gen
• Jiangmin:: Trojan.Generic.horqm
• McAfee-GW-Edition:: Artemis

I have never before had any issues downloading files from github. So, should I be concerned or not?

 

[yurishouse]

Technically anything that does anything to a device is considered *malware* by AV software nowadays... If you really have concerns over it, you can:

Check the source code yourself on GitHub, if you have the know-how

Don't use it. Pixel Factory images provided a flashall.bat or a Linux/Mac exec by default, you just need to modify a few lines to make it works, which is what I've been doing this whole time:
Open the flash-all.bat with a code editor, I'm using NP++
Find the line that says:

Fastboot update -w xxxx.zip

And change it to

Fastboot update xxxx.zip --skip-reboot

 

[JakeDHS07]

You can ask @badabing2003 himself as he created the program why specifically those would be flagged and I'm sure he can offer more insight. But I've been using it for months and it's solid. I will also say even when I used to use the flash all manually back in the day those would get flagged by safe screen also. So it's a lot of false positives when it comes to those kind of batch commands.

 

[HipKat]

TBH, Avast is not even necessary, not to mention, it's just not good AV, in MY opinion.

 

[badabing2003]

You can read up here

I'm not going to play with Avast or any other AV on every release.

It's an open source project, you can scrutinize it and decide if it is a risk you're willing to take trusting the code instead of Avast.

There was a time when consumer AV was needed.
Now you're better of without 3rd party AV.

 

[HipKat]

You can read up here

I'm not going to play with Avast or any other AV on every release.

It's an open source project, you can scrutinize it and decide if it is a risk you're willing to take trusting the code instead of Avast.

Bottom line is, tons of people - most of who are very tech savvy - are using PF every month without issues and we would know if there was a problem

 

[groston]

I don't question PF, it is the AV system on my computer that is causing the issue. Did some reading and AV is still needed, but they can be a major pain...

 

[K1nsey6]

I don't question PF, it is the AV system on my computer that is causing the issue. Did some reading and AV is still needed, but they can be a major pain...

Windows Security is more than efficient now to protect from bad stuff. All the 3rd party stuff is mostly bloatware now

 

[HipKat]

I don't question PF, it is the AV system on my computer that is causing the issue. Did some reading and AV is still needed, but they can be a major pain...

Not to sidetrack but I've run nothing but Windows Defender and Malwarebytes on my Windows machine for over 10 years, no problems. And trust me, I've been done it all on there.

 

[simplepinoi177]

I don't question PF, it is the AV system on my computer that is causing the issue. Did some reading and AV is still needed, but they can be a major pain...

If you must use an AV as "AV is still needed", every AV I've worked with/on was able to whitelist a folder and/or program or, even, you can disable it while you would install and/or run PF...right?
So there shouldn't be any reason why you couldn't run the latest version and run it proper...

Not to sidetrack but I've run nothing but Windows Defender and Malwarebytes on my Windows machine for over 10 years, no problems. And trust me, I've been done it all on there.

I agree with this and have employed similar. Actually, years ago, I would go about it a lot more aggressive and paranoid and would run Defender, Malwarebytes, Superantispyware, and Comodo firewall concurrently! It did wreak havoc on my cpu usage sometimes, but then again I dealt with a lot of custom programs and patches/cracks/packages and such.
If I felt (relatively) confident and secure about it, I would have to disable all 4 if need be to work on certain things.
So I'm sure OP can do it with the AV that's being utilized...

 

[HipKat]

If you must use an AV as "AV is still needed", every AV I've worked with/on was able to whitelist a folder and/or program or, even, you can disable it while you would install and/or run PF...right?
So there shouldn't be any reason why you couldn't run the latest version and run it proper...


I agree with this and have employed similar. Actually, years ago, I would go about it a lot more aggressive and paranoid and would run Defender, Malwarebytes, Superantispyware, and Comodo firewall concurrently! It did wreak havoc on my cpu usage sometimes, but then again I dealt with a lot of custom programs and patches/cracks/packages and such.
If I felt (relatively) confident and secure about it, I would have to disable all 4 if need be to work on certain things.
So I'm sure OP can do it with the AV that's being utilized...

Wow! Superantispyware. I forgot all about that one!

 

[simplepinoi177]

Wow! Superantispyware. I forgot all about that one!

I hate to go OT a bit here, but...
Yeah, back then, those 3 were the best (possibly only) real-time protection happening as well as the foremost ones you should/would use when cleaning a PC of any malware; hence the heavy load on CPU usage at times.
In any case, if I could temporarily disable/turn-off all 4 of these so I could run a "rogue" program, it shouldn't be too difficult to do it with a current AV -- even if my examples are rather out-dated...
If anything, all of those AVs had the option/ability to "submit" a program to be reviewed by the company to whitelist and/or scrutinize so it wouldn't pop up as a false-positive in the next version/update....

 

[HipKat]

I hate to go OT a bit here, but...
Yeah, back then, those 3 were the best (possibly only) real-time protection happening as well as the foremost ones you should/would use when cleaning a PC of any malware; hence the heavy load on CPU usage at times.
In any case, if I could temporarily disable/turn-off all 4 of these so I could run a "rogue" program, it shouldn't be too difficult to do it with a current AV -- even if my examples are rather out-dated...
If anything, all of those AVs had the option/ability to "submit" a program to be reviewed by the company to whitelist and/or scrutinize so it wouldn't pop up as a false-positive in the next version/update....

SAS was the best portable scanner you could run. It was really, the first one I ever ran as a portable. Thanks for that memory!

 

[D3NMOH]

Hands and head are the best Antivirus

 

[simplepinoi177]

Hands and head are the best Antivirus

true enough... "don't install stupid stuff" is probably the best way to go about it...I can attest to (because, unfortunately, I've done the opposite on purpose more than enough times and have paid for it in one way or another)...

But PF has 100s (maybe 1000s) of users and is actively discussed and developed here on XDA from a RD...it's definitive that it is safe and is coming up as false-positives to any/all AVs...

 

[D3NMOH]

PF manages ADB, Fastboot and reads output data from them.
When one application interferes with another, antivirus always says it's dangerous. It is high time we understood this logic

 

[dexlemaffo]

PF manages ADB, Fastboot and reads output data from them.
When one application interferes with another, antivirus always says it's dangerous. It is high time we understood this logic

False positive.

 

[JohnTheFarm3r]

Windows Security is more than efficient now to protect from bad stuff. All the 3rd party stuff is mostly bloatware now

Apart from ransomware...It's not quiet decent in that department.