RLECViewer icon indicating copy to clipboard operation
RLECViewer copied to clipboard

Published 20 hours ago verified publisher icon zuyan9

VirusTotal reports 4 files detected as positive. Be carefull !!

Open amontero opened this issue 4 years ago • 4 comments

Warning, binaries files are positive in VirusTotal.

I have analyzed at VT source code files one by one file and them seem clean, folder RLECViewer-master\RLECViewer .

But binaries files are not safe. Here VT reports:

5 detections: RLECViewer-master\Install\Product\RLECViewer.exe https://www.virustotal.com/gui/file/193bcde12039e0a1f3d55d0e2f2a236dbcf701e1f18b8620cbb94cd3713775f1/detection

1 detection: RLECViewer-master\bin(Release)\ClevoEcInfo.dll https://www.virustotal.com/gui/file/f1fa68742b86022ce436d9998c3a7de34d64866eefc95e40c12f6439328ba656/detection

1 detection: RLECViewer-master\bin(Release)\RLECViewer https://www.virustotal.com/gui/file/b6bc3e6fdc4b5d0ec7988695059114161eeac37585b31f49d464042a3b213ff2/detection

3 detections: RLECViewer-master\bin(Debug)\RLECViewer https://www.virustotal.com/gui/file/785c59b5046eb5c58f609fdadcb83929e1caa96c54199779a67bbf0beb9a4317/detection

amontero avatar Oct 05 '20 15:10 amontero

Yes, be careful is always a good idea.

Unfortunately I don't know what's causing this. For example, ClevoEcInfo.dll is directly from Clevo and I do not any any control over.

You can get this dll file from Clevo control software.

I suggest compiling from the source code.

zuyan9 avatar Oct 05 '20 17:10 zuyan9

Yes, be careful is always a good idea.

Unfortunately I don't know what's causing this. For example, ClevoEcInfo.dll is directly from Clevo and I do not any any control over.

You can get this dll file from Clevo control software.

I suggest compiling from the source code.

Maybe ClevoEcInfo.dll could be secure because there is only one detection by only one VT engine and it could be a false-positive. This another project (https://github.com/Marqis/BtoFanControl) uses same dll file.

But the others exe binaries files are 3 and 5 detections by remarkable VT engines and also I have checked that when I run RLECViewer.exe something is trying to change my Windows 10 UAC security policy and this behavior is very strange.

amontero avatar Oct 07 '20 15:10 amontero

Added warning the readme

zuyan9 avatar Mar 03 '21 21:03 zuyan9

You can get this dll file from Clevo control software.

Can you be a bit more specific? I cannot find this file in any of the Clevo Control Center versions available here : https://www.clevo.com.tw/load_page/service

fcayre avatar Aug 29 '23 17:08 fcayre