As previously reported, Defender believes that the LED control program is infected

[hsehestedt]

Just received my S1 today. Sure enough, as another user posted here, Windows Defender quarantines the LED control program as having a trojan and flags the threat as severe.

To resolve, you can set an exception for the file C:\Windows\OEM\CYX_TftTool\LEDControl.exe. If Defender has already quarantined the executable and the link on the desktop, just go into the protection history and choose the action to restore the file. My suggestion would be to set an exception right away before you even run the program.

NOTE: I am almost certain that this is a false positive, because the program was not flagged by Defender until after I allowed Windows to install the latest updates. I had already run the LED control software and it was not flagged initially. So, there is likely a new definition file that has a problem with this program.

However, it would still be nice if we could get an official assurance that this is indeed a false positive.

[Gabe]

That's interesting.

I use Windows Defender on my S1, and it doesn't flag the program. Windows 11 is fully up to date, with all of the latest updates offered through Windows Update.

[hsehestedt]

Defender can be awkward at times. They release new virus definition updates multiple times every day so it may have been just one or a few definition updates that flagged it.

Maybe in the morning I'll remove the exception and see what happens.

I have a couple of my own programs that I have written that also get flagged as containing trojans by Defender, but it's a similar sort of thing. Sometimes my program gets flagged, sometimes it doesn't. But once I put an exception in place, that resolved the problem. I'm comfortable doing that with my own program because I know for a fact that it is clean, but whenever that happens on a third-party program it always makes me twitch a bit

[barry777]

LEDControl.exe on S1 may have been misjudged by Windows Defender. It is currently being verified and the latest results will be shared with you as soon as possible.

[Groch]

My just received S1 1TB has this same issue. There were initially boot errors which somehow fixed itself. After the Windows Defender Update it quarantined the LED program.

The Windows Defender Message:
Severe
Detected: Trojan:Win32/Wacatac.B!ml
Status: Quarantined
Quarantined files are in a restricted area where they can't harm your device. they will be removed automatically.
Date: 10/27/2023 6:59PM
Details: This program is dangerous and executes commands from the attacker.
Affected items:
file: C:\Users\Public\Desktop\LedControl.lnk
file: C:\Windows\oem\CYX_TftTool\LedControl.exe

I will leave it in quarantine until Acemagic has confirmed there is not an issue.

[Guest]

AVAST Antivirus hat die LED...exe auch als Trojaner markiert...

[Guest]

This is concerning.

https://www.virustotal.com/gui/file/3e2 ... 35fc48089a

[Groch]

This is concerning.

https://www.virustotal.com/gui/file/3e2 ... 35fc48089a

Yes, it certainly is.

AceMagic does not generally update software unless it is crucial, but in this case S1 LED Control is disabled by Windows for most Users: and they see scary messages about an AceMagic installed app.

Not good functionally, not good for AceMagic's reputation even if it is a false positive. Hopefully a new easily installed version will be forthcoming.

[barry777]

The lighting control program has been updated;
It is recommended to completely delete the original lighting control program before running the new lighting control program;

Download link:

We are currently testing and verifying the latest easy-to-install control program. If there is any latest news, we will share it with you in time.