Why Antivirus Flags FlashPass AIO
FlashPass AIO is currently distributed unsigned. Windows SmartScreen and some antivirus engines flag unsigned automation software by default, regardless of actual safety.
Why this happens
- FlashPass AIO automates fast repeated actions (form fills, checkout flows) — a pattern heuristic AV engines associate with bots/credential stuffers.
- The binary is not code-signed (no Authenticode certificate yet), so Windows has no publisher reputation to trust.
What FlashPass AIO does NOT do
- Does not access browser credentials, saved passwords, or unrelated personal files.
- Does not run as a background service after you close it.
- Does not communicate with any server other than FlashPass's own API/update endpoints.
How to verify it's safe yourself
- Scan the installer/exe on VirusTotal before running.
- Check the SHA256 hash of your download against the hash published on the official release page.
How to exclude it from scanning
See Device & Server Setting for exact steps to add FlashPassAIO.exe as a Windows Defender exclusion.
Roadmap
We are evaluating code-signing options (EV certificate) to remove the need for manual exclusion in a future release.