-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Binary detected as Trojan:Win32/Skeeyah.A!MTB by Windows Defender #28
Comments
most likely someone has packaged our binary into their malware causing the false positive |
Be careful not to let Windows Defender remove BusDog. It screwed up the registry of my computer when I selected remove in such a way that none of the usb devices worked anymore. I had to use remote desktop to log in and roll back the registry to get my system working again. |
This has not been patched yet, still messing up the windows registry if Windows Defender remove the driver itself. Luckily my computer was a laptop and was able to still use the laptop keyboard (as other USB devices stopped working along with the laptop touchpad???) to remove the driver software manually (add/remove programs -> busdog driver). |
Windows Defender has detected the busdog_x64.exe as malware in two different ways.
On my work computer it detects it as Trojan:Win32/Skeeyah.A!mtb . It did this yesterday.
On VirusTotal it detects it as PUA:Win32/Creprote :
https://www.virustotal.com/gui/file/915dd057ccb67cf6e4197b93348c3832e1c8cc49a1371790b52c2fbd7720f170/detection
My guess is that the VirusTotal detection will change once it gets new virus signatures?
Obviously this frightens me, but if it is just an artifact of your build process then my guess is other people will notice as well. Windows Defender is a pretty common antivirus given that it is built into Windows 10.
The text was updated successfully, but these errors were encountered: