djpnewton
commented
3 years ago most likely someone has packaged our binary into their malware causing the false positive
Open pnijjar opened 3 years ago
djpnewton
commented
3 years ago most likely someone has packaged our binary into their malware causing the false positive
FransOv
commented
3 years ago Be careful not to let Windows Defender remove BusDog. It screwed up the registry of my computer when I selected remove in such a way that none of the usb devices worked anymore. I had to use remote desktop to log in and roll back the registry to get my system working again.
CorvoApp
commented
1 year ago This has not been patched yet, still messing up the windows registry if Windows Defender remove the driver itself. Luckily my computer was a laptop and was able to still use the laptop keyboard (as other USB devices stopped working along with the laptop touchpad???) to remove the driver software manually (add/remove programs -> busdog driver). Also another very annoying side effect: laptop fans started spinning at max speed, tried rebooting but did not solve it, only a power off did solve the issue. Probably rebooting still keeps some drivers software running.
kustusch
commented
1 year ago Same here, Windows Defender detects "PUA:Win32/Creprote"
Windows Defender has detected the busdog_x64.exe as malware in two different ways.
On my work computer it detects it as Trojan:Win32/Skeeyah.A!mtb . It did this yesterday.
On VirusTotal it detects it as PUA:Win32/Creprote : https://www.virustotal.com/gui/file/915dd057ccb67cf6e4197b93348c3832e1c8cc49a1371790b52c2fbd7720f170/detection
My guess is that the VirusTotal detection will change once it gets new virus signatures?
Obviously this frightens me, but if it is just an artifact of your build process then my guess is other people will notice as well. Windows Defender is a pretty common antivirus given that it is built into Windows 10.