Giters

USBToolBox / tool

the USBToolBox tool

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

BitDefender identifies WINDOWS.EXE as Malware

kmbishop opened this issue · comments

commented

Please make sure you are testing with the latest version of USBToolBox, available from https://github.com/USBToolBox/tool/releases. - I used Ver 0.2 downloaded 9/19/23 at ~1600 Eastern

Describe the bug

BitDefender Anti-Virus identifies Windows.Exe** as Malware & blocks extraction and execution.**

If you try to use Windows 11 extract all function on the Winodws.zip (even when run as administrator) it fails when trying to access or create subfolders and keeps asking for permission to extract, over and over until you hit cancel.
Once you do, you'll see that everything except Windows.exe was properly extracted to a subfolder called dist

If you download Windows.exe directly, Windows 11 gives you a warning saying "This type of file isn't commonly downloaded. Make sure you trust windows.exe before you open it." and it renames the file to something ("Unconfirmed 705379.crdownload") which cannot be directly run to protect you.

If you trust it and go ahead and rename it (Windows.Exe) and run as administrator; BitDefender shuts it down as a Malware attack.

I've attached the screen shots below to illustrate

BitDefender Windows

Windows Download Warning

Windows Download File Rename

To Reproduce
Steps to reproduce the behavior:

  1. Go to https://github.com/USBToolBox/tool/releases/tag/0.2
  2. Click on Windows.zip or Windows.exe
  3. Extract or execute
  4. See error

Hardware:

  • Motherboard ASUS Prime z490-P, i9-10850k
  • OS: Windows 11 Pro 22H2
  • BitDefender Internet Security Build 27.0.18.96

Additional context
Tried every way I could think of to get around this, but both Windows 11 (identified as suspicious & renames to prevent trouble) and BitDefender (ID's its execution as a Malware attack) have a problem with this file

commented

Update, disabling BitDefender does not resolve the issue. Turning it "OFF" in the advanced settings panel for the Anti Virus just delays its intervention and allows the Windows.Exe to start but immediately kills it (before you can type in "D" to discover the ports) as BitDefender still acts to prevent a perceived Malware attack (even if its switched off) and quarantines the Windows.Exe executable and the other executables it calls (7 in all per the BitDefender warning messages...). Apparently running it with BD turned off and in a command line window as administrator doesn't help.

It appears you cannot run this program unless you're willing to completely uninstall BitDefender.