It’s the top result if you searched in GitHub about removing Microsoft edge, while it’s not detected by Windows Security, Eset or Kaspersky (the best av vendors) it’s being detected by other av engines, is it a false positive?
It’s the top result if you searched in GitHub about removing Microsoft edge, while it’s not detected by Windows Security, Eset or Kaspersky (the best av vendors) it’s being detected by other av engines, is it a false positive?
From a quick glance, there’s a “setup.exe” file in the source directory, which seems very sketchy. Sources should generally contain source code, not precompiled executables. I certainly wouldn’t chance it.
Edit: According to VirusTotal, it attempts to connect to
sb.scorecardresearch.com, a tracking service. It also apparently creates a scheduled task. Definitely do not use this software.Holy shit lmao
Should this be reported to github?
Yes, definitely. I think they’re usually pretty good about removing malicious repos.
Check out the VirusTotal results for
Remove-EdgeOnly.exeThat’s so much worse lmao. I assume that’s the main payload, and
setup.exeonly downloads it or something.