Detected as ~10 viruses by Microsoft Defender
Opened this issue · 2 comments
After installing, I got some Windows Defender warnings, is this normal?
Unfortunately this is normal and happens :-( Programs created in Peter contain a loader, which is an interpreter of the program code. This is non-standard behavior of EXE programs and some antiviruses mark such behavior as suspicious. As a consequence, it increases the skore danger of the program in tables on the Internet. Antivirus programs take over tables from the Internet and this increases their suspicion of maliciousness. The programs in Peter have been spreading on the Internet for a long time and some may already have a high score, so antiviruses mark them as dangerous without actually checking their behaviour.
Unfortunately, I cannot guarantee that a program is actually safe, as similar warnings have been appearing (and disappearing) from time to time for many years. To be sure, I recommend the following procedure: if the antivirus does not consider Peter Gemtree itself to be dangerous, but only some sample programs, turn off Windows Defender for a while (so that it will allow you to unpack the sample programs and not delete them), open the program in Peter, and save it again. Opening the program in the editor is safe, the program will not run, it will just be saved in a slightly modified form. If it happened to contain a virus, this would remove the virus. Defender can then be switched on again. The antivirus should no longer warn about the danger on the saved program - because the code is changed and the CRC does not match the skore tables that the antivirus uses.
Okay :), I was scared because every second Windows Defender was spamming notifications about malware randomly.