Shop OBEX P1 Docs P2 Docs Learn Events
PNut v34M - Virus detected by Windows Defender — Parallax Forums

PNut v34M - Virus detected by Windows Defender

wmosscropwmosscrop Posts: 409
in Propeller 2
See attached. Executable will not run.

Annotation 2020-03-11 154555.png
349 x 474 - 18K

Comments

  • iseriesiseries Posts: 1,506
    Windows defender looks for byte code patterns in executables that have been identified as viruses. It looks like to me that the P2 instruction set builds a pattern that looks like a virus to windows defender.

    Mike
  • wmosscropwmosscrop Posts: 409
    This isn't in the the generated P2 binary; it's in the PNut executable itself.
  • Roy ElthamRoy Eltham Posts: 3,000
    This happens because the exe is not signed and makes calls to system APIs.

    There isn't a virus in the exe.
  • PublisonPublison Posts: 12,366
    Happened to me numerous times:
    http://forums.parallax.com/discussion/comment/1490149#Comment_1490149
  • iseriesiseries Posts: 1,506
    I think you misunderstand. In order to produce P2 code you have to put the Hex values for the instructions in the program. The order that these byte codes are laid out in the program links up with a virus byte code. Re-arranging the table could fix this.

    This program has been out there for a long time now and all of a sudden it's a virus. I don't think it's code that is running but just some byte code ordering in a table that was added.

    Remember a virus is not the program but the payload of an infected program.

    Mike
Sign In or Register to comment.